Dynamic Hands-On Training for Cyber Defenders
Cyber Range
Cyber Securityis a Team Sport.
Defend as a Team Against Cyber Threats Today!
Modular, Scalable, Flexible and Adaptable• Fully Integrated System• Dynamic Simulated Environments• Adaptable to Changing Needs and Threats• Easy Intergration of New Technologies• Skill and Role Based Training, Assessment and Certi�cation• Small Physical Footprint
Costumized Tailorable Solution• Custom Designed Security Challenges, Dynamic Exercises and Network Model
Modeling and Simulation• Robust Modeling and Simulation Capabilities• Applies Virtualization Techniques to Support Key CSL Functions
Cyber Maturity Model• Promotes Complete Cyber Self Suf�ency• Grow Skilled Workforce to Achieve Dynamic Defence• Individual and Team Pro�ciency• Basic, Intermediate, Advanced and Refresher Training
Experienced, Qualified and Ready to Succeed• Leaders in Cyber Readiness and Cyber Training• Contributed to the US DOD 8570 Training Program• 50 Years of Demonstrated Success• Mature Low Risk Solution, Ready for On-Time Delivery• Low Total Cost of Ownership
• Executive and Technical Training (and Certification) by Role Pro�le• Proficiency Evaluation by Role and Assignment• Individuals• New Recruits• Teams• Cyber Technology Evaluation• Cyber Defense Protection Strategy Development• Cyber Incident Countermeasure Development and Evaluation• Capture the Flag Exercises• Red vs. Blue Team Cyber Exercises• Modeling & Simulation of Security Operations with our Virtual Security Operation Center• Security Protocol Monitoring
Companies that are looking for better training to their IT security staff can now tap into Sypris’ expertise and skills with Sypris’ Security Training and Simulation Platform. Our Simulation Platform can also be used for testing and validating large-scale IT security solutions in a virtual environment, including validating SCADA (Supervisory Control And Data Acquisition) systems. Training-wise, the platform offers opportunities to master:
• Early detection of cyber attacks • Cyber incident response and investigation protocols • Real-time cyber security defence strategies
What is a Sypris Cyber Range™?Our Cyber Range is a unique learning system and modeling & simulation capability delivered on an open platform based upon commercial off the shelf (COTS) technology. It has three major components:
• Virtual Training Platform (VTP) • Knowledge Base • Self Paced Cyber Security Challenges • Dynamic Cyber Defense Exercises
• Cyber Analytics and Simulation Platform • Customizable Virtual Environments • Virtual Security Operations Center
• Sypris Cyber Range • Conduct Capture the Flag Exercises • Industrial Control System Modeling & Simulations • Network Attack & Malicious Traffic Generation
What Problems Can Be Solved with a SyprisCyber Range™?
• Reduced operational risk and greater resiliency to operate through a cyber attack • Roles based Cyber Defender proficiency • Quicker, effective response • Mechanism for continuous improvement in tune with the latest threats
It is a single, integrated, coherent System Architecture that is �exible and easy to use. Sypris integrates the latest technologies and content from best-of-breed partners into the range to ensure customers are equipped to handle the latest threats.
Challenge 1:We need more Cyber Defenders who are proficient
• 56% of organizations say they do not have enough security staff to handle their current demands• 52% of respondents (security pros and executives) said the shortage of skilled staff is contributing to the incidence of breaches in their organization• 47% said they believe their customers are being affectedData from The 2013 (ISC)2 Global Information Security Workforce Study-Frost & Sullivan / ISC2 / Booz Allen
Challenge 2:In our view, the current approach to mobilizing a Cyber Defense is inadequate for quicker,effective response
• Organizations are adopting technology faster than their people and processes can absorb and leverage• Classroom training does not establish proficiency in tactics, procedures, and the use of technology• Cyber Defense is trained as an individual “sport” when the real environment is role-based, and requires team behaviors and culture• New recruits are hired based upon Certifications, not pro�ciency
Challenge 3:The threats are dynamic and proliferating,making it difficult to keep up
• Many solutions are reactive and have a short effective life• Investments become obsolete quickly
Citizen Services & Immigration Control Law Enforcement
Critical Infrastructure Management Public Administration Services
Information Management Emergency & Disaster Management Inter-Agency Collaboration
NEC Global Safety DivisionGlobal headquarters: 2 Fusionopolis Way #07-01/02/03, Innovis, Singapore 138634 nec.com/safety [email protected]
© 2016 NEC Corporation NEC and the NEC logo are registered trademarks of NEC Corporation.
