Real World Cyber Security Experience: From Learning to Earning

Real world, experiential learning helps students develop knowledge, skills, and abilities that they can take directly from the classroom to the workplace.

This direct connection from learning to earning is important to all students, but none more so than adult learners who have gone back to school, often while continuing to work full-time. Maybe their goal is to grow in their current job role or career. Maybe they are ramping up for a job or career change. Maybe they are exploring new interests. Regardless of motivation, after juggling the many demands of working while going to school, most adult learners expect to graduate with skills that they can immediately apply in the workforce or other direct activity.

To say that the cyber security industry is seeking skilled job candidates is an understatement.  Cybersecurity Ventures predicts that there will be 3.5 million (that’s million) unfilled cybersecurity jobs globally by 2021.   The interactive Cyber Seek website shows over 500,000 U.S. cybersecurity job openings as I write.  With gaps of this magnitude between open jobs and applicants, cyber security is a perfect discipline for educators to focus on and provide experiential learning that students can directly apply outside the classroom.

Capella University, an online university headquartered in Minneapolis, Minnesota, recently did just that by adding a hands-on lab component to the capstone course for its BS in Information Technology, Information Assurance and Cybersecurity program.  One of their over-arching design goals was to make the course as close as possible to the “real world” of cyber security work. We are proud that they chose Project Ares by Circadence to deliver this critical element.

In a recent Circadence webinar, Dr. James W. Barker, Adjunct Faculty in the School of Business and Technology spoke in detail about the process the team at Capella went through to integrate Project Ares into their capstone course.  Project Ares enabled them to address three objectives:

  1. Give students hands-on practice using their cyber skills against a variable adversary
  2. Provide authentic learning scenarios that students could report on to demonstrate their knowledge of the attack and recommendations for future prevention
  3. Create an opportunity for teamwork and collaborative problem solving, which are essential skill requirements for cyber teams and hiring managers

“By the end of the second week of the course,” said Dr. Barker, “almost to an individual, students stated that this is the most realistic, engaging, and challenging course that they have taken.  One group was so engaged and motivated by working on the Project Ares platform that they completed their final group mission two weeks early.”

From his faculty point of view, Dr. Barker is pleased that Capella has delivered the equivalent of a formal cyber security internship and cannot envision a better means of exposing their learners to “real world” security work.  And Capella isn’t stopping here; they are considering plans to incorporate Project Ares learning exercises into other courses at the undergraduate and graduate level.

Check out the webinar where Dr. Barker shares more about how he set up the course syllabus and learn more about the power of Project Ares as an on-demand and hands-on learning platform ​that uses cyber range-as-a-service technology to deliver Virtual Machine-based cyber security training exercises.

 

Photo Credit: Thanks to Joshua Ness for sharing their work on Unsplash.

3 Ways Tech Companies Can Improve the Talent Acquisition Process

It’s reasonable to correlate the quality of the talent acquisition process to the quality of employees in the company– which is tied to the success of the company. Yet, there is currently a shortage of qualified experts in field of cyber security and there has been for quite some time. And while tech companies have pulled back the reins on hiring tech talent due to the economic consequences of the coronavirus outbreak, reports CBNC, more emphasis is being placed on preserving team member jobs and revitalizing the hiring process as we all prepare to re-open and heal. Out of the chaos of recent events comes opportunity and tech companies are showing more resilience than ever as tech leaders identify pragmatic ways to staff up. We’ve got three foundational tips to help hiring managers and senior cyber security / IT leaders fill their cyber talent and candidate pools with qualified professionals who not only look good on paper, but can demonstrate their qualifications.

But before we dig into those recommendations, let’s establish some context first.

State of the cyber security talent in the tech sector

The role of the cyber security professional continues to develop and gain more authority and responsibility as the security landscape and the integration of business and technology evolves.

When we look at the current climate of cyber security jobs in the U.S., we see bleak yet in-demand overtones. Finding qualified cyber talent and candidates is very much like searching for a needle in a haystack for hiring managers and recruiters.

