New Year, New Threats: Top Cyber Threats Anticipated to Hit Big in 2020 for Enterprise Companies

Reading Time: 3 minutes

As we enter the New Year, one thing is certain: cyber attacks aren’t going anywhere. Enterprise companies have been tasked with defending their networks from unyielding cyber crooks who want a piece of the pie for themselves. What’s on the horizon for enterprise security threats in 2020? We’ve got a few predictions.

  • DeepFakes

    Deep Fake technology can create fake but incredibly realistic images, text, and videos. Computers can rapidly process numerous facial biometrics, and mathematically build or classify human features, to mimic a person or group of individuals for public manipulation. Bloomberg reports the tech is becoming so sophisticated, detecting a DeepFake video from a real one, is getting harder and harder to differentiate for viewers.

    While the technical benefits are impressive, underlying flaws inherent in all types of Deep Fake models represent a rapidly growing security weakness, which cyber criminals will exploit. It will be critical for businesses to understand the security risks presented by facial recognition and other biometric systems and educate themselves on the risks as well as hardening systems that require/use facial recognition.

  • API and Cloud vulnerabilities 

    An application programming interface (API) is an interface or communication protocol between different parts of a computer program intended to simplify the implementation and maintenance of software. APIs are an essential tool in cloud environments, acting as a service gateway to enable direct and indirect cloud software and infrastructure services to cloud users.

    A recent study showed more than three in four organizations treat API security differently than web app security, indicating API security readiness lags behind other aspects of application security. The study also reported that more than two-thirds of organizations expose APIs to the public to enable partners and external developers to tap into their software platforms and app ecosystems. Threat actors are following the growing number of organizations using API-enabled apps because APIs continue to be an easy – and vulnerable – means to access a treasure trove of sensitive data. Despite the fallout of large-scale breaches and ongoing threats, APIs often still reside outside of the application security infrastructure and are ignored by security processes and teams.

  • 5G Threats

    With the rollout of 5G continuing in 2020, we will see an increase in the volume and speed of data theft. The AT&T Cybersecurity Insights Report: Security at the Speed of 5G, shows that larger enterprises are not prepared for the security implications of 5G. The top cyber security concerns that came back in this report were:

  • Larger attack surface due to the massive increase in connectivity
  • Greater number of devices accessing the network
  • The extension of security policies
  • Authentication of a larger number and wider variety of devices.

As more 5G devices enter the network, organizations must prepare for the onslaught of added security threats.

  • Ransomware attacks evolve

    Ah, ransomware, seemingly every hacker’s favorite extortion tool. According to McAfee Labs 2020 Threat Prediction Report, the increase of targeted ransomware has created a growing demand for compromised company networks. This demand is met by criminals who specialize in penetrating company networks and sell complete network access in one go.

“I expect that the ransomware used will continue to become more advanced. I am concerned that some threats have just become more stealthy, or are working toward that, and that readily available ransomware will enable even novice criminals to maintain stealth. Organizations are spending more resources to defend against ransomware, which might drive out a few of the lesser players, but any organization with resources will still see ransomware attacks happen as a fast and easy way for financial gain, so hackers will continue to pursue advancements.” ~ Karl Gosset, VP of Content Development at Circadence

It’s clear that the threat landscape will continue to grow and become more sophisticated in the coming year, which means it’s time for businesses to step up their security game.

Circadence believes that the best way to do this is through cyber learning games themselves! Our flagship product, Project Ares, delivers real-world attack scenarios in a safe, online range environment and allows users to practice and hone their cyber skills through the use of games. With missions specific to enterprise threats, such as Operation Crimson Wolf and Operation Desert Whale, Project Ares will ready your organization for any looming threats like these. By using a gamified cyber learning platform like this for your security teams in 2020, you can readily pop some champagne and dance the night away, knowing your enterprise is better protected in the new year.

Photo by Robynne Hu on Unsplash

Photo by Bud Helisson on Unsplash

Human Resources Takes on Cyber Readiness: How to Mitigate Cyber Risks with Security Awareness Training

Reading Time: 4 minutes

Every year hackers come out of the woodwork to target various companies, specifically around the holiday season. In fact, cyber attacks are estimated to increase by as much as 50 – 60% over the holidays. With staff often spread thin and consumers taking advantage of online shopping and banking for added convenience, the timing is perfect for HR professionals to stay vigilant with how they onboard new employees with cyber education while encouraging good cyber hygiene among existing colleagues. Understanding the risks employees come across while online, how to train them to detect and mitigate these risks, and how you as an HR manager can ensure continued efforts to harden security posture will make you a cyber safety hero this holiday season!

While IT and cyber professionals are primarily responsible for securing a company’s networks and ensuring teams are up to snuff, the reality is that cyber risk extends beyond what occurs in the server room. Human error continues to be one of the top reasons cyber attacks are successful. This means that not only do security teams need to be trained, but cyber training across every department, with every employee who works on a computer, is essential to obtain and maintain good cyber hygiene across the company. If every employee in your organization understands how their actions can impact overall company security, more personal responsibility will be taken to maintain cyber safety.

Don’t fret! HR professionals need not be masters in cyber security. There are great tools out there to help anyone learn the basics and be able to share their foundational learning with others. So, what are some of the things you can learn and train employees on to mitigate attacks?

