Award winning cyber learning platform provides new features to improve training scalability, content access, and new learning exercises
According to CIO magazine, about 96% of organizations use cloud services in one way or another. In partnership with Microsoft, we are proud to announce that Circadence has redesigned its Project Ares cyber learning platform to fully leverage a cloud-native design on Microsoft Azure. This new, flexible architecture improves cyber training to be even more customized, scalable, accessible, and relevant for today’s professionals.
This transition to cloud infrastructure will yield immediate impacts to our current customers.
- Increased speeds to launch cyber learning battle rooms and missions
- Greater ability to onboard more trainees to the system from virtually any location
- More access to cyber training content that suits their security needs and professional development interests
Proven success at Microsoft Ignite
At the recent Microsoft Ignite conference (November 2019), more than 500 security professionals had the opportunity to use the enhanced platform. Conference participants set up CyberBridge accounts and then played customized battle rooms in Project Ares. Microsoft cloud-based Azure security solutions were integrated into the cloud-based cyber range to provide an immersive “cloud-in-cloud” sandboxed learning experience that realistically aligned to phases of a ransomware attack. The new version of Project Ares sustained weeklong intensive usage while delivering on performance.
So what’s new in the new and improved Project Ares?
Curriculum Access Controls for Tailored Cyber Learning
One of the biggest enhancements for Project Ares clients is that they can now control permissions for training exercises and solution access at the user level. Customer Administrators will use the new CyberBridge management portal to tailor access to Circadence training exercises for individual users or groups of users.
Single-sign-on through CyberBridge enables the alignment of training exercises to individuals based on their unique learning requirements including:
- Cyber skill-building exercises and complex missions within Project Ares for cyber professionals
- Cyber foundation learning with Cyber Essentials tools for the IT team
- Security awareness training with inCyt for general staff
Cyber Essential learning tools and the inCyt game for security awareness will be added to CyberBridge over the next several months. With the capability to pre-select training activities reflective of a company’s overall security strategy, enterprise security managers can call the shots.
“As the administrator, you now choose what curriculum content your team should have. “This provides more flexibility in cyber training for our customers in terms of what they can expose to their teams.” ~ Rajani Kutty, Senior Product Manager for CyberBridge at Circadence.
Greater Scalability and Performance in Cyber Training
With a cloud-native architecture design, Project Ares can support more simultaneous users on the platform than ever before. Project Ares can now handle over 1,000 concurrent users, a significant improvement over historical capacity of 200-250 concurrent users on the platform. The combination of content access control at the group or individual level and the increased scalability of Project Ares creates a solution that effectively spins up cyber ranges with built-in learning exercises for teams and enterprises of any size. Additionally, this means that no matter where a cyber learner is geographically, they can log on to Project Ares and access training quickly. We see this as similar to the scalability and accessibility of any large global content provider (e.g. Netflix)—in that users who have accounts can log in virtually anywhere in the world at multiple times and access their accounts.
Now that Project Ares can support a greater volume of users on the platform, activities like hosting cyber competitions and events for experts and aspiring security professionals can be done on-demand and at scale.
“We can train more people in cyber than ever before and that is so impactful when we remember the industry’s challenges in workforce gaps and skills deficiencies.” ~ Paul Ellis, Project Ares Senior Product Manager at Circadence
The previous design of Project Ares required placing users in “enclaves” or groups when they signed on to the system to ensure the content within could be loaded quickly without delay. Now, everyone can sign in at any time and have access to learning without loading delays. It doesn’t even matter if multiple people are accessing the same mission or battle room at the same time. Their individual experience loading and playing the exercise won’t be compromised because of increased user activity.
Other performance improvements made to this version of Project Ares include:
- Quicker download speeds of cyber exercises
- Use of less memory on user’s computers, and resulting longer battery life for users, thanks to lower CPU utilization.
- These behind-the-scenes improvements mean that training can happen quicker and learning, faster.
New Cyber Training Content
One new Mission and three new Battle Rooms will be deployed throughout the next few months on this new version of Project Ares.
