Living our Mission Blog Series: Connecting the Dots – Academic Virtual Labs, Microsoft Ignite, and Battle Room Design from Circadence’s Matt Surprenant

Reading Time: 4 minutes

After serving in the Coast Guard and learning IT, Matt Surprenant applied his technical abilities to the academic community, building out cyber ranges for students to practice their tradecraft in virtual environments. Managing virtual labs for 250-500 students wasn’t an easy job by any means, but it certainly gave him invaluable insight into how learning occurs to best train today’s cyber enthusiasts (tomorrow’s frontline defenders).   

At Champlain I grew from a student at the Helpdesk, to deploying software in physical labs, to managing virtual labs. After spending a decade at Champlain College, enjoying the collegiate atmosphere working and learning, I transitioned from creating virtual computing environments at Champlain to virtual ranges at Circadence.  

For more than 11 years at Champlain, Matt performed many cyber roles (help desk technician, imaging applications analyst, and academic service administrator) that informed his understanding of opportunities for innovation, and what is needed to train the next generation of cyber professionals. He was able to take that experience and apply it at Circadence for enterprises looking to embrace modern ways to train their own cyber teams and harden security strategies.

Creating Space for Productive Cyber Learning  

For the past three years, Matt has been responsible for constructing Battle Rooms within Project Ares. Battle Rooms are the training simulation environments where users learn the tools, tactics, and procedures of cybersecurity before entering the next “level” of activities in Project Ares called Missions.  Battle Rooms allow users to train and hone their skills before entering a simulated scenario environment with multiple components, narrative backstory, and where deeper application of skill comes into play.  

Currently, Matt manages the logistics for Battle Room development, guiding his team on project priorities week-by-week and acting as a liaison for the Content / Cyber Curriculum Team. Alongside the Curriculum team, he works to determine what the training outcomes are in each of the Battle Rooms. On the technical side of Project Ares, Matt ensures that the automation of environments and the logistics are working correctly. He enjoys developing content that guides a player along a cyber learning pathway, so they learn multiple skills from performing reconnaissance to enumerating networks. The Battle Rooms are particularly fun for him to build out because he sees them as “small spaces that teach specific concepts” and help inform a cyber work role a player might want to learn more about.  

 Since Project Ares’ debut, customers have greatly informed the kinds of Battle Rooms Circadence develops. After all, it is about the customer having the ability to train according to their specific cyber needs, so this strategy works out well for team members like Matt.  

 “I’ve really enjoyed developing the CTF (Capture the Flag) content for our customers. The customer gave us a walkthrough of their expectations, showed us some pre-made content, and shared ideas of how to configure the different pieces of technology. We [the BR team] worked up a functional configuration and validated playthrough based on our understanding of the customer’s expectations. It was incredible to see how successful the team could be playing to each other’s strengths in order to meet a customer’s request. The icing on the cake was that the content was very well received by the customer.” 

Observations from Microsoft Ignite  

Matt was able to lend his cyber expertise at the Microsoft Ignite “Into the Breach” cyber defense experience in November 2019. Five custom-built Battle Rooms in Project Ares were used in a competition-style activity among event registrants. The battle rooms provided a gamified learning approach to teach cyber professionals about Microsoft Security Tools.
 

“I was really excited to see how well the content in the Battle Rooms blended into the background as the purpose of the event was really to introduce registrants to Microsoft Security tools using a gamified environment.”  

Matt noticed registrants were curious to understand how to use these cyber tools in their own profession. The capability for Project Ares to deliver this educational experience to end-users, Matt reflects, was a huge benefit to see how learning unfolded.  

Advice for the Next Generation of Cyber Professionals  

“Trust but verify.” Those are the simple words Matt says he would tell any aspiring young professional interested in entering the field of cybersecurity.  

It seems like a simple statement, but I’ve found many security professionals don’t necessarily practice what they preach. Develop personal habits that help you professionally. A simple one is to constantly validate or fact-find when you’re told something. Ask questions! Does that update process actually work as you think it should? Should that application actually make web requests? Develop an inquisitive nature that will allow you to bolster claims with factual findings. 