  • Phishing emails – With inboxes flooded daily, it can be hard to spot potential threats in emails. Hackers send targeted emails that may address a work-related matter from a co-worker or manager. One click on the wrong email, and you could be infecting your business device with malware. It is important every employee understand what suspicious emails “look” like and how to avoid nefarious click bait.
  • Using company devices for personal work – It’s an easy thing to do – grab a work device off the counter and start online shopping, emailing friends and family, or finally getting around to baking that chocolate chip cookie recipe from Martha Stewart. However, accessing un-secured sites and opening personal, and potentially phishing, emails on a work computer puts companies at risk. As an HR manager, you must recognize this common occurrence and be able to speak to it with your staff. If a hacker is able to gain access to a business computer through an employee’s personal use, they gain access to all of the company information on that employee’s device as well.
  • Using personal devices to conduct business – The same can be said for using personal devices to conduct business. It can be difficult to “turn off” after work hours and many employees answer some work emails on their cell phone, or load a work document on his/her personal tablet or laptop. When company staff access potentially sensitive business documents on their personal device, they risk leaking that information to a hacker. To prevent attacks company-wide, HR pros must be aware of how often this type of behavior occurs and work closely with their IT department to learn how company networks are secured when remote access is granted to employees outside of home and work IP addresses.

HR managers: Spread good cyber hygiene!

Security awareness training is becoming increasingly prevalent at companies that know what it takes to have good cyber hygiene. According to a recent report by Infosec, about 53% of U.S companies have some form of security awareness training in place. While this is still barely over half, it’s a start. So what can you do to rank among companies leading the charge in cyber security?

  • Offer continuous training – Cyber security awareness training is not a “one and done” event. This kind of training should continue throughout the year, at all levels of an organization, and be specific to different job roles within the company. Technology is always changing, which means the threatscape is too. When you are battling a constantly shifting enemy, your employees need to be vigilantly trained to understand each shift.
  • Perform “live fire” training exercisesLive fire exercises (LFX) happen when users undergo a simulated cyber attack specific to their job or industry. One example is having your IT department send out a phishing email. See how many people click on it and show them how easily they could have been hacked. This data can be used to show progress, tailor problem areas, and train to specific threats as needed.
  • Stress the importance of security at work and at home – Showing employees the benefit of cyber awareness in the workplace translates to awareness at home as well. Help prospective and existing employees gain a wide breadth of understanding about cyber best practices by making learning approachable instead of unattainable or intimidating.
  • Reward good cyber hygiene – Reward employees who find malicious emails or other threats with your company’s IT team and share success stories of how employees helped thwart security issues with vigilant “eyes” on suspicious activity. Equally, it is important to also empathize with employees who make mistakes and give them the tools to learn from their mistakes. Many employees receive hundreds of emails each day, and while training tips and education are helpful tools, it is not a perfect solution.

Training employees to be cyber aware can be difficult unless a structured program and management strategy is in place. We’re here to help! Circadence’s security awareness platform, inCyt, is coming soon! inCyt allows employees to compete in cyber-themed battles and empowers them to understand professional and personal cyber responsibility. By cultivating safe cyber practices in virtual environments, HR managers can increase security awareness and reduce risks to the business.

To learn more and stay in the know for upcoming product launches, visit www.circadence.com

Photo by Austin Distel on Unsplash

Photo by Alex Kotliarskyi on Unsplash

Living our Mission: Project Ares Takes Full Flight with Cloud-Native Architecture

Reading Time: 4 minutes

According to CIO magazine, about 96% of organizations use cloud services in one way or another. In partnership with Microsoft, we are proud to announce that Circadence has redesigned its Project Ares cyber learning platform to fully leverage a cloud-native design on Microsoft Azure.  This new, flexible architecture improves cyber training to be even more customized, scalable, accessible, and relevant for today’s professionals.

This transition to cloud infrastructure will yield immediate impacts to our current customers.

  • Increased speeds to launch cyber learning battle rooms and missions
  • Greater ability to onboard more trainees to the system from virtually any location
  • More access to cyber training content that suits their security needs and professional development interests

Proven success at Microsoft Ignite

At the recent Microsoft Ignite conference (November 2019), more than 500 security professionals had the opportunity to use the enhanced platform.  Conference participants set up CyberBridge accounts and then played customized battle rooms in Project Ares. Microsoft cloud-based Azure security solutions were integrated into the cloud-based cyber range to provide an immersive “cloud-in-cloud” sandboxed learning experience that realistically aligned to phases of a ransomware attack.  The new version of Project Ares sustained weeklong intensive usage while delivering on performance. 

So what’s new in the new and improved Project Ares?

Curriculum Access Controls for Tailored Cyber Learning

One of the biggest enhancements for Project Ares clients is that they can now control permissions for  training exercises and solution access at the user level. Customer Administrators will use the new CyberBridge management portal to tailor access to Circadence training exercises for individual users or groups of users.

Single-sign-on through CyberBridge enables the alignment of training exercises to individuals based on their unique learning requirements including:

  • Cyber skill-building exercises and complex missions within Project Ares for cyber professionals
  • Cyber foundation learning with Cyber Essentials tools for the IT team
  • Security awareness training with inCyt for general staff

Cyber Essential learning tools and the inCyt game for security awareness will be added to CyberBridge over the next several months. With the capability to pre-select training activities reflective of a company’s overall security strategy, enterprise security managers can call the shots.