  • It takes an average of 3-6 months to fill a cyber security job position (Dark Reading)
  • In 2019, there were over 700,000 unfilled IT jobs in the U.S. (CNBC)
  • Employment of computer and information technology occupations is projected to grow 12 percent from 2018 to 2028 (Bureau of Labor Statistics)

While all companies likely struggle to find qualified cyber talent, the technology sector has its own unique set of challenges that are important to discuss and be aware of. Emerging technology, disruptive tech, the sheer evolution and the fast-paced nature of the industry make it hard to find candidates who have experience and knowledge in specialized areas of technology­–many of which are just now becoming adopted into businesses.

IT, security managers, operators and human resource leaders realize that:

  1. they need to focus on filling positions with quality candidates who can demonstrate their skills in a skills-deprived landscape
  2. to achieve that objective, more can be done in the recruitment and hiring phase.

Okay, let’s talk about those recommendations now. And if you have more suggestions based on what’s worked with your company, let us know!

Promote from within

The first logical step in filling a cyber position is to promote from within the company. It saves on time and cost to recruit. There may be IT generalists in your company who desire to take their career to a new level in cyber security and you’re just not aware of it (…and may have the aptitude and willingness to learn).

If an IT generalist is interested in filling a needed cyber security position (e.g. information security engineer, network architect, systems analyst), consider giving them a project to test their skills and ambition and see how they do. More on this in a second.

To promote from within, ensure you’ve communicated the requirements of the position clearly to the company across all departments. People in cyber security positions come from all walks of life: computer science, history, military, political science, yes, even fields like philosophy. Yet they all have one thing in common: They share a deep and abiding interest in how technology works, notes Cyber Degrees.

So find those individuals who are looking to grow into a new position within the company and interview them. You may be surprised to learn there are passionate people willing to learn and grow, right in your own company ‘backyard.’

Test skills during the interview process

Allow candidates the opportunity to demonstrate what’s on their resumé. Online cyber training platforms like Project Ares can help HR managers and decision makers ‘see’ how a prospect might tackle a realistic cyber security issue.

·     Evaluate candidate skills in real-time against resumé credentials

·     Assess cyber competencies against other candidates and co-workers

·     Identify strengths in cyber technique, tactics, and procedures

By completing a set of tasks or activities that put skills like digital forensics, Linux skills, ports and protocols, and regular expressions work, candidates can show employers what they know and how they work before they even move on to a second or third interview. It’s one thing to talk about your experience, it’s another to actually apply it in a realistic setting.

Use Project Ares to support internal hiring processes

Circadence’s Project Ares platform helps HR decision makers assess candidate skills and competencies in various aspect of cyber security. And the platform can work for both internal recruitment and external recruitment. If promoting from within and you identify interested candidates who may or may not have a rich cyber background, you can use the platform’s cyber learning games and foundational scenarios to learn aspects of cyber security and security operations in ‘safe’ cyber range environments. If candidates demonstrate a willingness to learn in the platform, that is a good sign. If they are able to follow the guidance and instructions and apply critical thinking to complete the scenarios in the platform, even better. Hiring mangers can literally ‘see’ how an internal candidate responds to the act of learning and one can glean a lot about a candidate’s fit for the position simply through this effort of cyber aptitude testing.

Use Project Ares to support external hiring processes

The same applies for external hiring of cyber security professionals. Hiring managers and cyber security leaders can use Project Ares foundational and specialized scenarios to teach certain cyber skills they are looking for. If you’re looking to fill a position that aligns to a NIST/NICE work role, several exercises in the platform can address those specific skill sets. Further, the Assessment Reports can help HR professionals evaluate candidate strengths and compare those results against other candidates who have engaged in the platform to identify the best company cultural fit and skills fit.

·     Nurture qualified candidates in the platform

·     Retain top talent with professional skills development efforts in the platform

A Wall Street Journal article, sums up the ‘what’s next?’ to these challenges, succinctly:

Tom Gimbel, CEO of LaSalle Network Inc., a technology staffing and recruiting firm, said that once the crisis fades he expects a rebound in tech hiring as businesses seek out technology tools to cut costs and eke out efficiencies during a prolonged economic recovery.

“While new product implementations will slow down, we will see strong hiring of corporate IT, infrastructure, development and security roles,” Mr. Gimbel said.

