SlideShare a Scribd company logo

Cyber Ranges: The (R)evolution in Cybersecurity Training

Minsait
Minsait

Some thoughts based on our practical experience, gained after years of R&D on the topic and hundreds of hours of training in our Cyber Range.

Technology
1 of 30
Download to read offline
Dr. Jorge López Hernández-Ardieta Head of Cybersecurity Solutions & Digital Specialist Cyber Ranges: The (R)evolution in Cybersecurity Training Barcelona, 6 December 2016 Cybersecurity Unit
2 Contents
3 Contents
4 Technology evolution 01. CURRENT SITUATION Big Data/ Analytics Smart X BYOX/ Mobility Unmanned systems Systems-of- systems Social networksIoT/ Wearables Blockchain SDN/NFV Cloud/ Virtualisation (SaaS/PaaS/IaaS
5 Technology evolution 01. CURRENT SITUATION Big Data/ Analytics Smart X BYOX/ Mobility Unmanned systems Systems-of- systems Social networksIoT/ Wearables Blockchain SDN/NFV Cloud/ Virtualisation (SaaS/PaaS/IaaS Interdependence & Interconnection
6 Cyber threats evolution 01. CURRENT SITUATION ATM/Bank attacks First attacks to phone network Morris worms Massive attacks to EEUU phone system 1900 1980 1990 20001970 Kevin Mitnick 2010 20121930 Enigma is hacked Datastream hacks DoD, NASA, USAF Tenenbaum Hacks Pentagon Anti- sec Conficker Estonia DDoS Anonymous Stuxnet APT – Ghostnet, Night Dragon, Titan Rain, Shady Rat, Aurora Worms CodeRed, Nimda, Kornoukova, Sadmind, slapper, Iloveyou, Mellissa, Blaster, etc 2014 APT – Careto DragonFly Ransomware (mobile) DDoS/IoT 2016
7 The need for qualified professionals 01. CURRENT SITUATION Constant evolution of technology and cyber threats require constant efforts in professional education and training Decision-makers should also be educated on risks and security matters at strategic level Qualified professionals are paramount for organisations to deploy and implement effective cybersecurity practices secure SW/systems engineers, network security engineers, incident responders, malware & forensic analysts, security consultants, etc.
8  Current efforts and initiatives do not suffice  Knowledge entry barriers slow down training process and increase costs  Requires hands-on training: significant trainer resources (high costs) Our aim is to identify some desirable properties that technology should have in order to provide effective massive-scale cybersecurity training, detect which ones present technical challenges, and suggest novel approaches to achieve them  Recent explosion in the demand (91% increase in US 2010-20141)  Expectations are ‘worse’: 6M until 20192  Offer-demand imbalance: Lack of highly skilled and trained cybersecurity professionals Problems 01. CURRENT SITUATION 2 Estimations by Symantec and CISCO reports (2014). 1 Job Market Intelligence: Cybersecurity Jobs, Burning Glass Technologies (2015)
9 Contents
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 10 USABILITY Easy access regardless when and where (remotely) students access from. Easy-to-use HMI and functionality. ROLE ORIENTED Adapt the training dynamics to the role of the student (strategic, operational, tactical). REALISM Information systems and communication networks that reproduce real-world scenarios with real-time feedback and operation. Hands-on approach. GROWTH Set up new exercises at a steady pace (and cost-effective), according to the evolution in technology and cyber threats. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 11 CUSTOMIZABLE Easily adapt and tailor the exercises to the organisation’s needs, without the need to stick to predefined scenarios and exercises. SECURITY High security: isolation from production environments, isolation between exercises, access control, sound product engineering, etc. SCALABILITY Support large networks with hundreds and even thousands of assets. Transparently accommodate new users up to reasonable orders of magnitudes (hundreds, thousands). RICHNESS Support a wide array of scenarios, techniques, defensive and offensive tools, attackers’ profiles, configurations etc. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 12 SUPERVISION Automatically monitor and assess the student’s actions and performance. GUIDANCE Provide automatic guidance and hints to the student to help him during the training activity to enhance the learning process. REPRODUCIBILITY Repeat, pause, resume and restore the exercises at any time (student). CONTROL Automatically control the execution of the exercise to know its progress as well as state of the underlying network. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 13 ADAPTABILITY Adapt the level of difficulty of the training to the student’s skills and performance, including dynamically. Automatically and dynamically propose new challenges to the student. AUTOMATED ADVERSARY Play automatically adversarial roles (defender, attacker, ally). PEDAGOGICAL Embed a variety and effective learning processes and pedagogical strategies, such as:  Observational learning (play automated exercises).  Trial and error approaches (active attitude, capability to undo actions and take different courses of action, etc.).  Quantitative scoring system and gamification mechanisms to encourage competitiveness and self- improvement. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
