The value of Cyber Defense Exercises 1. Purpose and objectives The aim is to improve information assurance in critical infrastructure by :  Better understanding.

Slides:

Advertisements

Similar presentations

Yvan Rooseleer – BiASC – MAY 2013

Advertisements

M&S Support for Cyber Defence

Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 

Graduate Programs in Computer Science Design of cyber security awareness game utilizing a social media framework WA Labuschagne.

Annual SERC Research Review - Student Presentation, October 5-6, Extending Model Based System Engineering to Utilize 3D Virtual Environments Peter.

Management Information Systems

Unit 5:Elements of A Viable COOP Capability (cont.)  Define and explain the terms tests, training, and exercises (TT&E)  Explain the importance of a.

Marketing Plan. Industry Analysis Industry Analysis Industry Analysis National/local trends National/local trends Competitor Analysis Competitor Analysis.

Parallel and Distributed Simulation Introduction and Motivation.

Responding to the Unexpected Yigal Arens Paul Rosenbloom Information Sciences Institute University of Southern California.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

Cyber security implementation within an organization Ltn Andri Rebane Estonian MoD CIO.

What does it take to get a coffee round here? A barista skills training simulation Liz Hilton Learning Technologist Charnwood training group/University.

November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:

Role and Objectives of the Cybersecurity Bureau კიბერუსაფრთხოების ბიურო Cyber Security Bureau Speaker: Mari Malvenishvili GITI 2015.

Aviation Security Training Module 3 Conducting an Exercise 1.

Preparing decision makers for emergency situations Patricia Wieland Head of WNU IAEA EPR Conference October 2015.

Social Media for Health Organizations Workshop

CHW Montana CHW Fundamentals

SoCal Cybersecurity Community College Consortium

Projects, Events and Training

Information Systems Sarika Agarwal.

Crisis management related research at

Joint cyber exercises Charlie van Genuchten SIG-ISM meeting, Dublin

A Call for Action for Community Development

Center of Excellence in Cyber Security

Off-the-Job Training Methods

Attention CFOs How to tighten your belt and still survive May 18, 2017.

Cyber-crisis exercises

An assessment framework for Intrusion Prevention System (IPS)

Lessons learned in supporting Wildlife Enforcement Networks

Excellence in Business Communication, 7e

Chapter 10 Understanding Work Teams

Understanding the Threats of and Defenses Against Cyber Warfare

Software Name (Function Type)

1:1 Computing in Model Schools Brunei “21st Century Pedagogies”

ARRL Field Organization for Emergency Communications

Coordinating & Scheduling

Creating a Social Media Policy

The National Initiative for Cybersecurity Education (NICE) AFCEA International Cyber Education, Research, and Training Symposium January 17, 2018 Bill.

Training the Future Cyber Security Specialist: A Novel Approach

Mobile edge computing Report by Weiqing huang.

YOSELP 13th and 14th November 2012

TOP 10 INNOVATIVE PEDAGOGIES

Project–Based Learning

Chapter 6 Discuss the types of strategic research

Joint Warfare Training Center (JWTC)

Smart Learning concepts to enhance SMART Universities in Africa

Dynamic Cyber Training with Moodle

Introduction to the PRISM Framework

LESSON LEARNT YOUTH FOR SCHOOL SAFETY Thailand, Sept

Prisoner’s Dilemma (aka Reds & Blues)

Strategy Guide Strategy guide what is it trying to say Coaches role

Objectives 1. An understanding of the importance of management to society and individuals 2. An understanding of the role of management 3. An ability to.

GENI Global Environment for Network Innovation

Matteo Merialdo RHEA Group Innovative aspects in cyber range solutions.

Frankfurt am Main University of Applied Sciences Nibelungenplatz 1 D Frankfurt am Main Mevius Ralf-Oliver.

Internet of Things (IoT) for Industrial Development and Automation

The CYBERWISER.eu project

Objectives 1. An understanding of the importance of management to society and individuals 2. An understanding of the role of management 3. An ability to.

Chapter 8 Further Concerns in Developing ICT in Language Learning

What do we want to learn…. ….and how do we do it?

Phil Emonson | Flood Resilience Lead

© 2016 Global Market Insights, Inc. USA. All Rights Reserved Enterprise Networking Market Size to Exceed $90 bn by 2025 Growing at CAGR.

OU BATTLECARD: Oracle Systems Learning Subscription

Cloud Computing for Wireless Networks

OU BATTLECARD: WebLogic Server 12c

Presentation transcript:

The value of Cyber Defense Exercises 1

Purpose and objectives The aim is to improve information assurance in critical infrastructure by :  Better understanding between technology and policy  Insight about exercise methodology  Take advantage of acquired knowledge  Basis for improving its own operations 2

Cyber Defense Exercises A way of building Trust

Security is all about Trust Trust between people is fundamental for any cooperation National or International And an efficient way of building trust is to participate in exercises

Organization and colored teams ▪Red Team (RT) Plays the adversary ▪Blue Teams (BT) Defenders of an ICT deployment (BT systems) ▪White Team (WT) Exercise control, injects, user simulation, scoring ▪Green Team (GT) Master of the infrastructure and BT systems ▪Yellow Team (YT) Situational Awareness, Info sharing channels

Exercise Characteristics WT RT Scenario GT BT Diversity

Table-top exercise WT RT Scenario GT BT Diversity BT playing different roles Driven by the scenario Roleplay by WT RT almost non existing GT, communication

Pure Technical CDX WT RT Scenario GT BT Diversity BT playing the same role RT provides fair pressure GT provides challenging environment Not depending on scenario WT more to supervise

9

Concept Technical Blue/Red Team 1 Red Team VS 20 Blue Teams 3.5 days, day=8 hours for training audience Day0 for preparations Day1 & Day2 for the action Day3 for hotwash up Game: teams in fictional roles, lab networks Almost unknown environment Friendly competition Defence is the focus of training 10

Real life simulation 11

Locked Shields characteristics WT RT Scenario GT BT Diversity BT still playing the same role The scenario drives RT objectives The scenario is also a base for injects (scenario, media, legal, forensic) Same injects goes to all

CRATE - Cyber Range And Training Environment The Swedish Defence Research Agency (FOI) develops and maintains a Cyber Range And Training Environment (CRATE). CRATE makes it possible to smoothly deploy and configure a large number (thousands) of virtual machines in a controlled environment. CRATE is also equipped with host based traffic generators emulating user behaviour and tools for logging and monitoring the environment. This lab resource is used to create computer networks for use during experiments, competitions and exercises in cyber security.

The Handbook ▪Handbook for planning, running and evaluating information technology and cyber security exercises ▪Based on Swedish Civil Contingencies Agency (MSB) exercise handbook ▪Focusing on IT and Cyber Defense exercises (CDX) ▪ISBN ▪ (pdf)

Some reflections ▪Working under pressure together with other people to solve some problem in a safe environment enhance the trust-building process. ▪Trust is fundamental for successful cooperation between parties ▪Running CDX is challenging, start with simple technical or table-top exercises ▪To build trust, a pure technical exercise with mixed teams and high pressure from RT is good enough ▪Don't underestimate the effort needed