Cyber defense training for enterprises is evolving, creating immersive scenarios that put board members and C-level executives in the crosshairs of simulated attacks.
Big picture: As ransomware attacks and nation-state cyber espionage campaigns increase, more executives and board members find themselves making critical decisions about how their companies respond to cybersecurity incidents. increase.
News promotion: Israeli cybersecurity firm Cyberbit last month released a new training module to help security teams and C-level executives run full-scale simulations together against some of the most common cyberthreats. Did.
- Similar products are better suited for training security teams than executives and board members.
detail: Hours-long simulations include attacks exploiting Log4j vulnerabilities and recent critical Microsoft vulnerabilities, as well as the North Korean state-of-the-art hack.
- Cyberbit Chief Marketing Officer Sharon Rosenman told Axios that the company typically adds new simulations weekly based on the findings of its internal threat intelligence team.
- However, in high-risk situations, a new simulation can be started in a day. According to Rosenman, his training on the Log4j vulnerability that affected millions of devices was completed in one day.
Usage: Attended a recent Cyberbit product demo to get a sense of the current state of training.
- Each simulation runs on Amazon Web Services and Microsoft Azure live cloud networks to make the experience as close to reality as possible.
- Once the scenario starts, people are taken to a tabletop simulation where they check for signs of an attack on their network and answer a series of questions about what to do and who they would like to contact at what point.
- Training takes hours to reflect the real thing.
- Team managers can also combine all training results in one dashboard.
conspiracy: Cyberbit’s customers include FS-ISAC, a non-profit organization that shares cyber threat information among major financial institutions, as well as several major retail and higher education institutions, said the CEO. Adi Dar said.
Line spacing: Regulators have asked executives and board members to play a more active role in cybersecurity strategies.
Yes, but: Cyberbit wants the simulation to be as close to real life as possible, so training can take hours to complete.
- This means it’s still a huge investment for some businesses that are either understaffed or struggling to implement basic security measures like multi-factor authentication.