14 Contents
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 15 Cyber ranges have become valuable tools for civil and military organisations Hands-on training 01 Experimentation and test of technology and cyberweapons 02 CDX Cyber Defence Exercises 03 Research and validation of new concepts and technology 04 Cyber ranges 03. CYBER RANGES: A NOVEL APPROACH
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 16 A classical cyber range 03. CYBER RANGES: A NOVEL APPROACH ESXi serversVirtual SMP VMFS Storage Network infrastructure Virtual machines OS App OS App OS App OS App OS App OS App OS App OS App OS App Physical layer Virtual layer Management layer vCenter – Management platform Advanced functions DRS HA vMotion Servers
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 17 A classical cyber range 03. CYBER RANGES: A NOVEL APPROACH ... OS App OS App OS App OS App OS App Redes MZ DMZ Virtual Switch (VLAN A) OS App Virtual Firewall Virtual IPS OS App Target system Red Team OS App OS App OS App Red Ataque Virtual Switch Plataforma Ataques (VLAN B) OS App Firewall Virtual Exercise B OS App OS App OS App OS App OS App Redes MZ DMZ Virtual Switch (VLAN A) OS App Virtual Firewall Virtual IPS OS App Target system Red Team OS App OS App OS App Red Ataque Virtual Switch Plataforma Ataques (VLAN B) OS App Firewall Virtual Exercise A OS App OS App OS App OS App OS App Redes MZ DMZ Virtual Switch (VLAN A) OS App Virtual Firewall Virtual IPS OS App Target system Red Team OS App OS App OS App Red Ataque Virtual Switch Plataforma Ataques (VLAN B) OS App Firewall Virtual Storage & Backup Appliance Backup WBS Dedicated DataStore NetworkAppliance® NetApp FAS2040 (storage) DataStores VMware Overland NEO- 2000 SAS Virtual Switch (VLAN D) Vmware Virtual Center Management computer Management network (VLAN C) HostESX-01 HostESX-02 Cluster (servers) Physical switches External access Management
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 18 MATURE GROWTH SCALABILITY SECURITY REALISM RICHNESS USABILITY CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY INCIPIENT REPRODUCIBILITY CUSTOMIZABLE ROLE ORIENTED Maturity level in state-of-the-art solutions 03. CYBER RANGES: A NOVEL APPROACH
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 19 A mere virtualisation infrastructure with some tailored functionality does not suffice CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 20 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS UI-level and low-level monitoring of students’ and automated actions on virtual infrastructure and application artefacts, and their effects. Match student behaviour against optimal performance models. Discover blocks/performance level decrease, and act accordingly through reconfiguration of objectives and adversarial actions, and hints. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 21 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS Bind objective achievements to constraints (time, accuracy, others). Logic to detect incompletion of objectives and launch preconfigured hints. Possibly adapt score based on hints consumption. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 22 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS Metrics and measures to highlight achievements and failures. Link actions and events to educational content. Implement complementary approaches: • Trial-and-error (checkpoints + restoration). • Observational learning. • Scoring for competitiveness and self- improvement. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 23 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS Integrate expert systems capable of taking on roles inside the exercises. M&S for artificial users. Reprogramme automated actions based on student’s reactions. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 24 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH MATURE GROWTH RICHNESS INCIPIENT CUSTOMIZABLE CHALLENGE How to implement a cost-effective and sustainable model that ensures growth, richness and customizable properties, while meeting time-to-market demands? i.e. objective = reasonable TCO Sophisticated tools for scenario generation based around automation, reutilisation and constantly updated knowledge DB
25 Contents
26 We conclude… Our experience… 04. OUR EXPERIENCE AND FUTURE WORK 5 years of R&D Own product on the market: FEEP Cyber Range +300 users in remote and on-site training sessions +4,000 hours of hands-on training Used in 2 large CTF events (CyberCamp 2015 and 2016) Users appreciate fine-grained supervision and guidance Tailored training is becoming a must Automated (smart) adversary works well even for expert users Metrics for user performance assessment are paramount
27 Some real-time metrics 04. OUR EXPERIENCE AND FUTURE WORK
28 Some real-time metrics 04. OUR EXPERIENCE AND FUTURE WORK
29 Future work 04. OUR EXPERIENCE AND FUTURE WORK Static intelligent attack scheduler as an exercise design tool Dynamic intelligent attack scheduler to provider greater intelligence for the automated adversary SCADA/ICS exercises
30 Dr. Jorge López Hernández-Ardieta jlhardieta@minsait.com THANK YOU! QUESTIONS?

