Exercises are currently beyond the reach of many organisations in Australia and globally - they required significant resources and expertise to design and deliver a meaningful exercise. This burden is reflected in the exercise guidance developed by the National Institute of Standards and technology where they state that exercises requires months of design, planning, and other activities to conduct one exercise. From our experience conducting manual exercises with many organisations, this is an accurate statement. To solve this problem, we are developing a cyber security exercise platform that significantly removes the burden in designing, conducting, and evaluating exercises. By removing these burdens, organisations can conduct exercises more frequently and incrementally build their readiness against a variety of incident types such as ransomware and data breaches.