How person-centered cyber training supports threat prevention in financial companies

Cyber security threats and preventive measures go hand-in-hand. Yet cybercrime continues to impose threats on the financial industry. Financial services firms are 300 times as likely as other companies to be targeted by a cyberattack,” according to a report by the Boston Consulting Group. These threats can arise at any time and occur through various sources (external sources such as hackers, and internal sources such as staff members and contracted employees). Some financial companies have developed action plans with steps to take if a cyber-attack strikes, but cyber security best practices also includes establishing and initiating threat prevention methods. One example of a threat prevention method is person-centered cyber training.

Statistics show that cyber threat prevention is an immense pain point for many financial companies. In a survey of 400 security professionals in financial services, it was observed that financial institutions are better at detecting and containing cyber-attacks and less efficient at preventing them. Almost 56% of financial institutions are useful in detection, and only 31% are good at prevention.

Financial services institutions must understand how to prevent cyber threats, which may require a ground-up approach.

Financial institutions can take immediate measures to engage in threat prevention methods with person-centered training. This type of training allows an IT or cyber professional to practice and hone skills by learning specific cyber lessons pertinent to the financial sector and applicable to their job role. The more upskilled the professional, the more they will be able to protect the company and company assets. A current platform that offers specific job role training is Project Ares.

Person-Centered Training with Project Ares

Circadence’s Project Ares is a browser-based learning platform designed for teaching cyber security in an engaging and hands-on applied method. This platform offers gamification and AI to train employees on the latest cyber threats and attacks. Project Ares is made up of foundational and specialized scenarios in the form of battle rooms and missions that address current cyber threats in the financial sector. The lessons within Project Ares are developed with specific job roles in mind.

For example, various scenarios are developed with the theme of a financial service, so the trainee can learn the skills needed to prepare for a cyber threat. In these specific financial missions, the trainee will learn how to disable botnets, identify and remove suspicious malware, and protect the financial institution.

  • Mission 1 – Operation Goatherd “Disable Botnet” – Acting as a cyber mission force member, the trainee will access the command and control server of a group of hackers to disable a botnet network that is designed to execute a widespread financial scan triggering the collapse of a national bank.
  • Mission 4 – Operation Arctic Cobra “Stop Malicious Processes” – The cyber trainee will analyze network traffic and stop a malicious exfiltration process.
  • Mission 5 – Operation Wounded Bear “Protect Financial Institution” – The trainee identifies and removes malware responsible for identity theft and protects the financial network from further infections.

This individual or team-based mission training delivers collaborative skill-building experiences aligned to NIST/NICE work roles, ensuring the trainee meets specific cyber competencies. This kind of immersive, hands-on training gives learners the ability to practice various forms of threat prevention, which will benefit the company’s overall security posture in the long run.

The more trained cyber professionals are for their job roles, the more likely they will be able to safeguard against threats—and take proactive measures to better prevent cyber threats. If cyber professionals are prepared and well-informed with the right knowledge and skills in their toolbox, threat prevention will be more attainable and achievable for professionals on the frontlines of defense. Professionals will be able to spot a cyber threat, but also prevent cyber threats from breaking the bank.

 

Distance Learning and Teaching for Cyber Security Programs

Distance Learning Today

Practically overnight distance learning has become the ‘new norm’ for academic institutions. Educators worldwide are figuring out what Emergency Remote Teaching (ERT) means for their specific courses and subject matter for summer term and likely fall term 2020. And while the immediate remote learning requirements for pandemic mitigation will eventually recede, there is a growing awareness that online and blended learning options in Higher Education curriculum will likely be a strategic part of the post-pandemic norm.

“Every faculty member is going to be delivering education online. Every student is going to be receiving education online. And the resistance to online education is going to go away as a practical matter,” James N. Bradley, chief information officer at Texas Trinity University, wrote in a LinkedIn post.