Recommended

1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring RationaleSam Bowne
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)SecPod Technologies
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityNathan Desfontaines
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Cybersecurity PowerPoint Presentation
Cybersecurity PowerPoint PresentationCybersecurity PowerPoint Presentation
Cybersecurity PowerPoint PresentationRitik Kumar
 
Cyber security & Importance of Cyber Security
Cyber security & Importance of Cyber SecurityCyber security & Importance of Cyber Security
Cyber security & Importance of Cyber SecurityMohammed Adam
 

Recommended

1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring RationaleSam Bowne
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)SecPod Technologies
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityNathan Desfontaines
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Cybersecurity PowerPoint Presentation
Cybersecurity PowerPoint PresentationCybersecurity PowerPoint Presentation
Cybersecurity PowerPoint PresentationRitik Kumar
 
Cyber security & Importance of Cyber Security
Cyber security & Importance of Cyber SecurityCyber security & Importance of Cyber Security
Cyber security & Importance of Cyber SecurityMohammed Adam
 
Darkweb
DarkwebDarkweb
DarkwebSateesh Gollapudi
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
Session Hijacking ppt
Session Hijacking pptSession Hijacking ppt
Session Hijacking pptHarsh Kevadia
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposureabodiford
 
Cybersecurity - Overview
Cybersecurity - OverviewCybersecurity - Overview
Cybersecurity - OverviewThanuja Seneviratne
 
malware analysis
malware analysismalware analysis
malware analysis20CS201AkashR
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security TestingMarco Morana
 
Building the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseBuilding the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseDon Murdoch GSE CyberGuardian CISSP
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityIshan Girdhar
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsAndres Baravalle
 
Malware
MalwareMalware
MalwareTuhin_Das
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
 
CEH-brochure.pdf
CEH-brochure.pdfCEH-brochure.pdf
CEH-brochure.pdfkaouthermejri
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine LearningSiemplify
 
Presentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptPresentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptShravan Sanidhya
 
White hat and black hat hackers
White hat and black hat hackersWhite hat and black hat hackers
White hat and black hat hackersBilal Ahmed
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident ResponsePECB
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesamit kumar
 
Building a Cyber Range - Kevin Cardwell
Building a Cyber Range - Kevin CardwellBuilding a Cyber Range - Kevin Cardwell
Building a Cyber Range - Kevin CardwellEC-Council
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)Michael Scovetta
 

More Related Content

What's hot

Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
Session Hijacking ppt
Session Hijacking pptSession Hijacking ppt
Session Hijacking pptHarsh Kevadia
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposureabodiford
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security TestingMarco Morana
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityIshan Girdhar
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsAndres Baravalle
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine LearningSiemplify
 
Presentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptPresentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptShravan Sanidhya
 
