Cybersecurity Training, Military Style

USAF cyberwarriors of the 328th weapons squadron, Nellis, Nevada.

Cybersecurity-training programs modeled on military tactics are making their way to the private sector.

Similar to how the armed forces stage war games to test the readiness of their troops for battle, these “hands on” training programs put companies through simulated breaches designed to test the effectiveness of the security tools, policies and teams they’ve put in place to defend themselves.

Insufficient planning and preparedness is the most significant barrier to achieving a high level of cyber-resilience within an organisation, 65% of IT professionals said in a recent survey released by the Ponemon Institute, a Michigan-based security-policy research center.

And as highly publicized hacks on organisations such as Sony Corp., J.P. Morgan Chase & Co. and the Internal Revenue Service have shown, even large, well-funded organisations can easily fall victim to cybercriminals, whose attacks are growing more sophisticated as the security industry struggles to keep up.

Identifying Gaps

Lance Hayden, a former Cisco Systems Inc. security manager and now Berkeley Research Group LLC managing director, says practicing cybersecurity skills in a safe, controlled environment before a breach ever happens is a smart thing to do. “You can only go so far with book knowledge before you need to try these things in a lab environment,” he says.

Among the cybersecurity firms championing military-style preparedness training is iSight Partners, which was acquired by FireEye Inc. earlier this year. The company’s ThreatSpace training program, run by retired Adm. Patrick Walsh, uses data collected by iSight’s intelligence agents around the world to create simulations that mirror the latest emerging security threats. ThreatSpace then puts a company’s IT security team through a multiday exercise to practice how it would respond to the various threat scenarios if they were actually happening.

Done on a company’s home turf, the ThreatSpace training is designed to help organizations identify vulnerabilities not only in their networks, but in their employee training and corporate security policies, as well, says Adm. Walsh, who spent more than 30 years in the Navy. “We want to energize and pressurize a team to evaluate their readiness,” he says, adding that the cybersecurity industry needs to learn what the Navy learned long ago—that having a training environment that mimics the fighting environment is the best way to improve preparedness.

Think like a Hacker

Whereas iSight’s product is focused on identifying gaps and weaknesses in a company’s defenses, other training programs want to help companies come at the issue from the mind-set of a hacker.

The SANS Institute, a nonprofit computer-security training organization, says companies are expressing increased interest in its Netwar training program in the wake of the many corporate breaches reported in 2014 and 2015.

Netwar was inspired by DEF CON, one of the world’s largest hacking conventions, held annually in Las Vegas. The conference holds a tournament every year where some of the world’s best hackers attempt to attack each other.

Tim Medin, a SANS Institute instructor and self-proclaimed hacker, says Netwar training involves two teams competing in a virtual version of the playground game King of the Hill. Each team has what Netwar calls a castle, and they have to defend their own castle while trying to attack the opposing team’s.

Although they are engaged in a game, the cybersecurity professionals are using the same equipment a security team would actually use in a typical company, including Web servers and Linux software. Mr. Medin says SANS updates the game every year to include recently identified threats, and the training can be done on-site at a company or at an off-site location.

The purpose of Netwar, he says, is to help security and IT professionals think creatively and engage in hacking behavior they typically wouldn’t be able to experiment with at work. “You can sit someone in front of a book or a class, and it’s good to learn but it loses some of the excitement,” Mr. Medin says.

Inspiring employees

Though their training programs come at the issue of cybersecurity preparedness from two different angles, both Adm. Walsh and Mr. Medin say the hands-on experiences inspire employees to stay later and learn more. Mr. Medin says it isn’t uncommon to see employees strategizing until 3 a.m.

Adm. Walsh says it is important that companies see how well their security systems and teams perform in the heat of the moment, before a real breach happens. It helps them understand their “level of readiness in a way they’re not going to see unless there’s an actual breach,” he says. “It is one of those triple plays where you feel like you’re really helping people get ahead.”

WSJ: http://on.wsj.com/1RYQTdg

« North Korea Denies Cyber Attacks On South Korea
Big Data: The 4 Layers Everyone Must Know »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

Schneider Electric

Schneider Electric

Schneider Electric develops connected technologies and solutions to manage energy and process in ways that are safe, reliable and sustainable.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

LUCY Security

LUCY Security

LUCY is the answer when you want to increase your IT security, maintain your cyber security awareness, or test your IT defenses.

Portshift

Portshift

Portshift leverages the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications security.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

Advantex Network Solutions

Advantex Network Solutions

Advantex Network Solutions are a leading provider in Mitel, IT Solutions, Networking, and iP surveillance.

IriusRisk

IriusRisk

IriusRisk is an open Threat Modeling platform that automates and supports creating threat models at design time.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

Bitdefender

Bitdefender

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide.

Communications Fraud Control Association (CFCA)

Communications Fraud Control Association (CFCA)

CFCA is the premier International Association for fraud risk management, fraud prevention and profitability control.

Price Forbes

Price Forbes

Building on more than 100 years of specialist insurance broking, Price Forbes partner with clients around the world who are looking to understand and balance today’s risk and plan for the future.

Merkle Science

Merkle Science

Merkle Science provides next generation risk mitigation, compliance and forensics for crypto-native businesses, DeFi participants, financial institutions & government agencies.

AppSOC

AppSOC

AppSOC is a leader in Application Security Posture Management (ASPM) and Code-to-Cloud Vulnerability Management.