CyberGym launches South African arena
October 2018, This Week's Editor's Pick, Cyber Security, News, Training & Education
Wolfpack recently introduced a new cybersecurity training service to South Africa. CyberGym is an Israeli company that specialises in real-life cyber training, teaching students with real world simulations.
Wolfpack’s CEO, Craig Rosewarne, launched CyberGym by pointing out that the lack of cyber skills is a serious issue around the world. This is exacerbated by the fact that companies are generally prepared to spend large amounts on cyber protection technology, but skimp when it comes to training – and this applies to technical cyber skills as well as training users on how to best protect themselves from attacks, such as phishing or ransomware. It is in the technical skills arena that CyberGym looks to make a difference.
CyberGym’s New York arena.
CyberGym’s Ofer Rachman explained that the company was started out of Unit 8200 in the Israeli Defence Force (IDF). This unit was set up as a strategic response to the cyber threats against Israel – which faces about 1000 cyberattacks each day – and comprises thousands of ‘cyber warriors’.
The defence process has been adapted from the NIST Cybersecurity Framework, which includes all levels in an organisation as it seeks to identify, protect, detect, respond and recover from attacks. (More on the framework can be found at www.nist.gov/cyberframework.) As with all security, there are layers in place to deal with the cyber threat. These include the data level, the application level, then the hosting, internal network, perimeter and physical levels, and finally, training, policies and procedures.
The CyberGym training process is based on the concept of an arena, as opposed to a traditional learning environment. The company has expanded to include arenas in various countries, from Israel through to the Czech Republic, Portugal, Lithuania, Japan, Australia, US and now South Africa. Each arena is set up to emulate a real world IT infrastructure in which the students would work. The training process is comprised of three teams.
The White Team is made up of the instructors working for CyberGym (veterans of the Israeli National Security Authority) who observe, teach and evaluate students. The Blue Team is made up of the students and their task is to defend their emulated IT systems by proactively recognising and responding to cyberattacks using a variety of tools.
The Red Team in action.
The Red Team is located in Israel and its job is to play the role of cyber attackers and perform strategic attacks on the Blue Team’s infrastructure. The Red Team is made up of experienced hackers, which the company says provides students with “unique insights into a hacker’s mindset and point of view”.
Each training session, which can last up to three days, is customised to the trainees’ requirements. For example, it can simulate a financial institution or an electrical utilities infrastructure, with the Red Team directing attacks aimed at those organisations and their infrastructure. The courses available start from half-day courses aimed at C-level executives and then move on to various cybersecurity courses. The technical courses are aimed at the level of the trainees, but can be boosted to give even the most experienced defenders a serious challenge.
An electrical utility simulation.
One of CyberGym’s Red Team members, Elad Hagai, was also on hand to provide some insights into real-world attacks he was involved with, in the form of two case studies of defence strategies. The first was from one of Israel’s largest credit card issuers, which was faced with an insider data breach. The ex-employee and his cohorts tried to hold sensitive data to ransom for millions of dollars. The problem was resolved within two weeks and all the data was recovered before it could be published.
Hagai also outlined the changes made in the company to prevent such an occurrence from happening again. The second study was about how a network infiltration attack on another organisation was detected and resolved.
Ready to roll
Rosewarne closed the launch event by telling the attendees that CyberGym SA has been set up and kitted out with a variety of infrastructure components which will allow it to train cyber defenders of any skill level. The venue not only has the required kit, but a VPN link to the Red Team in Israel is also in place so that they can launch attacks and test students’ skills.
Find out more at www.cybergym.com/sa or by emailing firstname.lastname@example.org