White hat and black hat hackers
White hat and black hat hackersWhite hat and black hat hackers
White hat and black hat hackersBilal Ahmed
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident ResponsePECB
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesamit kumar
 

What's hot (20)

Darkweb
DarkwebDarkweb
Darkweb
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)
 
Session Hijacking ppt
Session Hijacking pptSession Hijacking ppt
Session Hijacking ppt
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposure
 
Cybersecurity - Overview
Cybersecurity - OverviewCybersecurity - Overview
Cybersecurity - Overview
 
malware analysis
malware analysismalware analysis
malware analysis
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security Testing
 
Building the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseBuilding the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAse
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developments
 
Malware
MalwareMalware
Malware
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer Attacks
 
CEH-brochure.pdf
CEH-brochure.pdfCEH-brochure.pdf
CEH-brochure.pdf
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptx
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine Learning
 
Presentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptPresentation on Ethical Hacking ppt
Presentation on Ethical Hacking ppt
 
White hat and black hat hackers
White hat and black hat hackersWhite hat and black hat hackers
White hat and black hat hackers
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident Response
 
Cyber security
Cyber securityCyber security
Cyber security
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
 

Viewers also liked

Building a Cyber Range - Kevin Cardwell
Building a Cyber Range - Kevin CardwellBuilding a Cyber Range - Kevin Cardwell
Building a Cyber Range - Kevin CardwellEC-Council
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)Michael Scovetta
 
Cyber_range_whitepaper_cbr_070716_FINAL_DRAFT
Cyber_range_whitepaper_cbr_070716_FINAL_DRAFTCyber_range_whitepaper_cbr_070716_FINAL_DRAFT
Cyber_range_whitepaper_cbr_070716_FINAL_DRAFTCourtney Brock Rabon, MBA
 
Soluciones integrales para la nueva televisión
Soluciones integrales para la nueva televisiónSoluciones integrales para la nueva televisión
Soluciones integrales para la nueva televisiónMinsait
 
Cybersecurity: Arm and Train US Warriors to Win Cyber War
Cybersecurity: Arm and Train US Warriors to Win Cyber WarCybersecurity: Arm and Train US Warriors to Win Cyber War
Cybersecurity: Arm and Train US Warriors to Win Cyber WarIxia
 
Hire indians corporate presentation
Hire indians corporate presentationHire indians corporate presentation
Hire indians corporate presentationhireindians
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber securityBirju Tank
 
Setup Your Personal Malware Lab
Setup Your Personal Malware LabSetup Your Personal Malware Lab
Setup Your Personal Malware LabDigit Oktavianto
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements Sonali Parab
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 

Viewers also liked (11)

Building a Cyber Range - Kevin Cardwell
Building a Cyber Range - Kevin CardwellBuilding a Cyber Range - Kevin Cardwell
Building a Cyber Range - Kevin Cardwell
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)
 
Cyber_range_whitepaper_cbr_070716_FINAL_DRAFT
Cyber_range_whitepaper_cbr_070716_FINAL_DRAFTCyber_range_whitepaper_cbr_070716_FINAL_DRAFT
Cyber_range_whitepaper_cbr_070716_FINAL_DRAFT
 
Soluciones integrales para la nueva televisión
Soluciones integrales para la nueva televisiónSoluciones integrales para la nueva televisión
Soluciones integrales para la nueva televisión
 
Cybersecurity: Arm and Train US Warriors to Win Cyber War
Cybersecurity: Arm and Train US Warriors to Win Cyber WarCybersecurity: Arm and Train US Warriors to Win Cyber War
Cybersecurity: Arm and Train US Warriors to Win Cyber War
 
Hire indians corporate presentation
Hire indians corporate presentationHire indians corporate presentation
Hire indians corporate presentation
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber security
 
Setup Your Personal Malware Lab
Setup Your Personal Malware LabSetup Your Personal Malware Lab
Setup Your Personal Malware Lab
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 

Similar to Cyber Ranges: The (R)evolution in Cybersecurity Training

Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018aztechcouncil
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Master’s in Cloud Computing & Cyber Security
Master’s in Cloud Computing & Cyber SecurityMaster’s in Cloud Computing & Cyber Security
Master’s in Cloud Computing & Cyber SecurityJetking Chandigarh
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementMel Drews
 