For Matt, that inquisitive mindset occurred in high school when he found system administration was an interesting discipline.  

I started a high school club where one day a week we would “re-image” a writing computer lab with images that had games pre-installed and have a “LAN (local area network) party”. Club members (mostly my friends) would get together and play video games on the freshly reconfigured computers for a couple of hours. At the end of the event, we would reset the lab back to a writing lab. Sometimes there were minor hiccups that users (other students) would run into afterward. I enjoyed helping those users fix the issue, but I also enjoyed identifying how we could make it better next time we re-imaged the lab. That’s kind of what information/cybersecurity is for me – identifying weaknesses in configuration, policy, or procedure and making a change to mitigate that weakness. 

It is that kind of curious approach to building cyber learning into our products that helps Circadence deliver state-of-the-art learning tools today.  We are incredibly proud to have Matt as part of the Circadence family!   

On-demand Webinar – The Future of Cyber Learning: Cloud-Based Training

Reading Time: 1 minute

As state and local governments shift operations to the cloud, it is more important than ever to stay on the front lines of cyber defense as cyber pros figure out how to secure cloud-based applications being used by employees.

Speaker Wade Walters will discuss:

  • Why government agencies are adopting cloud computing
  • What security challenges governments face when shifting to the cloud
  • Top security strategies to consider to encourage persistent cyber skills development

What You’ll Learn

  • Why cloud-based training is the future of cyber learning for government security professionals
  • How the cloud shift will impact cybersecurity in the government sector
  • How leveraging Project Ares in the cloud scales departmental security training

Who Should Attend?

Government sector cyber professionals, defenders, and team managers/leaders looking to embrace cloud-based cyber training to prepare against threats that emerge from rapid adoption of the cloud.

Predictions for Cyber Security in 2020

Reading Time: 5 minutes

The dynamic world of cyber security is prompting a new shift in focus for security execs and frontline defenders as we head into a new year in 2020. Given the rapid pace by which enterprises have adopted Cloud computing services to improve operations, the frequency of threats and attack methods, and the widening skills gap facing many industries, we expect 2020 will finally be the Year of Preparedness & Cyber Proactivity—from the CISO, to the Director of Risk Management, to the Network Analyst professional—and we’ll tell you why.

A recent report from ICS2 noted that the cyber security industry now faces an estimated shortfall of 4.07 million cyber professionals. In the U.S. alone, the industry is expected to have more than 490,000 unfilled cyber positions in the coming years. While the great debate continues as to whether we really have a “skills gap” problem or if we need to loosen the reins on job requirements and lower candidate qualification expectations, one thing is for sure—today’s (and tomorrow’s) cyber professionals will need help in combatting imminent threats to harden cyber security in 2020. To facilitate their preparedness strategy, we envision proactive tools and resources will become more mainstream to help professionals do their jobs with greater efficiency leveraging automation, to support expanding security provisions, compliance requirements, and minimize the widening attack surfaces.

Automation will become the preferred way to support security operations

Whether a security manager has 1,000 defenders on their cyber team or one, automating certain administrative tasks for these individuals will be a goal focus in 2020. Directors, managers and cyber team leads understand that threats are getting so sophisticated that network defenders and security analysts need as much help as possible.

Our own Battle Room Design Team Lead Matt Suprenant anticipates enterprises will be finding ways to “automate responses to detections” observing at the Microsoft Ignite event in Nov. 2019 that Microsoft toolsets on display were designed with automation in mind.

“As we think about the future of cyber, we will see a combination of things start working together as we learn more about AI, SOAR, and other mechanisms by which we can augment today’s workforce.” ~ Battle Room Design Team Lead, Matt Suprenant

Cloud adoption will be growing across all security sectors

In 2019, we predicted more enterprises would shift to the cloud for a more seamless and elastic security experience. Reports indicate that about 90% of businesses today are using the cloud to conduct operations from simple file storage to sales transactions in the cloud. So what’s next? Security divisions will be leveraging the cloud to train their professionals on the latest cyber threats and attacks in 2020. Cyber training in the cloud will likely become one of the new ways Cloud computing will be leveraged in 2020 since teams need persistent and always-on access to training (moving away from the one-and-done on-site classroom-based training offerings of today). The future of cyber training will occur in the cloud.

