Simulation for Cyber Security

Cyber attacks and defenses form an ongoing arms race of increasing sophistication. However, no matter how much security is added to computers and networks, the weakest link and greatest risk to our information environment is people.  There is a desperate need for training to get people to become aware of their role in cyber security. A platform is needed for people to better understand attacks and defenses.  Traditionally this is done with a physical range, consisting of an isolated network connecting real equipment.  However, this approach is unwieldy. A cyber range can also be built virtually, using modeling and simulation (M&S).  M&S is sufficiently robust, while offering improved capabilities and considerable cost savings. The presentation will describe virtual cyber ranges and give an example of how they are being built in the US for cyber training.

In this talk we will present the good practices on organising cyber exercises, focusing on the exercise life-cycle and the actions needed during each step. Then we will present two case study exercises, Cyber Europe 2010 and Cyber Atlantic 2011. We will explain how the good practices presented in the first part have been used for these two case studies.

“Cyber Storm: The Series” is a discussion on the building blocks to preparedness. The U.S. Department of Homeland Security’s National Cyber Security Division hosts the international cyber security exercise, Cyber Storm, to test the resilience and defense mechanisms of industry and fellow Nation States and to support efforts to further secure cyber infrastructures across the world. Cyber Storm is the first of its kind exercise that continues to grow in participation and relevance with every exercise. Currently preparing for Cyber Storm IV, the fourth iteration of the exercise, Mr. McKinney will discuss the lessons learned, best practices and trends being seen in the field as well as the importance of regularly testing networks to prepare for the worst.