EMC Academic Alliance Program Guide
EMC Academic Alliance Program GuideEMC Academic Alliance Program Guide
EMC Academic Alliance Program GuideEMC
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Shakeel Ali
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017Maurice Dawson
 
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdfjames yoo
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...TelecomValley
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...robbiesamuel
 
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptxCompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptxInfosectrain3
 
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...IRJET Journal
 
Cyber security course in Kerala , Kochi
Cyber security course in Kerala , KochiCyber security course in Kerala , Kochi
Cyber security course in Kerala , Kochiamallblitz0
 
user centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centeruser centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centerVenkat Projects
 
Literature Review on DDOS Attacks Detection Using SVM algorithm.
Literature Review on DDOS Attacks Detection Using SVM algorithm.Literature Review on DDOS Attacks Detection Using SVM algorithm.
Literature Review on DDOS Attacks Detection Using SVM algorithm.IRJET Journal
 

Similar to Cyber Ranges: The (R)evolution in Cybersecurity Training (20)

Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
Master’s in Cloud Computing & Cyber Security
Master’s in Cloud Computing & Cyber SecurityMaster’s in Cloud Computing & Cyber Security
Master’s in Cloud Computing & Cyber Security
 
Paper-1 PPT.pptx
Paper-1 PPT.pptxPaper-1 PPT.pptx
Paper-1 PPT.pptx
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk Management
 
EMC Academic Alliance Program Guide
EMC Academic Alliance Program GuideEMC Academic Alliance Program Guide
EMC Academic Alliance Program Guide
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilience
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
 
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
 
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptxCompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
 
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
 
Cyber security course in Kerala , Kochi
Cyber security course in Kerala , KochiCyber security course in Kerala , Kochi
Cyber security course in Kerala , Kochi
 
user centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centeruser centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations center
 
Literature Review on DDOS Attacks Detection Using SVM algorithm.
Literature Review on DDOS Attacks Detection Using SVM algorithm.Literature Review on DDOS Attacks Detection Using SVM algorithm.
Literature Review on DDOS Attacks Detection Using SVM algorithm.
 
Vertualisation
VertualisationVertualisation
Vertualisation
 

Recently uploaded

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 

Recently uploaded (20)