The Challenge The Solution
Benefits
Why NEC Cyber Security?
Sypris Cyber Range™Applications to Mobilize for Cyber Defense
The Cyber Range will be offered as part of NEC’s Cyber Security Factory
The Sypris Cyber Range™ platform provides an operationally focused approach to test skills and assess aptitude of both individuals and cyber defense teams by operational role and assignment.
Within this framework, each trainee is assigned a Learning Plan that forms the baseline for a unique scoring approachthat measures their pro�ciency andoverall progress.
Four training delivery methods are utilizes within the Range framework to drive Cyber Defender pro�ciency:• Classroom-Based Modules with Integrated Simulation Labs• Self-Paced Security Challenges• Team-Based Dynamic Exercises• Custom Course Module Assessments and Delivery
Self-Paced Security Challenge Learning is Delivered in 5 Topic AreasCategory
Web Application Security
Application Security
Cryptography
Network Security
Forensics
Description
Courseware focused on the security and vulnerabilities of web-based applications
Traditional cyber security subject that emphasizes the security of single system and the applications running on it. Includes coverage for privilege escalation and OS/Application threats.
This subject area covers cryptography and includes topics such as encryption algorithms, secure communications protocols, digital signatures, etc.
Courseware that focuses on all aspects of the OSI model for an understanding of inter-computer communications.(Packet Captures, etc.)
Incident response, data collection, forensic data management (chain of custody), etc.
Subject
Web
Application
Cryptography
Networking
Forensics
Classroom-Based Modules with Simulation Labs Cover 5 Levels:Course Module
Basic CourseModule
IntermediateES Course Module 2
IntermediateICS CourseModule 3
Advanced CourseModule 4
Refresher CourseModule 5
Integrated Classroom-Based/Self-Paced/Team-Based Training
Module 1.1 Cyber Fundementals IModule 1.2 Cyber Fundementals IIModule 1.3 Incident Response Tier 1
Module 2.1 International Cyber Incident Response EngagementModule 2.2 Traffic AnalysisModule 2.3 Defence in DepthModule 2.4 Incident Response Tier 2
Module 3.1 Critical Infrastructure OverviewModule 3.2 Industrial Control System Security IModule 3.3 Industrial Control System Security II
Module 4.1 Malware Analysis/Revers EngineeringModule 4.2 Incident Response Tier 3Module 4.3 Penetration Testing/Vulnerability AssessmentsModule 4.4 Digital ForensicsModule 4.5 Capstone Cross-Sector Cyber Defence Exercise
Module 5.1 Basic Course RefresherModule 5.2 Intermediate ES Course RefresherModule 5.3 Intermediate ICS Course RefresherModule 5.4 Advanced Course Refresher
Dynamic Exercise
Attack & Defend:Symmetric or Asymmetric
King-Of-The-Hill
Botnet Takeover
Penetration Test
Objectives and Exercise
• Gain and maintain control of machines• Exploit target vulnerabilities• Plant �ag to indicate control and gain points• Defend own system by removing vulnerabilies• Harden system ot patch vulnerable codes• Earn points while system not compromised
• Similar to most Capture the Flag exercises• More machines added into system as game progresses
• Role-play as malware analyst and computer forensic analyst• Team-based working on different scenarios• Earn points based on time to complete and completeness of solution
• Role-play as penetration tester• Team-based working on different scenarios• Earn points based on time to complete and completeness of solution
Team-Based Dynamic Exercisesare Conducted in 4 areas:
At Sypris and NEC, our vision for Cyber Security Training has 2 critical elements:
• Take Cyber Security from an individual to a team sport• “Train as you would have to defend” – in an operational role
We bring hands-on, real world training to you and your cyber security teams. Our mission is to ensure your teams have the very best training possible, in a safe and secure environment.