- Mission 15, Operation Raging Mammoth, showcases how to protect against an Election attack
- Battle Rooms 19 and 20 feature Splunk Enterprise installation, configuration, and fundamentals
- Battle Room 21 teaches Powershell cmdlet (pronounced command-lets) basics
Mission 15 has been developed from many discussions about 2020 election security given past reports of Russian hacktivist groups interfering with the 2016 U.S. election. In Operation Raging Mammoth, users are tasked to monitor voting-related systems. In order to identify anomalies, players must first establish a baseline of normal activity and configurations. Any changes to administrator access or attempt to modify voter registration information must be quickly detected and reported to authorities. Like all Project Ares Missions, the exercise aligns with NIST/NICE work roles, specifically Cyber Defense Analyst, Cyber Defense Incident Responder, Threat/Warning analyst.
Battle Rooms 19 and 20 focuses on using Splunk software to assist IT and security teams to get the most out of their security tools by enabling log aggregation of event data from across an environment into a single repository of critical security insights. Teaching cyber pros how to configure and use this tool helps them identify issues faster so they can resolve them more efficiently to stop threats and attacks.
Battle Room 21 teaches cmdlet lightweight commands used in PowerShell. PowerShell is a command-line (CLI) scripting language developed by Microsoft to simplify automation and configuration management, consisting of a command-line shell and associated scripting language. With PowerShell, network analysts can obtain all the information they need to solve problems they detect in an environment. Microsoft notes that PowerShell also makes learning other programming languages like C# easier.
Embracing Cloud Capabilities for Continual Cyber Training
Circadence embraces all the capabilities the cloud provides and is pleased to launch the latest version of Project Ares that furthers our vision to provide sustainable, scalable, adaptable cyber training and learning opportunities to professionals so they can combat evolving threats in their workplace and in their personal lives.
As this upward trend in cloud utilization becomes ever-more prevalent, security teams of all sizes need to adapt their strategies to acknowledge the adoption of the cloud and train persistently in Project Ares. You can bet that as more people convene in the cloud, malicious hackers are not far behind them, looking for ways to exploit it. By continually innovating in Project Ares, we hope professionals all over the globe can better manage their networks in the cloud and protect them from attackers.
Students at Milam Elementary were learning about cyber security through a computer game, and they are also hearing from someone who helps fight cyber threats every day. The Cyber Day demonstration is sponsored by Circadence.
Not everyone gets into the holiday spirit, but whether or not your stockings are hung by the chimney with care, there are real world cyber grinches out there looking to steal holiday joy and sensitive data. The Financial Sector in particular is a high-profile target for hackers in the cyber industry year-round but the holiday season has historically attracted a larger quantity of cyber criminals who conduct attacks designed to steal money, social security numbers, addresses, and other sensitive information. The volume of e-commerce and e-banking transactions that occur during the holiday season provide ample opportunities for hostile actors to exploit financial institution networks. Specifically, “attacks on SWIFT—the leading global network for money and security transfers—alone cost $1.8 billion year-to-date” Forbes reports. To understand just how vulnerable banking and financial organizations are, let’s review the attacks that financial cyber teams should look out for and then discuss systemic solutions to safeguard finance networks, companies, and their stakeholders.
Financial institutions are susceptible to any of the following cyber attack types:
- Distributed Denial-of-Service Attacks (DDoS) – DDoS attacks are a weapon that has historically been leveraged against the financial sector. These attacks occur when multiple systems flood the resources of a single targeted system. One of the most historic DDoS attacks occurred back in 2012 when a whopping 6 banks in the US including Bank of America, JP Morgan Chase, U.S. Bancorp, Citigroup, and PNC Bank, were hit by a string of DDoS attacks. Each bank was hit with an unusually high volume of internet traffic, resulting in customers experiencing difficulty when logging into mobile banking apps. This form of malicious vandalism disrupted service and, like many DDoS attacks, acted as a political statement where the hackers sought to shed light on their perceptions of banking organizations. Past evidence has suggested that DDoS attacks actually increase as the holiday season approaches, as consumers are spending more and utilizing mobile banking more frequently. In fact, security firms report a 150% increase in DDos attacks between the summer months and the end of the year.
