CONCORDIA ecosystem: Prepare yourself with cyber training and cyber defence exercise

Did you know that attackers are always ahead in cybersecurity? They choose time, place and method. They can steal data, affect public affairs and people’s everyday lives. The way to prevent this is to systematically prepare for cyberattacks. This is also the task of the CONCORDIA project, which is committed to providing the infrastructure and conducting training and cyber exercises for the academy and industry. That is why the CONCORDIA representatives came to see Cyber Czech exercises in the KYPO Cyber Range Platform at Masaryk University.

Fortune favors the prepared mind, thats why we created the first technical cyber exercise in Central Europe – the Cyber Czech, together with czech NCISA in 2015. To this day, we have helped prepare the dozens of government officials, businesses and cybersecurity teams from around the world for the reality of a coordinated cyberattacks. We provide each participant with the knowledge gained from many years of experience in running our cybersecurity team.

The Cyber Czech exercise focuses on the most realistic simulation of a cyberattacks aimed at organization networks defended by exercise participants (Blue team). Attackers gradually attack individual machines, download data, post their statements, and destroy vital elements of critical information infrastructures. All this in an escalating conflict following a fictitious geopolitical story. The Blue Team must also pay attention to its users who need to continue their work tasks and to their managers who want to be informed in detail on the ongoing situation. Besides, the media are also interested in the case. During the exercise, Blue Team members can read about their actions in the newspaper. Not to mention that participants must also consider the legal aspects of their activities. What a mess! The described exercise can only exist due to the KYPO Cyber Range Platform, which allows to automatically deploy an environment of dozens of machines, monitor and control the entire infrastructure during this two-day marathon.

Since the first exercise, we have learned a lot of things and asked a lot of questions. Are there any best practices for the preparation of cyber exercise? What about preparing a course for participants to help them gain knowledge before the exercise? This is how our training were created. Is exercise too resource-intensive? How about using things like automated adversary behaviour and scoring methodologies? Should we connet with others in Europe and share training and exercises? This has laid the foundations for working with FI CODE, and we hope to see more coming soon.

Conclusion

The CONCORDIA project is leading the integration of Europe’s excellent cybersecurity competencies into the network of expertise to build the European secure, resilient and trusted ecosystem. Masaryk University, as one of the project partners, brings skills for creating cyber exercises and also the KYPO Cyber Range Platform. We hope that our knowledge and experience will help to effective training of cybersecurity professionals and building more secure Europe for all of us.

(by Jakub Čegan, Masaryk University)