Aare Reintam, Chief Operating Officer and Co-Founder of CybExer Technologies, discusses how cyber ranges can enhance businesses’ security posture.
In its latest ‘Top Trends in Cybersecurity’ survey, Gartner identified the most common areas organsiations can expect to experience pressure from during 2024. One of these is the “challenge of managing security exposures in a constantly evolving threat environment.”
Meanwhile, Forrester’s predictions for the cyber landscape in 2024 included the forecast that nine out of 10 data breaches this year “will include a human element.” As such, Forrester anticipates that more security teams at enterprises “will shift their focus” to include more emphasis on security awareness and training internally.
One such method for enhancing internal awareness and delivering comprehensive cyber security training is the use of cyber ranges.
Just as police forces and military organisations train on a ‘range’ to prepare for conflict and attack scenarios, enterprises are increasingly turning to this sort of replicate environment to ensure cyber readiness.
What is a cyber range?
So, what is a cyber range? Well, think of it as a virtual, simulated environment used to train cybersecurity personnel and test an organisation or team’s capability to respond to cyber-attacks and critical incidents caused by cyber threats in real-time.
The technology includes a simulated network of infrastructure, systems, and tools, helping companies prepare themselves for cyber threats and attack scenarios by way of hands-on, practical training sessions that assess preparedness, defence knowledge and capabilities.
Historically, exercises using cyber ranges have been commonplace among the defence and military. However, they are now becoming more widespread amongst enterprises as companies are forced to evolve and change their training habits to ensure they are best placed to protect themselves and their assets against the ever-evolving cyber threat landscape.
What types of exercises can organisations conduct on a cyber range?
There are a range of exercises that the use of this technology can facilitate, but the most commonly used are:
- Capture-The-Flag exercises: Here, companies can give a number of challenges to staff participating, with the ultimate goal of identifying and exploiting vulnerabilities in their existing IT systems to ‘capture a flag.’ In this context, flag is generally used as a term to refer to a specific piece of data or code hidden within the network. The ultimate goal of this type of training exercise is to help employees develop and hone their cyber skills in a controlled environment
- Threat Hunting exercises: With threat hunting exercises, a team will work together within a simulated environment to identify and stop a myriad of cyber threats before they are able to penetrate and harm internal systems and networks. The key here is to look for signs that hackers have attempted to infiltrate, and participants have to use a variety of tools and techniques to do this, including endpoint detection, for example
- Red vs Blue team exercises: Also known as ‘Live Fire’ exercises, this is where teams come together to analyse and practice their cyber skills in defending networks and systems against real-world cyber-attacks. The main objective here is to enhance team spirit and create an environment in which teams work together to practice responses to a cyber crisis based on a pre-defined scenario
What benefits do cyber ranges bring?
The benefits of embracing these types of technologies and exercises to enhance security posture within an organisation extend beyond just the most obvious and critical of increasing the chances of mitigating or preventing cyber-attacks, however.
One of the other key benefits of these exercises is the overview they give businesses from a hiring perspective. All contributions can be analysed post-event, providing those in charge with the capability to identify any gaps in skills amongst the existing team and where additional expertise may be required.
Furthermore, given the increasing demand for skilled cyber professionals, these training exercises also provide a beneficial way from a recruitment standpoint for companies to test the skills of employees beyond what is recorded on a CV.
Additionally, cyber range exercises can help optimise an enterprise’s technology stack and enable business leaders to assess the capabilities of new technology in real-world scenarios and make future purchasing decisions based on that intelligence.
Moving forward
This type of preparedness will become even more important in 2024 and beyond as enterprises face up to the new threats posed by the likes of GenerativeAI and other emerging technologies. While there is much debate about the role of predictive AI within business and society, there is also much concern about the capability of hackers and state actors to deploy highly advanced AI algorithms for orchestrating mass-scale cyber-attacks.
Such attacks required much reduced dependence on human resources, propelling cyber threats into a new realm where legacy defence mechanisms are no longer adequate. In this sphere, cyber exercise will lend a vital helping hand in ensuring businesses are best prepared to respond.