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 

Cyber Ranges: The (R)evolution in Cybersecurity Training

  • 1. Dr. Jorge López Hernández-Ardieta Head of Cybersecurity Solutions & Digital Specialist Cyber Ranges: The (R)evolution in Cybersecurity Training Barcelona, 6 December 2016 Cybersecurity Unit
  • 4. 4 Technology evolution 01. CURRENT SITUATION Big Data/ Analytics Smart X BYOX/ Mobility Unmanned systems Systems-of- systems Social networksIoT/ Wearables Blockchain SDN/NFV Cloud/ Virtualisation (SaaS/PaaS/IaaS
  • 5. 5 Technology evolution 01. CURRENT SITUATION Big Data/ Analytics Smart X BYOX/ Mobility Unmanned systems Systems-of- systems Social networksIoT/ Wearables Blockchain SDN/NFV Cloud/ Virtualisation (SaaS/PaaS/IaaS Interdependence & Interconnection
  • 6. 6 Cyber threats evolution 01. CURRENT SITUATION ATM/Bank attacks First attacks to phone network Morris worms Massive attacks to EEUU phone system 1900 1980 1990 20001970 Kevin Mitnick 2010 20121930 Enigma is hacked Datastream hacks DoD, NASA, USAF Tenenbaum Hacks Pentagon Anti- sec Conficker Estonia DDoS Anonymous Stuxnet APT – Ghostnet, Night Dragon, Titan Rain, Shady Rat, Aurora Worms CodeRed, Nimda, Kornoukova, Sadmind, slapper, Iloveyou, Mellissa, Blaster, etc 2014 APT – Careto DragonFly Ransomware (mobile) DDoS/IoT 2016
  • 7. 7 The need for qualified professionals 01. CURRENT SITUATION Constant evolution of technology and cyber threats require constant efforts in professional education and training Decision-makers should also be educated on risks and security matters at strategic level Qualified professionals are paramount for organisations to deploy and implement effective cybersecurity practices secure SW/systems engineers, network security engineers, incident responders, malware & forensic analysts, security consultants, etc.
  • 8. 8  Current efforts and initiatives do not suffice  Knowledge entry barriers slow down training process and increase costs  Requires hands-on training: significant trainer resources (high costs) Our aim is to identify some desirable properties that technology should have in order to provide effective massive-scale cybersecurity training, detect which ones present technical challenges, and suggest novel approaches to achieve them  Recent explosion in the demand (91% increase in US 2010-20141)  Expectations are ‘worse’: 6M until 20192  Offer-demand imbalance: Lack of highly skilled and trained cybersecurity professionals Problems 01. CURRENT SITUATION 2 Estimations by Symantec and CISCO reports (2014). 1 Job Market Intelligence: Cybersecurity Jobs, Burning Glass Technologies (2015)
  • 10. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 10 USABILITY Easy access regardless when and where (remotely) students access from. Easy-to-use HMI and functionality. ROLE ORIENTED Adapt the training dynamics to the role of the student (strategic, operational, tactical). REALISM Information systems and communication networks that reproduce real-world scenarios with real-time feedback and operation. Hands-on approach. GROWTH Set up new exercises at a steady pace (and cost-effective), according to the evolution in technology and cyber threats. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
  • 11. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 11 CUSTOMIZABLE Easily adapt and tailor the exercises to the organisation’s needs, without the need to stick to predefined scenarios and exercises. SECURITY High security: isolation from production environments, isolation between exercises, access control, sound product engineering, etc. SCALABILITY Support large networks with hundreds and even thousands of assets. Transparently accommodate new users up to reasonable orders of magnitudes (hundreds, thousands). RICHNESS Support a wide array of scenarios, techniques, defensive and offensive tools, attackers’ profiles, configurations etc. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
  • 12. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 12 SUPERVISION Automatically monitor and assess the student’s actions and performance. GUIDANCE Provide automatic guidance and hints to the student to help him during the training activity to enhance the learning process. REPRODUCIBILITY Repeat, pause, resume and restore the exercises at any time (student). CONTROL Automatically control the execution of the exercise to know its progress as well as state of the underlying network. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
  • 13. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 13 ADAPTABILITY Adapt the level of difficulty of the training to the student’s skills and performance, including dynamically. Automatically and dynamically propose new challenges to the student. AUTOMATED ADVERSARY Play automatically adversarial roles (defender, attacker, ally). PEDAGOGICAL Embed a variety and effective learning processes and pedagogical strategies, such as:  Observational learning (play automated exercises).  Trial and error approaches (active attitude, capability to undo actions and take different courses of action, etc.).  Quantitative scoring system and gamification mechanisms to encourage competitiveness and self- improvement. Desirable properties 02. CHALLENGES IN CYBERSECURITY TRAINING