Don’t believe us? Hear the benefits of training in the Cloud in our webinar.

Renewed focus on security awareness training for all employees

Human resource managers and risk and compliance managers will work more closely together to design their own security training programs to nurture incoming talent and existing staff. Another cyber security prediction in 2020 will indeed be around this topic, as HR managers and Risk and Compliance managers identify new ways to educate all employees (not just the IT staff) on cyber risks, attack methods, and how to spot suspicious emails (phishing attacks), links, website, and other digital assets related to endpoint security.

“I hope the prioritization of training and education continues to increase; I hope the prioritization of security as a pillar of someone’s organization continues to get recognition. I think we’re coming out of a phase where organization’s felt that could just ignore the elephant that’s stomping around their data center. I’m hopeful we’re moving into this position that people are being more generally aware [of their digital activity online], not just on paper, but that [cyber security readiness and training] needs funding and collaboration…The industry is moving toward recognition that this is where priorities lie.” ~ Megan Daudelin, Team Lead, Curriculum Development

Election Security will dominate discussions

Years ago, ballot fidelity was the issue to solve but now, election security is the hot ticket item to address in cyber security in 2020. The breadth and diversity of counties means election security isn’t managed the same way, putting all elections at greater risk of interference. Russian cyber criminals have been able to gain access to voting systems around the country, most notably in the 2016 election. As we head into an election year, election security pros will be understanding vulnerabilities in voting machines and (ideally) replacing such machines using congressional funds, which granted $380 million to upgrade old voting systems.

We also anticipate both election volunteers and frontline election security tally monitors and processors will desire more cyber training and education to ensure they’re doing their part to stay vigilant against any suspicious activity that comes in their purview.

Increased Attacks on IT/OT automated systems, state local governments

Municipal ransomware attacks on cities was a big occurrence in 2019 and we don’t envision it’s going to stop in 2020. A CNN news article reported that over 140 local governments, police stations and hospitals were held hostage by ransomware attacks in 2019. As more entities run by and are funded/informed by state and local government organizations, automated operations of network security will be more prevalent to streamline workforces and workloads, thus, increasing the chances of cyber attacks occurring on those systems. To prevent data breaches and make cyber readiness a top priority, live fire cyber exercises will be leveraged to bring together cyber security experts across departments and teams, divisions and functional areas of critical infrastructure and government operations.

We will continue to see a rise in targeted ransomware attacks, especially against small to medium size public entities like utilities, governments, and hospitals. Too many are just paying the ransom because it is far cheaper to do that than fix it, even if you have backups. ~ Paul Ellis, Senior Product Manager

What do we do to harden cyber security in 2020?

Educate, educate, educate. Train. Train. Train.

That is our recommendation for security leaders, managers, and frontline defenders who are heading into 2020 trying their best to anticipate the next threat vector or patch a vulnerability.

The more companies can educate their non-technical staff about cyber issues and suspicious activity while IT teams and security divisions regularly train/upskill their defenders the better off enterprises will be.

It’s important to remember that cyber security in 2020 and beyond is not a “do this thing and you’re secure” effort. Cyber security and hardening posture is a JOURNEY, not to be taken lightly or without concern.

For enterprise security teams who want to understand more about how Project Ares can support cyber learning in mission scenarios that address election security, ICS/SCADA systems, and experience learning against automated adversaries in the Cloud, schedule a demonstration of Project Ares today.

For HR managers and Risk and Compliance directors seeking ways to implement a company-wide security awareness training program using gamification, check out our inCyt platform (Available soon).