“As the administrator, you now choose what curriculum content your team should have. “This provides more flexibility in cyber training for our customers in terms of what they can expose to their teams.” ~ Rajani Kutty, Senior Product Manager for CyberBridge at Circadence.

Greater Scalability and Performance in Cyber Training

With a cloud-native architecture design, Project Ares can support more simultaneous users on the platform than ever before. Project Ares can now handle over 1,000 concurrent users, a significant improvement over historical capacity of 200-250 concurrent users on the platform.  The combination of  content access control at the group or individual level and the increased scalability of Project Ares creates a solution that effectively spins up cyber ranges with built-in learning exercises for teams and enterprises of any size.  Additionally, this means that no matter where a cyber learner is geographically, they can log on to Project Ares and access training quickly. We see this as similar to the scalability and accessibility of any large global content provider (e.g. Netflix)—in that users who have accounts can log in virtually anywhere in the world at multiple times and access their accounts.

Now that Project Ares can support a greater volume of users on the platform, activities like hosting cyber competitions and events for experts and aspiring security professionals can be done on-demand and at scale.

“We can train more people in cyber than ever before and that is so impactful when we remember the industry’s challenges in workforce gaps and skills deficiencies.” ~ Paul Ellis, Project Ares Senior Product Manager at Circadence

The previous design of Project Ares required placing users in “enclaves” or groups when they signed on to the system to ensure the content within could be loaded quickly without delay. Now, everyone can sign in at any time and have access to learning without loading delays. It doesn’t even matter if multiple people are accessing the same mission or battle room at the same time. Their individual experience loading and playing the exercise won’t be compromised because of increased user activity.

Other performance improvements made to this version of Project Ares include:

  • Quicker download speeds of cyber exercises
  • Use of less memory on user’s computers, and resulting longer battery life for users, thanks to lower CPU utilization.
  • These behind-the-scenes improvements mean that training can happen quicker and learning, faster.

New Cyber Training Content

One new Mission and three new Battle Rooms will be deployed throughout the next few months on this new version of Project Ares.

  • Mission 15, Operation Raging Mammoth, showcases how to protect against an Election attack
  • Battle Rooms 19 and 20 feature Splunk Enterprise installation, configuration, and fundamentals
  • Battle Room 21 teaches Powershell cmdlet (pronounced command-lets) basics

Mission 15 has been developed from many discussions about 2020 election security given past reports of Russian hacktivist groups interfering with the 2016 U.S. election.  In Operation Raging Mammoth, users are tasked to monitor voting-related systems. In order to identify anomalies, players must first establish a baseline of normal activity and configurations. Any changes to administrator access or attempt to modify voter registration information must be quickly detected and reported to authorities. Like all Project Ares Missions, the exercise aligns with NIST/NICE work roles, specifically Cyber Defense Analyst, Cyber Defense Incident Responder, Threat/Warning analyst.

Battle Rooms 19 and 20 focuses on using Splunk software to assist IT and security teams to get the most out of their security tools by enabling log aggregation of event data from across an environment into a single repository of critical security insights. Teaching cyber pros how to configure and use this tool helps them identify issues faster so they can resolve them more efficiently to stop threats and attacks.

Battle Room 21 teaches cmdlet lightweight commands used in PowerShell.  PowerShell is a command-line (CLI) scripting language developed by Microsoft to simplify automation and configuration management, consisting of a command-line shell and associated scripting language. With PowerShell, network analysts can obtain all the information they need to solve problems they detect in an environment. Microsoft notes that PowerShell also makes learning other programming languages like C# easier.

Embracing Cloud Capabilities for Continual Cyber Training

Circadence embraces all the capabilities the cloud provides and is pleased to launch the latest version of Project Ares that furthers our vision to provide sustainable, scalable, adaptable cyber training and learning opportunities to professionals so they can combat evolving threats in their workplace and in their personal lives.

As this upward trend in cloud utilization becomes ever-more prevalent, security teams of all sizes need to adapt their strategies to acknowledge the adoption of the cloud and train persistently in Project Ares. You can bet that as more people convene in the cloud, malicious hackers are not far behind them, looking for ways to exploit it. By continually innovating in Project Ares, we hope professionals all over the globe can better manage their networks in the cloud and protect them from attackers.

Living our Mission Blog Series: How Tony Hammerling, Curriculum Developer, Orchestrates a Symphony of Cyber Learning at Circadence

Reading Time: 3 minutes

Circadence’s Curriculum Developer Tony Hammerling wasn’t always interested in a career in cyber—but he was certainly made for it. In fact, he initially wanted to be a musician! While his musical talents didn’t pan out for him early in his career, he quickly learned how to create unique harmonies using computers instead of instruments…After joining the Navy in 1995 as a Cryptologist and Morse Code operator, he transitioned to a Cryptologic Technician Networks professional where he performed network analysis and social network/persona analysis. It was there he learned more offensive and defensive strategies pertinent to cyber security and was introduced to network types and communication patterns. He moved to Maryland to do offensive analysis and then retired in Pensacola, Florida. The world of cyber grew on Tony and he enjoyed the digital accompaniment of the work it offered.