- Ransomware – Ransomware can be delivered through various online channels, including through phishing tactics and Remote Desktop Protocol (RDP). RDP allows computers to connect to each other across a network, so that remote users can gain access to various applications on virtual desktops. Cyber criminals may take advantage of financial institutions by deploying ransomware over the holiday season, at a time when stakeholders (aka consumers) may need increased access to funds for purchases. According to a report by TechTarget, most ransomware attacks typically occur during the holidays when network admins and other IT staff are spread thin.
- Web-Application Attacks – The expansion of online and digital services, including mobile apps, has increased the surface for web application attacks. A web application attack is just that – a hacker gains access to an app through a system vulnerability and is able to access sensitive information. For financial institutions, this relates to online banking, banking apps, and web applications that banks use such as SWIFT mentioned above. According to a report by Akamai, “Looking at the assorted web application attacks, the number of attacks on Christmas Day were comparable to Cyber Monday…this is likely due to the fact retailers want to track their Christmas sales more than any other day of the year, and web application developers end up including a lot more third-party scripts/content on their sites, and attackers take advantage of that.”
- Banking Trojans – Due to their popularity and high success rate, banking Trojans remain a weapon of choice for conducting malicious cyber attacks. These kinds of attacks involve redirecting traffic from a genuine app to a network the hacker has access to so that they can easily take sensitive information. Tactics used by hostile cyber actors to deliver banking Trojans continue to evolve, adapting to and implementing any technique that can effectively take advantage of a user. In 2017, the Panda Banking Trojan was observed focusing on non-banking targets using an extensive list of injects clearly designed to capitalize on holiday shopping and activities. Similarly, in 2017, the Ramnit Banking Trojan was extremely active during the holiday season, targeting some of the largest banks and retail e-commerce sites in the world. Both of these trojans continue to reappear each year, targeting financial institutions and their customers.
Systemic Cyber Readiness Solutions for Financial Services
- Expand your view of cyber risk – A cyber attack doesn’t just mean data is compromised the implications are much deeper than that. You may need to shut down systems during recovery, you might lose existing customers, get a bad reputation, or see a decline in new customer acquisition. A deeper understanding of how a cybersecurity event could impact your financial institution will help you better understand what’s at stake and in turn, take action to better protect your company.
- Proactive cyber learning and training – Hackers are doing their research and implementing attacks using new technologies and strategies every day. Practicing proactive cyber learning to understand the latest cyber threats safeguard your business.
- Calculate capital – According to the Deloitte Insights Global Risk Management Survey, most financial institutions calculate economic capital for their financial risks, but only 16% calculate how much capital will be needed to support a cyber security incident. An accurate calculation of how much you may need to recover, both in real and unrecognized revenue, will help you better prepare for looming threats.
Don’t let your financial institution fall victim to a holiday hack. Utilize persistent, hands-on, gamified cyber training to put your cyber teams on the front lines of defense. Circadence’s flagship product, Project Ares, ensures higher user engagement and learning retention through the use of cyber ranges. Project Ares utilizes a library of mission scenarios with specific skill-based learning to accurately measure skills and performance, such as:
- Operation Wounded Bear – This mission is specifically designed to teach users how to protect a financial institution by identifying and removing malware responsible for identity theft and protecting the network from further infections. Users learn intrusion detection, basic malware analysis, and infection containment and eradication.
- Operation Crimson Wolf – Crimson Wolf teaches users to stop a ransomware attack from spreading and infecting other boxes in the network. They learn computer network defense, incident response management, data forensics and handling, and so much more.
- Operation Bold Hermit – As a cyber operator, users defend against web attacks by identifying reconnaissance activity and beacons inside a network and locate the attack vector. Users build skills including network management, infrastructure design, and hacking methodologies.
