Using Realistic Range Simulations for Cyber Readiness with Cloud Range
Using Realistic Range Simulations for Cyber Readiness with Cloud Range
A TAG Cyber Interview with Debbie Gordon, Founder & CEO, Cloud Range
Security operations center (SOC) teams are often presented with unique situations featuring unknown threats that require fast thinking, efficient coordination, and the optimal use of available tools. As one would expect, these objectives require practice to get right—and such learning is best done in a simulated environment, rather than during a live attack.
Cloud Range offers an effective platform and set of services that allow SOC teams to engage in realistic scenario training. The results range from helping an organization better gauge its overall security posture to helping the participants better understand how to work together. We recently caught up with Cloud Range and learned more about their offering.
TAG Cyber: What are the toughest operational challenges of the modern SOC team?
CLOUD RANGE: One challenge is that it’s difficult for SOC teams to show value to the rest of the organization. Cyber roles don’t always align with business outcomes. SOC teams can be seen as an expense, and they may not get much attention unless something goes wrong. That’s one reason why teams depend on Cloud Range’s cyber readiness platform, which prepares SOC teams to defend against the next cyberattack – plus, it measurably reduces cyber risk, which benefits the entire organization, customers, shareholders, and other stakeholders.
Another challenge is that many SOC teams are taking on both traditional cybersecurity and operational technology, or OT, cybersecurity. They need to know how to speak the language of industrial control systems (ICS) and IoT devices, as well as detect and mitigate potential IT- and OT-related cyberattacks. That is easier said than done. There are different objectives – IT prioritizes confidentiality of data, while ICS prioritizes availability and integrity of processes and systems – and they work with different technologies. We are excited to be the first to have complete, full-service OT environments in our cyber range where teams can learn how to work together and defend against OT and IT/OT cyberattack scenarios.
There is also a high level of stress in SOC teams, and that impacts operations because it can lead to burnout and the loss of good employees. Analysts should be seen as part of an organization’s security stack; therefore, leaders must invest in ensuring their people are performing most effectively. That includes a combination of one-to-one meetings, individualized career paths, professional development options for continued growth, and more. I’ve seen security leaders use Cloud Range’s solutions to create learning plans that meet individual aptitudes and goals and organizational objectives, and they like that they can track it all in our Performance Portal.
TAG Cyber: What are the major components of the Cloud Range offering?
CLOUD RANGE: We are focused on providing SOC and incident response (IR) teams with the prescriptive, programmatic, hands-on training necessary to be ready for new threats and bridge any gaps, while proactively improving cyber readiness and measurably reducing cyber risk.
The product that really put us on the map is our live-fire team simulation missions for SOC and IR teams. These immersive cyberattack simulations enable security teams to work together – as a group, in specific roles – in an emulated environment to defend against the latest threats. Our FlexRange missions can be led by live instructors, so teams get real-time guidance, and security leaders get actionable feedback. Our customizable environments include the same industry-leading security tools that our customers use every day. We are constantly updating our library of IT, OT, and IT/OT cyberattack scenarios, and they map to the MITRE ATT&CK frameworks. Simulations include options for blue teams, red team vs blue team, capture the flag, and more.
Another major component is FlexLabs, with over 1,500 on-demand training lab exercises, certification prep SkillPaks, challenge labs, and skills assessments. Every lab maps to the industry-standard NICE Workforce Framework’s set of knowledge, skills, and abilities. Learning plans and courses can be prescribed and tracked in our Performance Portal.
Additionally, our new aptitude and candidate assessments optimize hiring and help address the cyber workforce shortage. Cloud Range products also include Tabletop 2.0 Next-Generation Exercises, custom cyber range platforms, and scenario design, development, and facilitation.
TAG Cyber: How does your solution help with recruiting and retention?
CLOUD RANGE: The first step is to make sure that people start off in the right seat with the potential to succeed. Not everyone is going to be good at penetration testing, for example. Different cyber roles use different parts of the brain. RightTrak Cyber Aptitude Assessments use various modules – like pattern recognition, spatial visualization, and more – to take the guesswork out of hiring cyber talent. Hiring managers can focus on candidates with the best cognitive fit for the job.
FastTrak Candidate Assessments give hiring managers details that go beyond resumes or certifications. Candidates are immersed into a role-based simulation, allowing the employer to see how they perform in a real, practical way. FastTrak also eliminates any bias in hiring, opening the doors for more diversity, equity, and inclusion in cybersecurity.
These assessments also help security leaders know how to best onboard new hires and build a training program for them to grow and move up the career ladder, which leads to greater retention.
Plus, our FlexRange missions and FlexLabs help with more than training – they improve the overall culture. Cloud Range experts work with security leaders to build customized team and individual training programs, including live-fire simulation missions and hands-on skills development courses. As our experts identify gaps or see opportunities for improvement, we communicate with security leaders and outline the next steps.
When people get to experience the training and development they need and want, they are more productive and more likely to stay longer. It’s a win-win.
TAG Cyber: Tell us more about how security operations staff benefit from engaging with Cloud Range.
CLOUD RANGE: Our training does more than train. Our one-of-a-kind cyber readiness solution improves communication, collaboration, problem-solving and more. It gives security team members and leaders confidence that they are better prepared to handle the next cyberattack.
And it’s fun! Teams love to be on the range and work together to figure out how to detect best and mitigate threats. It’s like being in an escape room – but digitally. They don’t know what they are searching for at first, so they have to follow the clues and work out what is happening and how to respond. It’s exhilarating.
Cloud Range also handles all the administrative work – the coordination, execution, and other details so the program is not adding to the noise, but reducing it.
Additionally, everything that happens is tracked and analyzed. Our reports demonstrate measurable improvement in a security team's ability to detect and respond to cyberattacks — which is what boards care about.
TAG Cyber: Can you share some insights into the future of cyber threats in the upcoming years?
CLOUD RANGE: Cyber threats are increasingly encompassing or directly targeting OT systems. Gartner predicts that, by 2025, cyber attackers will have weaponized OT environments to successfully harm or kill people. It’s crucial for organizations to proactively prepare for cyber threats and reduce their cyber risk. We are dealing with more than personal or sensitive data being lost – these new threats could lead to loss of life.
This interview and many other insightful articles are in TAG Cyber’s 2022 Security Annual - 4th Quarter, available for free download here.
About TAG Cyber
TAG Cyber is a trusted cyber security research analyst firm, providing unbiased industry insights and recommendations to security solution providers and Fortune 500 enterprises. Founded in 2016 by Dr. Edward Amoroso, former SVP/CSO of AT&T, the company bucks the trend of pay-for-play research by offering in-depth insights, market analysis, consulting, and personalized content based on thousands of engagements with clients and non-clients alike—all from a practitioner’s perspective.
Request a demo of Cloud Range’s people-focused solutions here.