For the last few years, now settled in Pensacola, Florida, Tony is a critical part of Circadence’s Curriculum Team, working alongside colleagues to develop learning objectives and routes for players using platforms like inCyt, Project Ares, and other cyber games like NexAgent, Circadence’s immersive network exploration game. Currently, Tony and his team are focused on building out learning of network essentials in NexAgent, and “…are bridging the gap between what new IT professional’s learn in NexAgent and getting them onto more advanced learning pathways in Project Ares,” says Tony.

“We’re starting to introduce new content for [Project Ares] battle rooms so users coming out of NexAgent can have an understanding of the tools and techniques needed for more advanced learning of cyber defense—and actually apply those tools and techniques in realistic scenarios.”

As the technical subject matter expert for cyber curriculum, Tony digs into the details with his work—and that’s where he shines. Tony and his team ensure that user learning is reflective of today’s cyber attacks and vulnerabilities. In the next iteration of NexAgent, users will be able to focus on network segmentation using election security as the theme for game-play. From separating election polling servers to working with registration databases to designing networks to prevent election fraud, learning becomes much more interesting for the end-user.

The most exciting part about Tony’s job is the diversity of material he gets to work on every day. One day he could be helping end-users of Project Ares identify fraudulent IP addresses in a battle room and another day he could be working on a full-scale technical design of a SCADA system modeled after a cyber incident at a Ukrainian power plant.

By understanding corporate demands for new content, Tony and his team have more direction to build out cyber learning curriculum that aligns to customer’s needs. He believes the technical training he’s able to support with learning material in Circadence’s platforms complements traditional cyber learning paths like obtaining certifications and attending off-site classes. The variety of learning options for users of all cyber ability levels (both technical and non-technical), gives professionals the opportunity to be more thoughtful in their day-to-day lives, more critical and discerning of vulnerabilities and systems, and more creative in how they address threats.

“Knowing that people are able to come into a Circadence product and learn something that they didn’t know before or refine specific knowledge into an application/skill-based path is exciting. I don’t think too much of the greater impact my work provides—but perhaps 10 years down the line when we can say ‘we were the first to gamify and scale cyber training,’ it will mean so much more.”

We are grateful for the unique talents Tony brings to the Circadence family of products and how he’s able to craft learning “chords” that when orchestrated, provide a symphonic concerto of cyber learning activity—empowering cyber professionals across the globe with relevant, persistent, and scalable cyber training options to suit their security needs.

Photo by Marius Masalar on Unsplash

Photo by Alphacolor on Unsplash

 

Will Artificial Intelligence Replace Cyber Security Jobs?

Reading Time: 2 minutes

The cyber security workforce gap continues to grow, and the availability of qualified cyber professionals is predicted to decrease in the coming years. In fact, a Cyber Security Workforce Study from the International Information System Security Certification Consortium predicts a shortfall of 1.8 million cyber security workers by 2022. Some resources claim upwards of 3.5 million within the next two years too. While this can feel like impending doom and gloom for the industry, AI, or artificial intelligence, can help to quell the concerns while empowering existing cyber workers.

While many other industries have seen robotic systems replacing the need for human workers, this doesn’t appear to be the case in cyber security. Humans are able to accomplish more when supported by the right set of tools. Allowing AI to support and react to human behavior allows cyber professionals to focus on critical tasks, utilize their expertise to analyze potential threats, and to make informed decisions when rectifying a breach.

How? AI can do the legwork of processing and analyzing data in order to help inform human decision making. If we were to rely completely on AI to manage security risks, it could lead to more vulnerabilities because such systems have high risks for things like program biases, exploitation, and yielding false data. Nevertheless, if utilize and deployed correctly for cyber teams, AI has the ability to automate routine tasks for processionals and augment their responsibilities to lighten the workload.

Learn more about AI’s role in cyber security professional training in our on-demand webinar!

So, is AI going to take over the jobs of seasoned cyber pros? The answer is no; however, AI will drastically change the kinds of work cyber engineers are doing. In order for IT teams to successfully implement AI technologies, they will need a new category of experts to train the AI technology, run it, and analyze the results. While AI may be great for processing large amounts of data or replacing autonomous manual tasks, it will never be able to replace a security analyst’s insights or understanding of the field. There are some data points that require a level of interpretation that even computers and algorithms can’t quite support yet.

AI can help to fill the workforce gap in the cyber security sector, although it may create a need for new skillsets to be learned by humans in the industry. AI and the human workforce are not in conflict with one another in this field, in fact, they complement each other. Thefuture is bright for AI and humans to work in tandem at the front lines of cyber defense.

For more information, check out our white paper on AI and gamification!

 

DOWNLOAD WHITEPAPER

Photo by

Christian Wiediger on Unsplash
Photo by Mimi Thian on Unsplash

 

Why Cyber Security is Important for Higher Education Institutions

Reading Time: 3 minutes

It might surprise you to know that the education industry is a prime target for malicious hackers. While threats in this sector are on the rise, many education institutions are not prepared for a cyber attack nor do they know how to recover from one. In fact, there were 122 cyber attacks last year at 119 K-12 public education institutions, averaging out to an attack every three days. A 2018 Education Cyber Security Report published by SecurityScorecard also found that of 17 industries, the education sector ranked dead last in total cyber security safety. Schools are leaving themselves open to student and faculty identity theft, stolen intellectual property, and extremely high cost data breach reconciliation. In fact, a study done by the Ponemon Institute shows the average cost of a data breach in the education sector is $141 per record leaked.