  • 15. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 15 Cyber ranges have become valuable tools for civil and military organisations Hands-on training 01 Experimentation and test of technology and cyberweapons 02 CDX Cyber Defence Exercises 03 Research and validation of new concepts and technology 04 Cyber ranges 03. CYBER RANGES: A NOVEL APPROACH
  • 16. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 16 A classical cyber range 03. CYBER RANGES: A NOVEL APPROACH ESXi serversVirtual SMP VMFS Storage Network infrastructure Virtual machines OS App OS App OS App OS App OS App OS App OS App OS App OS App Physical layer Virtual layer Management layer vCenter – Management platform Advanced functions DRS HA vMotion Servers
  • 17. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 17 A classical cyber range 03. CYBER RANGES: A NOVEL APPROACH ... OS App OS App OS App OS App OS App Redes MZ DMZ Virtual Switch (VLAN A) OS App Virtual Firewall Virtual IPS OS App Target system Red Team OS App OS App OS App Red Ataque Virtual Switch Plataforma Ataques (VLAN B) OS App Firewall Virtual Exercise B OS App OS App OS App OS App OS App Redes MZ DMZ Virtual Switch (VLAN A) OS App Virtual Firewall Virtual IPS OS App Target system Red Team OS App OS App OS App Red Ataque Virtual Switch Plataforma Ataques (VLAN B) OS App Firewall Virtual Exercise A OS App OS App OS App OS App OS App Redes MZ DMZ Virtual Switch (VLAN A) OS App Virtual Firewall Virtual IPS OS App Target system Red Team OS App OS App OS App Red Ataque Virtual Switch Plataforma Ataques (VLAN B) OS App Firewall Virtual Storage & Backup Appliance Backup WBS Dedicated DataStore NetworkAppliance® NetApp FAS2040 (storage) DataStores VMware Overland NEO- 2000 SAS Virtual Switch (VLAN D) Vmware Virtual Center Management computer Management network (VLAN C) HostESX-01 HostESX-02 Cluster (servers) Physical switches External access Management
  • 18. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 18 MATURE GROWTH SCALABILITY SECURITY REALISM RICHNESS USABILITY CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY INCIPIENT REPRODUCIBILITY CUSTOMIZABLE ROLE ORIENTED Maturity level in state-of-the-art solutions 03. CYBER RANGES: A NOVEL APPROACH
  • 19. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 19 A mere virtualisation infrastructure with some tailored functionality does not suffice CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH
  • 20. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 20 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS UI-level and low-level monitoring of students’ and automated actions on virtual infrastructure and application artefacts, and their effects. Match student behaviour against optimal performance models. Discover blocks/performance level decrease, and act accordingly through reconfiguration of objectives and adversarial actions, and hints. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
  • 21. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 21 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS Bind objective achievements to constraints (time, accuracy, others). Logic to detect incompletion of objectives and launch preconfigured hints. Possibly adapt score based on hints consumption. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
  • 22. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 22 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS Metrics and measures to highlight achievements and failures. Link actions and events to educational content. Implement complementary approaches: • Trial-and-error (checkpoints + restoration). • Observational learning. • Scoring for competitiveness and self- improvement. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
  • 23. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 23 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH IDEAS Integrate expert systems capable of taking on roles inside the exercises. M&S for artificial users. Reprogramme automated actions based on student’s reactions. CHALLENGE CONTROL ADAPTABILITY GUIDANCE PEDAGOGICAL SUPERVISION A-ADVERSARY
  • 24. TRAINING IN CYBERSECURITY: CHALLENGES AND NOVEL APPROACHES | 24 Covering the challenges 03. CYBER RANGES: A NOVEL APPROACH MATURE GROWTH RICHNESS INCIPIENT CUSTOMIZABLE CHALLENGE How to implement a cost-effective and sustainable model that ensures growth, richness and customizable properties, while meeting time-to-market demands? i.e. objective = reasonable TCO Sophisticated tools for scenario generation based around automation, reutilisation and constantly updated knowledge DB
  • 26. 26 We conclude… Our experience… 04. OUR EXPERIENCE AND FUTURE WORK 5 years of R&D Own product on the market: FEEP Cyber Range +300 users in remote and on-site training sessions +4,000 hours of hands-on training Used in 2 large CTF events (CyberCamp 2015 and 2016) Users appreciate fine-grained supervision and guidance Tailored training is becoming a must Automated (smart) adversary works well even for expert users Metrics for user performance assessment are paramount
  • 27. 27 Some real-time metrics 04. OUR EXPERIENCE AND FUTURE WORK
  • 28. 28 Some real-time metrics 04. OUR EXPERIENCE AND FUTURE WORK
  • 29. 29 Future work 04. OUR EXPERIENCE AND FUTURE WORK Static intelligent attack scheduler as an exercise design tool Dynamic intelligent attack scheduler to provider greater intelligence for the automated adversary SCADA/ICS exercises
  • 30. 30 Dr. Jorge López Hernández-Ardieta jlhardieta@minsait.com THANK YOU! QUESTIONS?