These missions and more cyber learning activities in Project Ares allow users to gain insight into real-world attack scenarios pertinent to their industry in a safe learning environment. These specific mission scenarios can help to keep financial institutions at the front lines of cyber defense over the holidays and year-round. Just like the grinch’s heart, you can grow your cyber defense to stay happy year-round! To learn more about what Project Ares can do for you, visit www.circadence.com.
Ever wondered about the people behind Project Ares’ development? How does Circadence identify and develop learning curriculum material to benefit today’s cyber professionals? The crux of the strategy stems from the talents within our own Circadence family and is the driving force behind this “Living our Mission” article. We are sharing the unique talents of Megan Daudelin, Team Lead of Curriculum Development for our flagship gamified learning platform, Project Ares. While one might expect that a cyber background is critical to any tech-focused role in a security company, Megan would argue that having a strong understanding of learning theories, experience teaching cyber subjects, and placing oneself in the customer’s shoes equally weigh in importance to successfully build rich cyber curriculum into our products.
Blending Forensics, Hospital Security, and Cyber Education
Megan has a rich history in the cyber security industry, which started after she graduated with her bachelor’s degree, and continued as she worked full time while completing her Master’s in Digital Forensics Management from Champlain College. Prior to Circadence, she served as a Digital Forensic Analyst at ManTech and Information Security Content Analyst at Tenable Network Security. She also worked as a Network Security Analyst at New London Hospital between her stints at ManTech and Tenable, monitoring networks and medical devices in accordance with HIPPA. Those experiences helped her learn the importance of understanding an end-user’s behavior to identify and investigate digital evidence.
Her career as a digital forensic analyst revolved around gathering and interpreting data. She recalls a previous job where she was responsible for writing up a narrative around a customer by referencing only the information available in a customer’s device. She would get a sense of the day-to-day digital life the user led to understand who and how that person was using the technology.
“That’s the part I liked, taking a vast amount of information and drawing the lines through the ‘dust cloud’ of data to figure out the connections between everything and turn the ‘cloud’ into a digestible amount of information.”
As Megan embraced new skill acquisition on the job, she grew to appreciate how problem-solving played a critical role in managing threats for her employers and their customers.
It was her passion for identifying the tools and techniques that best helped harden security posture that led her back to the classroom as an Adjunct Professor at her alma mater, Champlain College, to help groom the next generation of cyber professionals. Her professional experience across multiple disciplines in cyber, from digital forensics to network security to ethical hacking and incident response, allows her to teach courses on a variety of cybersecurity disciplines—a job she still does today.
Using Teaching to Inform Cyber Learning in Project Ares
Over the last two years, Megan has taken her love for teaching and applied it directly to the innovation within Project Ares. She is able to see how her students learn best whether through direct, hands-on experiences or learning from peers, and she applies those observations within a customer’s experience in the platform. All of this comes with the understanding that she must remember not to get “too deep” into one thought pattern, to maintain the “10,000 foot view” as she puts it, so that she can build cyber learning curriculum that is cross-disciplinary and cross-functional.
Megan put her cyber and teaching skills to the ultimate test at the Microsoft Ignite “Into the Breach” cyber defense experience in November 2019. She helped design six custom-built Battle Rooms in Project Ares that were used in a competition-style activity among event registrants. The battle rooms provided a gamified learning approach to teach cyber professionals about Microsoft Security Tools. Megan used the Project Ares virtual environments to create a hands-on, experiential learning activity that focused on problem-solving using Microsoft tools. By adopting the end-user’s perspective, she was able to help the players through the maze from the home page of the Project Ares interface down to the data they were looking for to find the answers they needed.
“It was quite the adventure learning all these new security solutions and organizing them into a cohesive storyline. We weren’t asking independent questions to teach TTPs in a silo. Instead, we were walking the players through a single attack pattern. The narrative was knit together so that they could understand that the tasks in the Battle Rooms were related to the progressive arc of a full-scope attack and there were different points along the kill chain where the Microsoft tools could help to identify, analyze, and respond.”
As Megan works hard to build learning curriculum into Project Ares, she can’t help but think about what lies ahead for the cyber security industry.