This industry faces some unique cyber security challenges:

  • Historically, this industry is based on the free exchange of information, i.e the philosophy that information should be readily available to all. The use of computers and internet in education has allowed information to be stored and accessed in many different ways, creating vulnerabilities in storage, network security, and user error which leaves systems susceptible to hacks.
  • Students and staff may have limited technical skills and prowess to know how to stay safe online.
  • Online education systems are highly distributed across multiple schools in a district or across state lines, making it easier to infect one system to gain access to all.
  • Computer systems used by schools often lack a single application, or “source of truth” to safely manage student and employee identities.
  • There’s a significant change in the user population every year due to students graduating and new students enrolling, making it difficult to track who is using certain resources and who has access to them.
  • Remote access is often required, with students and parents accessing systems from home computers and smartphones. When you access an online resource repeatedly from potentially vulnerable or unsecure networks, it creates more opportunity for hacks.

So how can educational institutions better protect themselves against looming cyber threats?

  • Shift the focus to prevention instead of mitigation – by making the focus on securing data before an attack happens rather than after, organizations will be better prepared to protect students and staff against a breach.
    • IT directors and security operators within educational institutions would be wise to consider persistent training solutions for their teams to optimize existing cyber skills so they don’t go “stale” after a period of time.
    • Likewise, perform a security audit and work across departments to understand all the digital systems in place (financial, teacher, student portals, etc.) and where vulnerabilities might exist.
    • HR departments of institutions should consider updating or adopting employee security awareness training to ensure every education-employed professional working on a computer understands the basics of cyber security and how to stay safe online.
  • Minimize internal threats – Verizon’s 2019 Data Breach Investigations Report found that nearly 32% of breaches involved phishing and that human error was the causation in 21% of breaches. Proper and continued training and awareness around security issues is key in preventing possible attacks.
  • Make cyber security a priority in IT budgeting – Schools and other educational institutions need to recognize the growing cyber threatscape and prioritize allocating funds to training tools, IT teams, and continued education for internal staff.

Circadence is here to help. Our immersive, gamified cyber learning platform, Project Ares, can help ensure that your cyber team is ready to defend against malicious attacks, and our inCyt product (coming soon!) will keep everyone else in your organization up to snuff on cyber defense and offense. We pair gamification with prolonged learning methods to make learning and retaining cyber security tactics simple and fun for all. Don’t let your institution and students be next in line for a breach–think inCyt, and Project Ares when you think cyber security for the education sector!

If you’re still looking for more information on education and cyber security, check out these handy references:

DOWNLOAD WHITEPAPER

Photo by Vasily Koloda on Unsplash

Living our Mission Blog Series: Programming Innovation in Orion, Thanks to Raeschel Reed, Circadence Software Engineer

Reading Time: 2 minutes

There’s never a dull moment at work for Circadence Software Engineer Raeschel Reed. Between learning ways to use new technology, improving coding techniques, and operationalizing cyber innovations, Raeschel is a critical part to the success of the company’s product suite.

She currently works on Orion, a curriculum development application that allows learning coordinators or security managers to customize cyber training exercises based on specific needs. Raeschel has been a part of the Orion development team for over nine months, working on the back-end operations to create the logic behind the functionality. The best part about working on this product is the level of collaboration Raeschel gets to experience.

“We do a lot of pair-programming on Orion, where we work in groups of two or three to move tasks along quickly. Everyone has good ideas to share and suggestions that build on one another and it helps expediate the problem-solving aspect of software engineering,” she said.

Prior to joining Circadence, she served as a senior software developer supporting the Naval Integrated Tactical Environmental System Next Generation and before that, at the Battelle Memorial Institute supporting various government contracts for the Department of Defense and Homeland Security. Those experiences helped her learn critical technical skills and computer languages that diversified her understanding of programming and software development. She’s also an alumnus of George Mason University (master’s degree in Computer Science) and Mary Washington College (bachelor’s in Computer Science).

For Raeschel, the process of working with and applying a new tech stack like Kubernetes, back-end tools like Golang (an open-source programming language), and working in Azure, keep the act of software development truly unique and on the cutting-edge of innovation.

While unique hobbies like soccer, sewing and improv feed her need to try new things, it is the tech industry she keeps returning to for career fulfillment.

“Tech stuff I keep coming back to,” she said. “I have a growth mindset where I want to keep learning new things and trying new things and the field of cyber allows me to do that.”

And if that wasn’t enough for Raeschel to feel inspired and innovative at Circadence, the team she works with is second to none in her eyes.

“Team Orion is the BEST!” she exclaimed. “I feel very fortunate to be here and to have found ‘my people.’ Mondays never feel like Mondays.”

Photo by Fatos Bytyqi on Unsplash

Living our Mission Blog Series: Hitting a Home Run with Circadence’s Security Management, thanks to TS Reed, Cybersecurity Engineer

Reading Time: 3 minutes

The journey to cybersecurity engineer has been an exciting one for Circadence’s TS Reed. The former baseball pro turned security tech expert found his passion for problem solving at Circadence. After completing an undergraduate degree in criminology at Cal State Northridge, he pursued a master’s degree in mechanical engineering at CSUN and then a master’s in cybersecurity engineering from the University of San Diego.

