No one would knowingly fly with a pilot that’s never practiced an emergency landing, yet the equivalent scenario is the norm in Security Operations Centers (SOCs) worldwide. Widespread access to cyber ranges – the cybersecurity version of a flight simulator – is helping to change that by enabling incident responders to practice dealing with cyber emergencies before they encounter one on the job. As we help our corporate and university partners build and launch cyber ranges, one of the most important lessons we’ve learned is that cyber defense is a team sport, yet few SOC teams are trained to work as a cohesive team.
The good news is it’s a fixable problem. For a variety of reasons, teamwork isn’t yet ingrained in the culture of incident response, but it needs to be. Responding to major cyber incident requires the combined knowledge and skill sets of multiple people in a variety of roles to work together, operating multiple cyber tools and working off of the same organizational playbooks. When it comes to cyberattacks, practice will never make perfect, but it does make ‘prepared,’ and teaches people to work together. Cyber range training is still new, but here’s what we’re seeing as emerging best practices for team training – who should be trained, on what, why, and how often:
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.