 

Photo by Ramón Salinero on Unsplash
Photo by Shahadat Rahman on Unsplash

Rethinking cyber learning—consider gamification

Reading Time: 1 minute

This post originally appeared on Microsoft’s Security Blog, authored by Mark McIntyre, Executive Security Advisor, Enterprise Cybersecurity Group

Cyber Monday and Black Friday Cyber Security Safety Tips to Prevent Holiday Hacks  

Reading Time: 3 minutes

If you’re anything like me, you get really excited when the holidays roll around. The music is cheerful (the Hallmark Channel is on 24/7–high five!), the fireplace is roaring, and I can curl up with my blanket and mobile phone to SHOP ONLINE (of course). Ah, the spirit of the holidays…But the bah humbug part about the scene I’ve just set, is I’m not the only one feeling “festive.” Cybercriminals LOVE when surges in online shopping occur because people are looking for the best deals on gifts, bargain hunting, and planning for the biggest online shopping days of the year: Black Friday and Cyber Monday. This means adversaries can more easily manipulate our holiday spirits with cyberattack methods like phishing and social engineering, credit card fraud, and more.

So while you prepare your winter festivities and “add to cart,” consider these 12 tips to keep your “digital dwelling” safe and warm during Cyber Monday and Black Friday, especially.

Shop from websites you know and trust. 

Don’t click on those flashy “hot deals” that are likely too good to be true. Scammers deliver ads based on your interests, offering sweet discounts or great deals to get the click. Now is NOT the time to experiment with new retail websites and apps.

Don’t go “public.” 

Avoid public Wi-Fi when using the Internet, especially when accessing sensitive data like your bank account balance or emails. Your personal information isn’t a “gift” you want to give a hacker this holiday season.

Update your operating systems. 

With a little more downtime during the holidays, take a merry minute to keep your operating systems as current as possible. This also goes for apps on your phone.

Refresh your passwords.

Enter into the New Year with stronger, more secure passwords—something that will keep a criminal out of your personal property and prevent identity theft. Things like symbols and numbers to replace letters add a layer of complexity that make passwords harder to crack. Consider using a password manager to store all your different passwords so you don’t forget them!

To ensure you are protected from any precocious cyber predator, check our security awareness game inCyt, a fun way to learn cyber concepts and attack methods while cozying up on your couch with a hot toddy. You can practice proactive cyber readiness during the holidays—and year-round with this sweet resource. 

Don’t click on suspicious links. 

Scammers, like the Grinch, will impersonate real online retailers and stores to get you to open an email and click on links while you are holiday shopping. Don’t! This phishing email tactic opens the door for them to install malware on your computer and before you know it, your data is stolen and compromised.

Look for the lock. 

Secure websites will often have a lock icon in the browser address bar to indicate it is a secure connection.

Get creative with security questions. 

Your mother’s maiden name or favorite food can most likely be found online somewhere, so try getting creative with your security questions to access your accounts. Choose a motto you live by perhaps or choose an answer to a question that is completely opposite of what you would select.

Watch your bank and card activity.

Hackers can see your financial activity when you’re sleeping and when you’re awake if you’re not careful. Diligently monitor your bank account, online transactions, and card activity and notify your financial services provider if you observe any suspicious activity.

Disable auto-connect.

Some devices will auto-connect to available wireless networks. Ensure you are only connected to wireless and Bluetooth networks when devices are in use or about to be used. Unknowingly being connected is the opportune time for hackers to cause damage right under your nose.

Store devices when away. 

If you’re a busy traveler, criminals seek out meal times to check hotel rooms for unattended laptops and mobile devices. Be especially wary when attending conferences or trade shows as guest networks tend to be more vulnerable to attacks (and allows hackers to access lots of data from lots of people, who are all in one convenient location).

Activate double authentication. 

If you haven’t done so already, ensure all your apps have a double authentication factor so every time someone tries to log in to your online account, they need a code or key that is texted to your phone or sent to your email to gain access. That makes unintended access to things like social media accounts more difficult for cybercriminals.

Practice persistent protection.

Hackers aren’t just looking to exploit individual data, they also target businesses knowing many take extra time off this time of year to spend with loved ones. Ensure your company has a strong cybersecurity response plan in place and key members of your threat intelligence, analysis, and fraud teams are consistently practicing responding to threat scenarios. Our Project Ares platform runs on Microsoft Azure, so professionals can practice cyber offense and defense from anywhere, at any time on a gamified cyber range.

It’s important to practice safe online behavior all year-round but the holidays bring about an extra level of digital activity hackers love to exploit. Make sure you are taking proactive measures to ensure you are having the most wonderful online shopping day of the year—and cybercriminals aren’t.