CyberGym launches South African arena

October 2018 Editor's Choice, Information Security, News & Events, Training & Education

Wolfpack recently introduced a new cybersecurity training service to South Africa. CyberGym is an Israeli company that specialises in real-life cyber training, teaching students with real world simulations.

Wolfpack’s CEO, Craig Rosewarne, launched CyberGym by pointing out that the lack of cyber skills is a serious issue around the world. This is exacerbated by the fact that companies are generally prepared to spend large amounts on cyber protection technology, but skimp when it comes to training – and this applies to technical cyber skills as well as training users on how to best protect themselves from attacks, such as phishing or ransomware. It is in the technical skills arena that CyberGym looks to make a difference.

CyberGym’s New York arena.
CyberGym’s New York arena.

CyberGym’s Ofer Rachman explained that the company was started out of Unit 8200 in the Israeli Defence Force (IDF). This unit was set up as a strategic response to the cyber threats against Israel – which faces about 1000 cyberattacks each day – and comprises thousands of ‘cyber warriors’.

The defence process has been adapted from the NIST Cybersecurity Framework, which includes all levels in an organisation as it seeks to identify, protect, detect, respond and recover from attacks. (More on the framework can be found at www.nist.gov/cyberframework.) As with all security, there are layers in place to deal with the cyber threat. These include the data level, the application level, then the hosting, internal network, perimeter and physical levels, and finally, training, policies and procedures.

Realistic simulations

The CyberGym training process is based on the concept of an arena, as opposed to a traditional learning environment. The company has expanded to include arenas in various countries, from Israel through to the Czech Republic, Portugal, Lithuania, Japan, Australia, US and now South Africa. Each arena is set up to emulate a real world IT infrastructure in which the students would work. The training process is comprised of three teams.

The White Team is made up of the instructors working for CyberGym (veterans of the Israeli National Security Authority) who observe, teach and evaluate students. The Blue Team is made up of the students and their task is to defend their emulated IT systems by proactively recognising and responding to cyberattacks using a variety of tools.

The Red Team in action.
The Red Team in action.

The Red Team is located in Israel and its job is to play the role of cyber attackers and perform strategic attacks on the Blue Team’s infrastructure. The Red Team is made up of experienced hackers, which the company says provides students with “unique insights into a hacker’s mindset and point of view”.

Each training session, which can last up to three days, is customised to the trainees’ requirements. For example, it can simulate a financial institution or an electrical utilities infrastructure, with the Red Team directing attacks aimed at those organisations and their infrastructure. The courses available start from half-day courses aimed at C-level executives and then move on to various cybersecurity courses. The technical courses are aimed at the level of the trainees, but can be boosted to give even the most experienced defenders a serious challenge.

An electrical utility simulation.
An electrical utility simulation.

One of CyberGym’s Red Team members, Elad Hagai, was also on hand to provide some insights into real-world attacks he was involved with, in the form of two case studies of defence strategies. The first was from one of Israel’s largest credit card issuers, which was faced with an insider data breach. The ex-employee and his cohorts tried to hold sensitive data to ransom for millions of dollars. The problem was resolved within two weeks and all the data was recovered before it could be published.

Hagai also outlined the changes made in the company to prevent such an occurrence from happening again. The second study was about how a network infiltration attack on another organisation was detected and resolved.

Ready to roll

Rosewarne closed the launch event by telling the attendees that CyberGym SA has been set up and kitted out with a variety of infrastructure components which will allow it to train cyber defenders of any skill level. The venue not only has the required kit, but a VPN link to the Red Team in Israel is also in place so that they can launch attacks and test students’ skills.

Find out more at www.cybergym.com/sa or by emailing [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

SMART Estate Security returns to KZN
Nemtek Electric Fencing Products Technews Publishing Axis Communications SA OneSpace Editor's Choice News & Events Integrated Solutions IoT & Automation
The second SMART Estate Security Conference of 2024 was held in May in KwaZulu-Natal at the Mount Edgecombe Estate Conference Centre, which is located on the Estate’s pristine golf course.

Read more...
Creating employment through entrepreneurship
Technews Publishing Marathon Consulting Editor's Choice Integrated Solutions Residential Estate (Industry)
Eduardo Takacs’s journey is a testament to bona fide entrepreneurial resilience, making him stand out in a country desperate for resilient businesses in the small and medium enterprise space that can create employment opportunities.

Read more...
Trend Micro launches first security solutions for consumer AI PCs
Information Security News & Events
Trend Micro unveiled its first consumer security solutions tailored to safeguard against emerging threats in the era of AI PCs. Trend will bring these advanced capabilities to consumers in late 2024.

Read more...
Dallmeier receives ISO 27001 certification
Dallmeier Electronic Southern Africa Surveillance News & Events
Dallmeier has received ISO 27001 certification for its Information Security Management System (ISMS). The international standard for information security management ensures that companies meet the highest standards of data protection and data security.

Read more...
2024 Southern Africa OSPAs winners announced
Editor's Choice
The 2024 Southern Africa Outstanding Security Performance Awards (OSPAs) winners were revealed on Tuesday, June 11th, at the Securex South Africa Seminar Theatre hosted by SMART Security Solutions.

Read more...
AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

Read more...
Resident management app shows significant growth
Editor's Choice
My Estate Life is a mobile app for residents and managers in housing estates and buildings. Its core aim is to be an easy gateway for residents to manage visitors and staff, and to communicate and administer general property in a simple interface.

Read more...
Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

Read more...
NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

Read more...
SAIDSA achieves ISO 9001 certification
SAIDSA(SA Intruder Detection Services Association) Associations News & Events Training & Education
The South African Intruder Detection Services Association (SAIDSA) has announced that it has achieved ISO 9001:2015 certification. This milestone reflects its commitment to quality management and excellence in the security services industry.

Read more...