TS started as an intern at Circadence and was quickly onboarded as a full-time employee for his technical prowess, adaptability, and knowledge of modern security functions and processes. For the past three years at Circadence, TS has monitored the company’s network security, tested the security of its products (including Project Ares) and learned how and what to look for to stay one step ahead of attackers.

“It’s impossible to be bored in this job. Security is always changing: the way people build it, the way people attack it. You have to continuously learn and teach yourself the latest and greatest practices,” said TS.

But cybersecurity management wasn’t always in the stars for TS. Prior to joining Circadence, TS coached division one baseball at the University of San Diego and was also an assistant coach and recruiting coordinator at the University of Arkansas Fort Smith. A Cal State Northridge Alum, TS was a well-respected baseball player, hitting home runs in the athletic industry (named a CIF California Player of the Year and a Division 1 All-American at CSUN) with the fourth highest batting average at the 2008 Big West Conference. After college he went on to play one year of professional baseball in St. Louis for the Gateway Grizzlies of the Frontier League.

He traded in his baseball cleats for cybersecurity after discovering the inherent problem-solving nature of the field—a part of the job that greatly intrigued TS to dive into a completely new field of study and long-term career trajectory.

For TS, one of the best ways to “win the game” in the security field is to think like a hacker. By understanding what vulnerabilities they look for to exploit and why, security engineers like TS, know how to harden systems and deploy preventative measures beforehand. And while open forum online communities help TS and other security professionals “understand the mind of a hacker” there is always a level of uncertainty he has to deal with.

“Hackers are attacking constantly and finding new ways to infiltrate networks,” said TS. “We have to stay as close to them as possible,” he adds.

While TS’ professional journey has been unconventional at best, he has noticed many lessons from his baseball career that have translated into the cyber arena.

“Teamwork is huge; I learned early on in baseball that every teammate receives things differently. You have to take the time and care enough to figure out how your team members communicate. [In cyber security], everyone communicates differently too. Both in receiving communication and externally communicating. Step one is always getting a feel for that in order to be as effective as possible when communicating with teammates/team members.”

Likewise, TS learned that in baseball, a player’s own skill level and performance weren’t the sole indicator of how “good” a teammate was. The greatest measure, he says, is how effective one is at making others better and serving them.

“To be good at and handle your job is one thing but whenever you have a team involved, the greatest measure of a player or cyber employee is the capability to lift up those around them and make them better,” he advises. Empowering teammates, teaching them, and learning from them is the approach he lives by at Circadence.

We are proud to have TS as part of the Circadence family and know while he’s not hitting balls out of the park at the stadium, he’s hitting home runs with Circadence, hardening its cyber security posture.

Photo by Joey Kyber on Unsplash

Exclaim “Cyber for All!” During National Cyber Security Awareness Month

Reading Time: 5 minutes

Happy National Cyber Security Awareness Month! We all know that cyber security isn’t just a month-long focus area for businesses and individuals—but this month, we are grateful for the collaborative effort between government entity Department of Homeland Security and the National Cyber Security Alliance that together, place a lens on cyber (as an industry, strategy, and operation). It reminds us that the industry is persistent and impacts us all, and is not siloed into a single time span, or targeted to a specific industry or person. We know this because of data cyberattacks on businesses occurring every day, the continual discussion about the cyber talent “gap” and lack of holistically-trained workforce, and because of the ineffectiveness of passive-learning training models many professionals are exposed to today. Nevertheless, as the world draws its attention around cyber in October and the industry evolves to better serve today’s professionals and businesses, we wanted to communicate the critical idea that cyber really IS for all as we strive to make cyber awareness learning accessible, intentional, and effective.

Making cyber learning accessible

We believe there are three ways to make cyber learning more accessible: providing a comprehensive learning curriculum, making it available via a browser, and using gamification as a tool for ingesting and retaining new information.

Before we dive into each of those areas, let’s get more context about the concept of cyber learning itself. For a long time, cyber security has been thought of as a technical career and while there is a great deal of technical prowess that goes into the day-to-day tasks of a cyber pro, the idea of cyber security being an “anyone can do it” profession hasn’t popularized – and rightly so.

With roots in the military and government (cyber range training), learning cyber security has been a structured, systematic, and data-driven process typically executed in a passive learning setting where students watch or listen and then take a test at the end of the lesson. There is minimal opportunity for hands-on practice in safe and secure environments, making cyber security learning and awareness of its purpose, value, and function a little more ethereal than we in the industry would like.

Comprehensive Learning Curriculum

One way to ensure “cyber for all” (our rally cry this year), is to make cyber training more readily available to reach today’s learner (the next generation of cyber pros) while injecting a touch of personal accountability toward the concept. This should include a learning curriculum that addresses:

–      General awareness topics: These are topics that are broadly applicable to all employees of an organization and ones they should know regardless of IT level or expertise. Cyber security awareness topics at this level might include phishing, malware, social engineering, identity theft, removable media security, insider threats, social media vulnerabilities, etc.

