Effective Cyber Training and How Cyber Ranges can Help to Enhance your Business Cybersecurity
26 May 22
ISR, Intelligence and Cyber OBU
BY Chris Frow
26 May 22
ISR, Intelligence and Cyber OBU
BY Chris Frow
Most companies now provide some level of cyber training
The majority of workers in today’s world rely on IT and cyberspace to achieve some, if not all, of their daily tasks.
As a result, most companies now provide some sort of basic cyber hygiene and awareness courses, delivered either in-house or brought in via a third party. But is what employees are being taught applicable to their place of work? Is it actually helpful to know that the new UK General Data Protection Regulation (UK GDPR) came into effect 1st January 2021? And does information like this really prepare workers to carry out the correct immediate actions, know how to report incidents and reduce the impact of a cyber-attack?
It is important that cyber training provides employees with adequate and relevant skills - just like the courses delivered through our Training Academy. Employees and teams need to be able to develop robust organisational tactics, techniques, and procedures to enable the company to continue to function when the worst happens.
Teams within a company therefore need to understand their cyber security responsibilities and individuals need to understand their roles. The five key cyber security functions to consider are: IDENTIFY-PROTECT-DETECT-REPOND-RECOVER.
IDENTIFY. Ensure you know your areas of vulnerability by undertaking correct asset management. If you are not sure what and where your assets are, how are you going to assess the impact and cost of the cyber incident?
PROTECT. Install appropriate safeguards to ensure continued delivery of critical infrastructure services. Ensure your identity management and access control data are consistent with the company’s risk strategy to protect the confidentiality, integrity, and availability of information.
DETECT. Confirm anomalies and recognise threat actors operating or active malware within your networks. You need to ensure your cyber tooling is adequate, with experts who know how to spot anomalies and are aware of the relevant subsequent actions to take.
RESPOND. Immediate actions for your technical and non-technical staff when you believe you are suffering a cybersecurity incident. When you are in a cybersecurity incident, you need to assure your company’s tactics, techniques and procedures are robust enough to continue operating.
RECOVER. Correct activities to restore any capabilities or services that were impaired due to a cyber-attack. You need to be confident that you are able to return to full operations as quickly as possible, thus reducing the impact of the incident and impacting your company’s bottom line.
You need to know how your individuals and teams will work through each stage and effectively “fight” through the attack. If you are not aware of each department’s role or how your third-party support can be integrated, then you will waste time, resulting in a greater impact to the company.
To help organisations identify the most appropriate actions to carry out during a cyber incident, Inzpire uses our many combined years of military cyber experience to deliver training which enhances organisational cyber safety.
Our experts will help you analyse your current cyber security position, identify your strengths and weaknesses and then help you develop solutions and practice how you would respond to cyber security incidents.
Our immersive cyber training solutions provide organisations with assurance that its employees are capable of responding correctly under pressure, and that its teams work together effectively to thwart and recover from hostile cyber incidents.
We offer a multitude of different cyber exercises, ranging from table-top exercises (facilitator-led, discussion-based sessions where team members meet to discuss their roles during an emergency and their responses to a particular emergency situation) to complex multi-layered immersive exercises (complex sets of events, bringing together teams and individual members working on virtual or real systems to confirm what they are saying is correct). Events last from a couple of hours for a table-top exercise up to several days for the most extensive immersive exercises.
Table-top exercises provide assurance that organisations have the correct cyber policies and procedures in place, and that their robustness has been tested. Our table-top exercises are designed to bring together key people from across your organisation; from those in positions of accountability (the people who own the organisation’s procedures and policies and who are responsible for undertaking strategic decisions) to those who are responsible for undertaking the tasks to DETECT-RESPOND-RECOVER.
Using a detailed and realistic scenario, we walk these key personnel through their own policies and procedures to check if they are fit for purpose and provide recommendations to help de-risk the impact of a successful cyber-attack.
The more complex exercise can then combine these policies and procedures with simulated environments that test the effectiveness of the actions you would take during a cyber incident. The question is, how do you bring together the people, process and technology in a seamless environment to train, test, and exercise to assure your abilities in defending against a cyber-attack?
The answer is: with the use of a cyber range, which provides organisations with a safe opportunity to practice the IDENTIFY-PROTECT-DETECT-REPOND-RECOVER.
When you think of cybersecurity, do you think of an individual sat alone in a darkened room?
I imagine when thinking of cyber exercises, most people picture individuals sat on their own in darkened rooms, typing lines and lines of code on to a computer.
There are lots of products and services that provide gamified virtual environments for people to train and practice their technical skills within, in order to operate in cyberspace. These are fantastic and are vital in developing people and bridging the skills gap required to help keep the UK safe.
However, a cyber range is more than just a virtual game environment used to train and test individual skills. It is a virtual and physical environment which provides your company with a safe, secure, and legal environment in which you are able to develop your people, processes and technologies to ensure they are able to operate in cyberspace.
Cyberspace is a complex and dynamic environment, and a cyber range must represent this. Ideally a cyber range would incorporate the six interdependent layers of cyberspace: social, people, persona, information, network and real-world entities.
You might not realise it, but you are surrounded by cyberspace from your home network where your WiFi is linked to your laptop and smart technology (printers, TVs, speakers); to IT systems at work with several departments all linked together electronically. Cyber ranges vary in complexity from simulating these everyday examples right through to military operational command and information systems and industrial control systems within critical national infrastructure.
A cyber range has a wide range of applications:
Inzpire's cyber security training can help your company and employees become more robust cyber practitioners
The diverse application of cyber ranges means that there are multiple factors that need to be taken into consideration when developing them. Cyber ranges may include a blend of real, emulated, virtualised, or simulated hardware and software to represent the aforementioned six layers. Cyber Ranges are isolated from other networks so that they provide a safe, secure and legal environment for people to collaborate within. This provides an opportunity for people to gain hands-on cyber skills, at the same time as the company assures their policies and procedures.
Our methods can help your company to correctly prepare for what is needed in the case of a hostile cyber event. Through our skills in designing and delivering exercises, enriched with the use of our industry partners’ cyber ranges, we can support your company’s requirements to evaluate cyber resilience, test new procedures, and expand your personnel’s abilities. We do this by exercising your teams in a safe environment before improvements are introduced into the live organisational environment. Plus our tailored feedback, provided during the exercise process, adds value to your company and helps improve overall cyber security posture.
Ultimately, all of this helps assure the people, processes and technical aspects in mitigating your cyber security risk – get in touch to out more about how we can help you.
Chris Frow joined Inzpire in 2021 as a cyber exercise subject matter expert after spending two decades serving in the Royal Air Force in a number of cyber roles. During his time in the military, Chris delivered multiple exercises, training events and cyber briefs to UK and foreign military and civilian audiences.
19.04.24
New Joiners
It’s our pleasure to welcome Howard Leach (Leachy) who joins us as a tactical air command and control subject matter expert
Our team are here to help. If you have any questions, no matter how big or small, please get in touch.