“I hope the prioritization of training and education continues to increase; I hope the prioritization of security as a pillar of someone’s organization continues to get recognition. I think we’re coming out of a phase where organizations felt that they could just ignore the elephant that’s stomping around their data center.
I’m hopeful we’re moving into a time that people are becoming more aware of their organization’s digital activity online…. not just in a check-the-box periodic program kind of way, but in the sense that cyber security readiness and training has ongoing funding and cross-function collaboration. The industry is moving toward recognition that this is where priorities lie.”
It is this kind of forward-thinking mindset in employees that helps Circadence deliver state-of-the-art products and we are incredibly proud to have Megan within the Circadence family!
After serving in the Coast Guard and learning IT, Matt Surprenant applied his technical abilities to the academic community, building out cyber ranges for students to practice their tradecraft in virtual environments. Managing virtual labs for 250-500 students wasn’t an easy job by any means, but it certainly gave him invaluable insight into how learning occurs to best train today’s cyber enthusiasts (tomorrow’s frontline defenders).
“At Champlain I grew from a student at the Helpdesk, to deploying software in physical labs, to managing virtual labs. After spending a decade at Champlain College, enjoying the collegiate atmosphere working and learning, I transitioned from creating virtual computing environments at Champlain to virtual ranges at Circadence.”
For more than 11 years at Champlain, Matt performed many cyber roles (help desk technician, imaging applications analyst, and academic service administrator) that informed his understanding of opportunities for innovation, and what is needed to train the next generation of cyber professionals. He was able to take that experience and apply it at Circadence for enterprises looking to embrace modern ways to train their own cyber teams and harden security strategies.
Creating Space for Productive Cyber Learning
For the past three years, Matt has been responsible for constructing Battle Rooms within Project Ares. Battle Rooms are the training simulation environments where users learn the tools, tactics, and procedures of cybersecurity before entering the next “level” of activities in Project Ares called Missions. Battle Rooms allow users to train and hone their skills before entering a simulated scenario environment with multiple components, narrative backstory, and where deeper application of skill comes into play.
Currently, Matt manages the logistics for Battle Room development, guiding his team on project priorities week-by-week and acting as a liaison for the Content / Cyber Curriculum Team. Alongside the Curriculum team, he works to determine what the training outcomes are in each of the Battle Rooms. On the technical side of Project Ares, Matt ensures that the automation of environments and the logistics are working correctly. He enjoys developing content that guides a player along a cyber learning pathway, so they learn multiple skills from performing reconnaissance to enumerating networks. The Battle Rooms are particularly fun for him to build out because he sees them as “small spaces that teach specific concepts” and help inform a cyber work role a player might want to learn more about.
Since Project Ares’ debut, customers have greatly informed the kinds of Battle Rooms Circadence develops. After all, it is about the customer having the ability to train according to their specific cyber needs, so this strategy works out well for team members like Matt.
“I’ve really enjoyed developing the CTF (Capture the Flag) content for our customers. The customer gave us a walkthrough of their expectations, showed us some pre-made content, and shared ideas of how to configure the different pieces of technology. We [the BR team] worked up a functional configuration and validated playthrough based on our understanding of the customer’s expectations. It was incredible to see how successful the team could be playing to each other’s strengths in order to meet a customer’s request. The icing on the cake was that the content was very well received by the customer.”
Observations from Microsoft Ignite
Matt was able to lend his cyber expertise at the Microsoft Ignite “Into the Breach” cyber defense experience in November 2019. Five custom-built Battle Rooms in Project Ares were used in a competition-style activity among event registrants. The battle rooms provided a gamified learning approach to teach cyber professionals about Microsoft Security Tools.
“I was really excited to see how well the content in the Battle Rooms blended into the background as the purpose of the event was really to introduce registrants to Microsoft Security tools using a gamified environment.”
Matt noticed registrants were curious to understand how to use these cyber tools in their own profession. The capability for Project Ares to deliver this educational experience to end-users, Matt reflects, was a huge benefit to see how learning unfolded.
Advice for the Next Generation of Cyber Professionals
“Trust but verify.” Those are the simple words Matt says he would tell any aspiring young professional interested in entering the field of cybersecurity.