–      Industry-focused topics: relevant cyber security issues segmented by industry where security is a priority, especially highly regulated sectors like healthcare, government and industry, finance, election security, manufacturing, electricity, etc.

–      Executive level topics: more functional/business topic areas where corporate leaders and other high-risk personnel and privilege users are impacted. Cyber security awareness topics at this level might include support/maintenance, consulting, managed services, legislation, risk assessment, etc.

By offering pathways upon which interested cyber enthusiasts or seasoned pros can “walk along,” it gives learners an idea as to how to develop their knowledge and skills. Further, cyber learning and awareness becomes more accessible because there is a route—or cyber learning journey—for everyone to choose.

Browser-Based Accessibility

The other component to ensure learning cyber awareness is accessible is by making the act of learning available to virtually anyone—via a browser. Online trainings today are quite popular for cyber enthusiasts and pros in training who want to hone their skills—and the idea of being able to access a cyber security course or activity online without having to leave the office or home is not only convenient but preferred these days. Some companies (like ours) are taking cyber training a step further by placing it in the cloud (Microsoft Azure) so learning can be scalable, more collaborative, and more customizable to learner needs.

Gamified Cyber Learning

Finally, cyber awareness learning can be attained by making learning fun. We do this with elements of gamification, which engage and inspire learners to train in environments that are not only realistic but also supported by a compelling narrative that invites players to progress through activities. Components like leaderboards, points, badges, and team-based collaboration allow learners to build a sense of “healthy competition” while learning and building skills and cyber competencies. Circadence offers learners of all skill levels various game-based activities from foundational concept learning in games like RegExile to application and analysis in Project Ares’ battle rooms and missions.

One student who played our RegExile cyber learning game in his cyber security course at CU Boulder said:

“I played the RegExile game today and I have to say I have hated regex till now, but when I learned it through the game, I actually liked it. It was really fun. I liked the concept of how a false sense of impending danger from the robots can make you think better and learn more. I was typing out my regex and actually thinking quite hard on how it could work and what I could do to make sure it was right as I did not want to lose the shield. I learned more through this game on regex than what I had in my undergrad class.” ~ Student at CU Boulder Cyber Security Course

Make Cyber Learning Intentional

Cyber learning has to be intentional. In order for students and existing cyber pros to get the most out of their training, they need a curriculum path that is not only diverse (based on skill needs), but also one that addresses all phases of learning: knowledge, comprehension, application/analysis, and synthesis/evaluation.

Can we insert an image that illustrates the “learning phases” of knowledge, comprehension, application/analysis, and synthesis/evaluation?

After understanding what cyber concepts are and how they impact our professional and personal lives (knowledge and comprehension), a learner needs to be able to build their cyber literacy and knowledge “essentials” by developing baseline cyber skills (application/analysis). Then, they can apply those skills in objective-based activities that synthesize concepts (evaluation).

“I personally found Project Ares to be a great learning experience and thought the mission environment was seamless.” ~ Chris N. UNCW Cyber Security Operations Club

Making Cyber Learning Effective

For IT Security Specialists and professionals, cyber learners can advance their competencies via recurring role-based training combined with continuing education and real-world experience trainings. Cyber learning needs to be rooted in best practice, industry-defined frameworks and there’s no better model to follow than the framework set forth by the NIST/NICE organization.

By aligning learning curriculum against work roles, learning concepts and skills inherently becomes more effective because it is RELEVANT for people. They learn concepts, how to apply them and can draw connections to how those concepts apply to their own jobs or jobs they aspire to. Further, the learning permeates into individual’s personal lives as well, enhancing cybersecurity at home.

We have built-in five NIST/NICE work roles that are present in Project Ares for trainees to work toward including:

–      Cyber Defense Infrastructure Support Specialist

–      Information Systems Security Manager

–      Threat Warning Analyst

–      Systems Security Analyst

–      Cyber Defense Analyst

Intentional cyber learning following this framework focuses on a particular technical topic, such as Incident and Event Management, Identification of Privilege Escalation Techniques, or Elections and Voting Security. This type of work role specification helps make learning cyber a reality.

Summing it up

While there’s no switch to turn on every part of this “cyber for all” plan, we hope it helps shed light on ways security leaders and HR directors can begin to cultivate an inclusive cyber culture in their own workplace, among their own teams. As we celebrate National Cyber Security Awareness Month (NCSAM 2019), it’s important for us to resurface conversations around what it means to actually be aware and how we can manifest that meaning into something that really makes an impact on business’ security posture. We hope this post is one inspiration to start initiating those conversations around shared responsibility to ensure all Americans stay safe.

 

Photo by Joel Muniz on Unsplash

Photo by Mimi Thian on Unsplash

Why Alternatives to Traditional Cyber Training Are Needed Immediately

Reading Time: 4 minutes

Are you looking for a more effective, cost-conscious cyber training tool that actually teaches competencies and cyber skills? We’ve been there. Let us share our perspective on the top cyber training alternatives to complement or supplement your organization’s current training efforts.

