Using a Cyber Range to Hire & Train an Awesome SOC Team
Using a Cyber Range to Hire & Train an Awesome SOC Team
The cybersecurity profession has a conundrum – actually more than one.
How do you find and vet top-notch SOC analysts?
Once you have them, how do you ensure they are getting the training they need to be successful cyber defenders? And how do you measure it?
On top of that, how do you get your SOC team to mesh well together and build a great culture?
Good questions.
A: It’s not as hard as you think.
(Hint: It helps to have a full-service, kick-a$$ cyber range team. 😎)
Start with the person
Here’s the deal. Hiring managers and security leaders put a lot of requirements in job descriptions. That makes it really hard to find someone who can meet all the criteria. And it’s partly why the cyber skills gap is regularly discussed as a Problem (with a capital P) in the cybersecurity industry. Cyber hiring methods have to change.
To build a great SOC team, it’s crucial to focus on the person first. Yes, you want to hire someone knowledgeable about security concepts such as threat hunting, risk management, incident management, etc. You want them to understand security operations and possible attack vectors. You want them to be familiar with common network technologies and infrastructure devices and have had hands-on experience.
That said, start here: Do they seem teachable? Are they responsible? Do they have problem-solving and troubleshooting skills? Do they seem like – with the right knowledge, training, and experience – they could succeed in cybersecurity? In your team?
If you don’t know or aren’t sure how to look for that, use a cyber aptitude assessment to help with hiring. It analyzes cognitive abilities and innate strengths and aligns them with different areas of cybersecurity, including the probability for their success.
Tl;dr - Get the foundation right. Then you can build on it.
Use a simulation-based candidate assessment
Hiring is not all about the touchy-feely stuff. This is cybersecurity, after all. If someone doesn’t know what they’re doing, there could be untold, costly ramifications.
That’s why it’s crucial to give prospective employees – and current cybersecurity team members – an assessment that shows what they know, how they perform, and where they can benefit from additional training. And that shouldn’t just be a multiple-choice test.
A simulation-based candidate assessment (Hi FastTrak!) allows you to verify someone’s technical abilities according to the position and your company’s requirements. The role-based assessment is conducted within our cyber range and aligned to the Workforce Framework for Cybersecurity (NICE Framework), which includes functions, specialty areas, and specific knowledge, skills, and abilities (KSAs) for cybersecurity roles.
The resulting report helps you objectively understand what candidates know how do do, what they are able to do, and if they know why to do it…. and where there is room for improvement. You can hire without bias and set up new hires with the right training from the get-go.
Tl;dr - Objectively assess their competencies and where they can improve.
Engage the team in live-fire cyber range simulation exercises
So, you’ve found some prospective SOC analysts and assessed their abilities. Now it’s time to solidify them into a team of cyber super heroes.
The best way to create an effective team is to train together in a hyper-realistic, live-fire cyber range. Your people are your last line of defense against IT and OT cyberattacks that could cost money and time – and even become a matter of life and death. Your SOC team members need the right knowledge and skills, yes. But they also need to have practiced and tested their abilities in a replicated environment with real-world attack scenarios.
The fun part is, when teams practice together in a live-fire cyber range, they not only grow their technical skills, but we have watched as teams have measurably improved soft skills like:
Communication
Collaboration
Critical thinking
Camaraderie
Confidence
Creativity
Culture
And more (even soft skills that don’t start with a C)
But not all cyber ranges are the same.
The key is to have the right cyber range program. It’s more than the cyber range platform itself, and it’s more than having a good package of skills development modules to work through.
Here’s what you want in a full-service cyber range program:
Live instructors in the range with the team during exercises
Detailed scenarios for teams of all levels with MITRE ATT&CK mapping
In-depth evaluation and analysis of individual and team performance – both hard skills and soft skills
Metrics and reporting that are board-ready
Regular one-on-one meetings with security leaders to discuss progress
Prescribed plans for bridging gaps and next steps
Coordination and administration of all the components
That’s what Cloud Range does (and more!). Cloud Range is not just a vendor or a technology provider – we are your ally in proactively preparing your team for the best cyber defense possible. And we’re the only ones doing it.
Tl;dr - Teams flourish in the one-of-a-kind Cloud Range cyber range program, with measurably improved technical and soft skills.
Ready to make your SOC team even more awesome? We’d love to hear from you.