“It seems like a simple statement, but I’ve found many security professionals don’t necessarily practice what they preach. Develop personal habits that help you professionally. A simple one is to constantly validate or fact-find when you’re told something. Ask questions! Does that update process actually work as you think it should? Should that application actually make web requests? Develop an inquisitive nature that will allow you to bolster claims with factual findings.”
For Matt, that inquisitive mindset occurred in high school when he found system administration was an interesting discipline.
“I started a high school club where one day a week we would “re-image” a writing computer lab with images that had games pre-installed and have a “LAN (local area network) party”. Club members (mostly my friends) would get together and play video games on the freshly reconfigured computers for a couple of hours. At the end of the event, we would reset the lab back to a writing lab. Sometimes there were minor hiccups that users (other students) would run into afterward. I enjoyed helping those users fix the issue, but I also enjoyed identifying how we could make it better next time we re-imaged the lab. That’s kind of what information/cybersecurity is for me – identifying weaknesses in configuration, policy, or procedure and making a change to mitigate that weakness.”
It is that kind of curious approach to building cyber learning into our products that helps Circadence deliver state-of-the-art learning tools today. We are incredibly proud to have Matt as part of the Circadence family!
As state and local governments shift operations to the cloud, it is more important than ever to stay on the front lines of cyber defense as cyber pros figure out how to secure cloud-based applications being used by employees.
Speaker Wade Walters will discuss:
- Why government agencies are adopting cloud computing
- What security challenges governments face when shifting to the cloud
- Top security strategies to consider to encourage persistent cyber skills development
What You’ll Learn
- Why cloud-based training is the future of cyber learning for government security professionals
- How the cloud shift will impact cybersecurity in the government sector
- How leveraging Project Ares in the cloud scales departmental security training
Who Should Attend?
Government sector cyber professionals, defenders, and team managers/leaders looking to embrace cloud-based cyber training to prepare against threats that emerge from rapid adoption of the cloud.
The dynamic world of cyber security is prompting a new shift in focus for security execs and frontline defenders as we head into a new year in 2020. Given the rapid pace by which enterprises have adopted Cloud computing services to improve operations, the frequency of threats and attack methods, and the widening skills gap facing many industries, we expect 2020 will finally be the Year of Preparedness & Cyber Proactivity—from the CISO, to the Director of Risk Management, to the Network Analyst professional—and we’ll tell you why.
A recent report from ICS2 noted that the cyber security industry now faces an estimated shortfall of 4.07 million cyber professionals. In the U.S. alone, the industry is expected to have more than 490,000 unfilled cyber positions in the coming years. While the great debate continues as to whether we really have a “skills gap” problem or if we need to loosen the reins on job requirements and lower candidate qualification expectations, one thing is for sure—today’s (and tomorrow’s) cyber professionals will need help in combatting imminent threats to harden cyber security in 2020. To facilitate their preparedness strategy, we envision proactive tools and resources will become more mainstream to help professionals do their jobs with greater efficiency leveraging automation, to support expanding security provisions, compliance requirements, and minimize the widening attack surfaces.
Automation will become the preferred way to support security operations
Whether a security manager has 1,000 defenders on their cyber team or one, automating certain administrative tasks for these individuals will be a goal focus in 2020. Directors, managers and cyber team leads understand that threats are getting so sophisticated that network defenders and security analysts need as much help as possible.
Our own Battle Room Design Team Lead Matt Suprenant anticipates enterprises will be finding ways to “automate responses to detections” observing at the Microsoft Ignite event in Nov. 2019 that Microsoft toolsets on display were designed with automation in mind.
“As we think about the future of cyber, we will see a combination of things start working together as we learn more about AI, SOAR, and other mechanisms by which we can augment today’s workforce.” ~ Battle Room Design Team Lead, Matt Suprenant
Cloud adoption will be growing across all security sectors
In 2019, we predicted more enterprises would shift to the cloud for a more seamless and elastic security experience. Reports indicate that about 90% of businesses today are using the cloud to conduct operations from simple file storage to sales transactions in the cloud. So what’s next? Security divisions will be leveraging the cloud to train their professionals on the latest cyber threats and attacks in 2020. Cyber training in the cloud will likely become one of the new ways Cloud computing will be leveraged in 2020 since teams need persistent and always-on access to training (moving away from the one-and-done on-site classroom-based training offerings of today). The future of cyber training will occur in the cloud.
