Cybersecurity Training, Military Style

USAF cyberwarriors of the 328th weapons squadron, Nellis, Nevada.

Cybersecurity-training programs modeled on military tactics are making their way to the private sector.

Similar to how the armed forces stage war games to test the readiness of their troops for battle, these “hands on” training programs put companies through simulated breaches designed to test the effectiveness of the security tools, policies and teams they’ve put in place to defend themselves.

Insufficient planning and preparedness is the most significant barrier to achieving a high level of cyber-resilience within an organisation, 65% of IT professionals said in a recent survey released by the Ponemon Institute, a Michigan-based security-policy research center.

And as highly publicized hacks on organisations such as Sony Corp., J.P. Morgan Chase & Co. and the Internal Revenue Service have shown, even large, well-funded organisations can easily fall victim to cybercriminals, whose attacks are growing more sophisticated as the security industry struggles to keep up.

Identifying Gaps

Lance Hayden, a former Cisco Systems Inc. security manager and now Berkeley Research Group LLC managing director, says practicing cybersecurity skills in a safe, controlled environment before a breach ever happens is a smart thing to do. “You can only go so far with book knowledge before you need to try these things in a lab environment,” he says.

Among the cybersecurity firms championing military-style preparedness training is iSight Partners, which was acquired by FireEye Inc. earlier this year. The company’s ThreatSpace training program, run by retired Adm. Patrick Walsh, uses data collected by iSight’s intelligence agents around the world to create simulations that mirror the latest emerging security threats. ThreatSpace then puts a company’s IT security team through a multiday exercise to practice how it would respond to the various threat scenarios if they were actually happening.

Done on a company’s home turf, the ThreatSpace training is designed to help organizations identify vulnerabilities not only in their networks, but in their employee training and corporate security policies, as well, says Adm. Walsh, who spent more than 30 years in the Navy. “We want to energize and pressurize a team to evaluate their readiness,” he says, adding that the cybersecurity industry needs to learn what the Navy learned long ago—that having a training environment that mimics the fighting environment is the best way to improve preparedness.

Think like a Hacker

Whereas iSight’s product is focused on identifying gaps and weaknesses in a company’s defenses, other training programs want to help companies come at the issue from the mind-set of a hacker.

The SANS Institute, a nonprofit computer-security training organization, says companies are expressing increased interest in its Netwar training program in the wake of the many corporate breaches reported in 2014 and 2015.

Netwar was inspired by DEF CON, one of the world’s largest hacking conventions, held annually in Las Vegas. The conference holds a tournament every year where some of the world’s best hackers attempt to attack each other.

Tim Medin, a SANS Institute instructor and self-proclaimed hacker, says Netwar training involves two teams competing in a virtual version of the playground game King of the Hill. Each team has what Netwar calls a castle, and they have to defend their own castle while trying to attack the opposing team’s.

Although they are engaged in a game, the cybersecurity professionals are using the same equipment a security team would actually use in a typical company, including Web servers and Linux software. Mr. Medin says SANS updates the game every year to include recently identified threats, and the training can be done on-site at a company or at an off-site location.

The purpose of Netwar, he says, is to help security and IT professionals think creatively and engage in hacking behavior they typically wouldn’t be able to experiment with at work. “You can sit someone in front of a book or a class, and it’s good to learn but it loses some of the excitement,” Mr. Medin says.

Inspiring employees

Though their training programs come at the issue of cybersecurity preparedness from two different angles, both Adm. Walsh and Mr. Medin say the hands-on experiences inspire employees to stay later and learn more. Mr. Medin says it isn’t uncommon to see employees strategizing until 3 a.m.

Adm. Walsh says it is important that companies see how well their security systems and teams perform in the heat of the moment, before a real breach happens. It helps them understand their “level of readiness in a way they’re not going to see unless there’s an actual breach,” he says. “It is one of those triple plays where you feel like you’re really helping people get ahead.”

WSJ: http://on.wsj.com/1RYQTdg

« North Korea Denies Cyber Attacks On South Korea
Big Data: The 4 Layers Everyone Must Know »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSR Privacy Solutions

CSR Privacy Solutions

CSR Privacy Solutions is a leading provider of privacy regulatory compliance programs for small and medium sized businesses.

Logscape

Logscape

Logscape provides a big data analytical tool for log file analysis and operational analytics.

CS Group

CS Group

CS Group offers a complete range of security solutions from consultancy to security maintenance and from secure infrastructure design to security governance.

WeSecureApp (WSA)

WeSecureApp (WSA)

WeSecureApp is specialized in providing Cyber Security Solutions to safeguard your applications and networks.

Dualog

Dualog

Dualog provides a maritime digital platform which ensures that services work reliably and securely onboard.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Center for Infrastructure Assurance and Security (CIAS)

Center for Infrastructure Assurance and Security (CIAS)

CIAS is developing the world's foremost center for multidisciplinary education and development of operational capabilities in the areas of infrastructure assurance and security.

World Informatix Cyber Security (WICS)

World Informatix Cyber Security (WICS)

World Informatix Cyber Security provides a range of cyber security services to protect valuable information assets to global business and governments.

Inpher

Inpher

Inpher has pioneered cryptographic Secret Computing® that enables advanced analytics and machine learning while keeping data private, secure, and distributed.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Zyber 365

Zyber 365

Zyber 365 are providing a robust, decentralized, and cyber-secured operating system which adheres to the fundamental principles of environmental sustainability.

Boltonshield

Boltonshield

Boltonshield provide a unique and proactive approach to cyber defence with managed security services, integrated technologies, and a team of security experts, ethical hackers and analysts.

Knostic

Knostic

Knostic is an early stage startup developing a risk management and governance platform designed for enterprise large language models (LLM).

BlazeGuard

BlazeGuard

At BlazeGuard, we understand that navigating the complex world of cybersecurity can be challenging. That’s why we make it our mission to simplify the process for you.