Lessons learned from training hundreds of cybersecurity experts recently
We’ve recently executed a large scale cyber range training in a series of conferences with one of our leading customers. Hundreds of cybersecurity professionals – CISOs, SOC Analysts, Pen Testers and Ethical Hackers – as well as less technical folks participated in the training. The players were challenged with Blue (defense) and Red (attack) scenarios on Cympire’s cloud-based gamified cyber training platform. Per our customer’s request, each session was limited to one hour during which the players had to solve rather complex missions having to do with the customer’s cyber defense and orchestration platform. The players played in teams of 1-3 players, sometimes with teammates they have not met before. It was an exciting and fun experience, and more importantly taught us some valuable lessons on the benefits of cyber ranges in general and gamification in particular.
We wanted to share these with everyone, so here we go!
No-one Knows How to Program Their Microwave
Like setting the time on your VCR player in the 80’s, or programming your Microwave, the fact that you have a system installed doesn’t mean you are familiar with its features. We found the same is true for complex cybersecurity systems. Many of the players already had the vendor’s tools installed and defending their organization. However only a few were familiar with all the features they were guided to use as part of the scenario. Even fewer actually saw the system at work under a real cyber-attack. In the cyber range users got a chance to see the system in action and operate it under a real Phishing and Ransomware attack. As one of our players wrote: “This is a great way to learn the different aspects of protecting your network”.
It’s Fun Getting Better
This is one of our key sayings when we think about training the right way. The benefits of gamification for improved learning are backed up by a significant body of research led by scholars such as Professor Karl M. Kapp, yet it was exhilarating to see how theory becomes reality. How the inclusion of scores, game elements and leaderboards engages and motivates serious cybersecurity professionals to excel and outrival their competitors, thus improving their performance and learning. No wonder a whopping 94% of players replied with 4 or 5 (out of 5) when asked if they have enjoyed the training, or as one of them simply put it: “it was great fun to work as a team and save the world”.
Mission Readiness Through Simulation
As a former fighter pilot it it is obvious to me that regular training is essential for staying always prepared for that siren to go off. Some things you train for in the air such as air-combat maneuvers, air-to-ground attacks and more, while others you can only practice in a simulator like engine failures, severe weather conditions and avoiding ground-to-air missiles. The same goes for cybersecurity training – you must train hands-on in order to be ready for the “moment of truth” when it arrives. In the cyber range we witnessed experienced SOC analysts encountering certain cyber-attacks for the very first time. They learned a lot on how to identify and cope with these attacks, while we took home many lessons on how to simulate cyber-attacks even better, and what other types of attack vectors are important to our users.
With these lessons in mind we continue on our journey to improve cybersecurity professionals’ skills and readiness, and call on all organizations to keep cybersecurity training as part of their plans for a more secure cyberspace!
Cympire Co-Founder & VP Product