Don’t believe us? Hear the benefits of training in the Cloud in our webinar.
Renewed focus on security awareness training for all employees
Human resource managers and risk and compliance managers will work more closely together to design their own security training programs to nurture incoming talent and existing staff. Another cyber security prediction in 2020 will indeed be around this topic, as HR managers and Risk and Compliance managers identify new ways to educate all employees (not just the IT staff) on cyber risks, attack methods, and how to spot suspicious emails (phishing attacks), links, website, and other digital assets related to endpoint security.
“I hope the prioritization of training and education continues to increase; I hope the prioritization of security as a pillar of someone’s organization continues to get recognition. I think we’re coming out of a phase where organization’s felt that could just ignore the elephant that’s stomping around their data center. I’m hopeful we’re moving into this position that people are being more generally aware [of their digital activity online], not just on paper, but that [cyber security readiness and training] needs funding and collaboration…The industry is moving toward recognition that this is where priorities lie.” ~ Megan Daudelin, Team Lead, Curriculum Development
Election Security will dominate discussions
Years ago, ballot fidelity was the issue to solve but now, election security is the hot ticket item to address in cyber security in 2020. The breadth and diversity of counties means election security isn’t managed the same way, putting all elections at greater risk of interference. Russian cyber criminals have been able to gain access to voting systems around the country, most notably in the 2016 election. As we head into an election year, election security pros will be understanding vulnerabilities in voting machines and (ideally) replacing such machines using congressional funds, which granted $380 million to upgrade old voting systems.
We also anticipate both election volunteers and frontline election security tally monitors and processors will desire more cyber training and education to ensure they’re doing their part to stay vigilant against any suspicious activity that comes in their purview.
Increased Attacks on IT/OT automated systems, state local governments
Municipal ransomware attacks on cities was a big occurrence in 2019 and we don’t envision it’s going to stop in 2020. A CNN news article reported that over 140 local governments, police stations and hospitals were held hostage by ransomware attacks in 2019. As more entities run by and are funded/informed by state and local government organizations, automated operations of network security will be more prevalent to streamline workforces and workloads, thus, increasing the chances of cyber attacks occurring on those systems. To prevent data breaches and make cyber readiness a top priority, live fire cyber exercises will be leveraged to bring together cyber security experts across departments and teams, divisions and functional areas of critical infrastructure and government operations.
We will continue to see a rise in targeted ransomware attacks, especially against small to medium size public entities like utilities, governments, and hospitals. Too many are just paying the ransom because it is far cheaper to do that than fix it, even if you have backups. ~ Paul Ellis, Senior Product Manager
What do we do to harden cyber security in 2020?
Educate, educate, educate. Train. Train. Train.
That is our recommendation for security leaders, managers, and frontline defenders who are heading into 2020 trying their best to anticipate the next threat vector or patch a vulnerability.
The more companies can educate their non-technical staff about cyber issues and suspicious activity while IT teams and security divisions regularly train/upskill their defenders the better off enterprises will be.
It’s important to remember that cyber security in 2020 and beyond is not a “do this thing and you’re secure” effort. Cyber security and hardening posture is a JOURNEY, not to be taken lightly or without concern.
For enterprise security teams who want to understand more about how Project Ares can support cyber learning in mission scenarios that address election security, ICS/SCADA systems, and experience learning against automated adversaries in the Cloud, schedule a demonstration of Project Ares today.
For HR managers and Risk and Compliance directors seeking ways to implement a company-wide security awareness training program using gamification, check out our inCyt platform (Available soon).
Circadence’s Keenan Skelly talks to Fifth Domain about the challenges an organization faces when training their workforce about cybersecurity.