We offer a full curriculum of 17 one week classes designed to take you from Basic through Advanced capability. If you don’t have the time to commit to a full curriculum, choose from these 3 powerful options:
With each of these options, you and your teammates can earn CPE Credits toward maintaining your CISSP Certi�cation.
Our classes are all taught on the world class Sypris Cyber Range. Sypris and NEC offer you a real-world, modeling and simulation platform for your cyber experts to train on how to discover, neutralize, repair and defend your network with an integrated, multi-layer approach.
For over 50 years, governments and top defense companies have trusted us to support their mission critical programs. With our focus on cyber security, we have unique and extensive experience managing the largest, most complex and signi�cant date protection assignments across the globe.
Team Custom to Your Environment Individual
Latest threads4 Hours of Hands on Training to Resolve a Current Threat in the News
Security challenges4 Hours Learning How to Solve 4 Real World Challenges
Dynamic Exercises4 Hours of Red vs. Blue Team Challenges
Simulation of Your Environment:Modeled and Simulated Exercises based upon your operational environment.
Threat Level
Nation State
AdvancedPresistent
Threat MostOrganizations
Agility/Speed of Action
ConventionalThreat
Passive
Active
MaturityLevel
TrainingInstruction
Competency
Pro�ciency
Environment
Tools Level
SecurityChallengesHands-on-Lab
Intermediate
Individual
Standard/Costumized
IntegratedPicture
DynamicExercisesFacilitated
Advanced(Custom)
Team
Customized
DynamicDefence
Modeling &Simulation
Advanced(Scenario Based)
Organixational
Customized / Real World
ResilientEnterprise
AdvancedSimulation
Expert
Mastery
Real World
Reactive& Manual
Knowledge BaseClassroom Based
Basic
Baseline
Standard
Sypris Cyber Range™Dynamic Virtual Training Platform A Better Approach for Learning
HW Interfaces (Switch) SW Interfaces (Upload Procedures)
Web User Interfaces
SCADA DevicesPartner Equipment
(e.g., BreakingPoint)Physical Systems
(e.g., ICS, CKMS, ECNS)Applications Training Content
Administrators
• Maintain User Accounts• Create/Modify User Roles
• Modify System Settings• Perform Modelling & Simulation
Cyber Security Lab
Dynamic Virtual Platform (DVP)
Administration Dashboards Messages
Training
KnowledgeBase
SecurityChallenges
DynamicExercises
Simulation
Modeling & Simulation
Core Modules Cyber Range Interfaces Dynamic Virtual Platform Cyber Security Lab
Instructors
• Create User Learning Plans• Schedule Dynamic Exercises
• Monitor User Training• Access User Pro�ciency
Users
• Follow Learning Plans• Access Knowledge Base
• Run Security Challenges• Participate in Dynamic Exercises
An Architechture that is Flexible, Adaptable and Extensible
Advance Your Cyber Maturity Training FrameworkFully Intergrated Training Solution
World Class Role-based Cyber Security,Training for Individuals and Teams
Training
Infrastructure
Basic
Intermediate
Advanced
ICS Simulations
Real-TimeSimulationChanges
Real-WorldModelling
CyberRange
Mod
ellin
g an
d
Sim
ulat
ion
Single UserAccess
Multi-UserAccess
CustomisableNetwork & ThirdParty Hardware
MultipleNetworks
As a simulation platform, Sypris’ Cyber Security Simulator enables companies to test and validate large-scale IT security solutions. The realistic virtual environment even allows for the testing of large-scale, multi-site industrial control systems such as SCADA. The strength of the platform is that it offers real-life virtualisation and real-time simulation of networks and systems.
Our real-world system setup enables trainees to evaluate attack scenarios and allows them to test their security responses in a realistic manner. Attack scenarios can be simulated or can be done as red team-blue team war gaming.
Our platform is a unique and highly-effective method of training because we are able to replicate industry-specific simulation environments to provide realistic training scenarios. For example, we can provide environments that replicate the infrastructure of a financial institution, a telecommunications carrier or a power company.
Graduate from our Dynamic TrainingReact Swiftly to Real Security Crises
Classroom Training and Assessment :
Knowledge Base
Self-Paced Training :Security Challenges
Team-Based Training :Dynamic Exercises