Cyber training has evolved over the years but not at pace with the rapid persistence of cybercrime. Cyberattacks impact businesses of all sizes and it’s only a matter of time before your business is next in line. Traditional cyber training has been comprised of individuals sitting in a classroom environment, off-site, reading static materials, listening to lectures, and if you’re lucky, performing step-by-step, prescriptive tasks to “upskill” and “learn.” Unfortunately, this model isn’t working anymore. Learners are not retaining concepts and are disengaged from the learning process. This means by the time they make it back to your company to defend your networks, they’ve likely forgotten most of the new concepts that you sent them to learn about in the first place. Read more on the disadvantages of passive cyber training here.

So, what cyber training alternatives are available for building competency and skill among professionals? More importantly, why do you need a better way to train professionals? We hope this blog helps answer these questions.

Cyber Range Training

Cyber ranges provide trainees with simulated (highly scalable, small number of servers) or emulated (high fidelity testing using real computers, OS, and application) environments to practice skills such as defending networks, hardening critical infrastructure (ICS/SCADA) and responding to attacks. They simulate realistic technical settings for professionals to practice network configurations and detect abnormalities and anomalies in computer systems. While simulated ranges are considered more affordable than emulated ranges, several academic papers question whether test results from a simulation reflect a cyber pro’s workplace reality.

Traditional Cyber Security Training

Courses can be taken in a classroom setting from certified instructors (like a SANS course), self-paced over the Internet, or in mentored settings in cities around the world. Several organizations offer online classes too, for professionals looking to hone their skills in their specific work role (e.g. incident response analyst, ethical hacker). Online or in-classroom training environments are almost exclusively built to cater to offensive-type cyber security practices and are highly prescriptive when it comes to the learning and the process for submitting “answers”/ scoring.

However, as cyber security proves to be largely a “learn by doing” skillset, where outside-of-the-box thinking, real-world, high fidelity virtual environments, and on-going training are crucially important, attendees of traditional course trainings are often left searching for more cross-disciplined opportunities to hone their craft over the long term. Nevertheless, online trainings prove a good first step for professionals who want foundational learnings from which they can build upon with more sophisticated tools and technologies.

Gamified, Cyber Range, Cloud-Based Training

It wouldn’t be our blog if we didn’t mention Project Ares as a recommended, next generation alternative to traditional cyber training for professionals because it uses gamified backstories to engage learners in activities.  And, it combines the benefits and convenience of online, cyber range training with the power of AI and machine learning to automate and augment trainee’s cyber competencies.

Our goal is to create a learning experience that is engaging, immersive, fun, and challenges trainee thinking in ways most authentic to cyber scenarios they’d experience in their actual jobs.

Project Ares was built with an active-learning approach to teaching, which studies show increase information retention among learners to 75% compared to passive-learning models.

Check out the comparison table below for details on the differences between traditional training models and what Project Ares delivers.

Traditional Training
(classroom and online delivery of lectured based material)
Project Ares
(immersive environment for hands on, experiential learning)
Curriculum Design

  • Instructors are generally experts in their field and exceptional classroom facilitators.
  • Often hired to develop a specific course.
  • It can take up to a year to build a course and it might be used for as long as 5 years, with updates.
  • Instructors are challenged to keep pace with evolving threats and to update course material frequently enough to reflect today’s attack surface in real time.
  • It is taught the same way every time.
Curriculum Design

  • Cyber subject matter experts partner with instructional design specialists to reengineer real-world threat scenarios into immersive, learning-based exercises.
  • An in-game advisor serves as a resource for players to guide them through activities, minimizing the need for physical instructors and subsequent overhead.
  • Project Ares is drawn from real-world threats and attacks, so content is always relevant and updated to meet user’s needs.
Learning Delivery

  • Courses are often concept-specific going deep on a narrow subject. And it can take multiple courses to cover a whole subject area.
  • Students take the whole course or watch the whole video – for example, if a student knows 70%, they sit through that to get to the 30% that is new to them.
  • On Demand materials are available for reference (sometimes for an additional fee) and are helpful for review of complex concepts.   But this does not help student put the concepts into practice.
  • Most courses teach offensive concepts….from the viewpoint that it is easier to teach how to break the network and then assumes that students will figure out how to ‘re-engineer’ defense. This approach can build a deep foundational understanding of concepts but it is not tempered by practical ‘application’ until students are back home facing real defensive challenges.
Learning  Delivery

  • Wherever a user is in his/her cyber security career path, Project Ares meets them at their level and provides a curriculum pathway.
  • From skills to strategy:   Students / Players can use the Project Ares platform to refresh skills, learn new skills, test their capabilities on their own and, most critically, collaborate with teammates to combine techniques and critical thinking to successfully reach the end of a mission.
  • It takes a village to defend a network, sensitive data, executive leaders, finances, and an enterprises reputation:  This approach teaches and enables experience of the many and multiple skills and job roles that come together in the real-world to detect and respond to threats and attacks….
  • Project Ares creates challenging environments that demand the kind of problem solving and strategic thinking necessary to create an effective and evolving defensive posture
  • Project Ares Battle Rooms and Missions present real-world problems that need to be solved, not just answered. It is a higher-level learning approach.

If you want to learn more about Project Ares and how it stacks up to other training options out there, watch our on-demand webinar “Get Gamified: Why Cyber Learning Happens Better With Games” featuring our VP of Global Partnerships, Keenan Skelly.

  You can also contact our experts at info@circadence.com or schedule a demo to see it in action!

Photo by Helloquence on Unsplash