Job opportunities in the cyber security field

Let’s take a specific look at higher education programs for Information Technology and the related cyber security discipline. For starters, they can’t graduate students fast enough to fill the existing job openings in the cyber security field. Even before the pandemic, there was a well-documented talent gap between the growing number of open cyber security jobs and skilled applicants to fill them. In November 2019, ISC2 calculated that the cyber workforce would need to increase by more than 145% to fill gaps in talent across the U.S.  Cyberseek.org tracks this unique employment landscape and states that “the average cybersecurity role takes 20% longer to fill than other IT jobs in the U.S.” because employers struggle to find workers with cyber security-related skills.

The dynamics of this gap have probably gotten worse. Today’s stay-at-home world has cyber security vulnerability written all over it. Online activities have exploded with remote work access, distance learning, telemedicine, video conferencing, online shopping, gaming, media streaming, and more all happening at once….and creating a world of opportunity for threats to identity, systems and data. And, in the post-pandemic world that we are looking forward to, many of the new and unexpectedly ‘proven’ activities like distance learning and telemedicine will likely stay with us to some extent as part of the ‘new norm’.

The result is that behind the physical coronavirus crises is the shadow of a virtual cyber virus crisis. And it means that cyber security is quickly moving to the frontlines of mission-critical skillsets for healthcare, higher education, retail, and every employer that enabled work-from-home for the safety of their workforce. Now, more than ever, organizations and institutions need to stop thinking in terms of IF they are breached and start planning in terms of WHEN they are breached.

Does that sound ominous? It is! But buried in the dramatic shortage of cyber skills, is opportunity. Opportunity for STEM/IT focused students (high school and collegiate) to specialize in cyber security and find jobs upon graduation. And opportunity for higher education institutions to ramp up their cyber security program enrollment.

  • In March 2019, Cyber Crime Magazine reported that only 3% of U.S. Bachelor’s Degree graduates had a skill set in cyber security.
  • And in another 2019 report, Burning Tree Technologies learned that while federal data showed the number of postsecondary programs in key cyber security areas had increased 33%, the ratio of currently employed cyber security workers to job openings, had hardly budged since 2015. In other words, the pool of available talent has remained proportionally the same.

 

Developing the cyber security skills that employers are desperate for is a multi-faceted challenge. Employers want to bring in new hires who have both a strong foundation in basic security principles and concepts as well as practical job role specific skills like networking protocols, scripting, regular expressions, kill chain and network defense, etc. And maybe most importantly, employers categorize top talent as those applicants with power skills like strategic thinking, problem-solving, teamwork and collaboration.

Distance learning and the IT / cyber security discipline

At Circadence, we specialize in cyber security learning, specifically through an immersive learning platform that provides hands-on experience and strategic thinking activities for students working towards careers in the field of cyber security.

Today’s educators are looking for engaging student activities that teach designated core curriculum topics to meet learning objectives. And, it is equally critical to assess student comprehension of learned material and measure progress to ensure the effectiveness of the curriculum and teaching approach. These challenges can be met head-on with Circadence’s Project Ares in the online classroom. Project Ares is a browser-based learning platform specifically designed for teaching cyber security in a hands-on, applied manner.

It can help transform existing cyber security curriculum to support current distance learning challenges as well as integrate into future course design.

For cyber security instructors:

•     The built-in learning exercises can augment existing syllabi.

•     Anytime access enables flexible asynchronous delivery to support current circumstances for instructors and students.

•     Self-directed student learning opportunities are supported through hints, Q&A chat bot, and session playback and review.

•     Optional live observation or interaction within the exercises supports tutoring as well as assessment.

•     Immersive, gamified environment sustains student engagement with scores and leaderboards to incent practice and improvement.

•     Global chat enables peer-to-peer community and support for students.

Additional Distance Learning & Teaching Resources

As higher education instructors shift to deliver, proctor and advise online, we anticipate teaching strategies continuing to adapt to use new and immersive tools that enable alternative online courses to positively impact student learning now and into the future. Circadence is excited to be a part of this shift in learning and proud to partner with today’s cyber security educators that prepares tomorrow’s much-needed workforce of cyber defenders.

For more information, check out these resources:

•     Microsoft technology helps enable remote classrooms https://www.microsoft.com/en-us/education/remote-learning?&ef_id=EAIaIQobChMIjrP4qvSQ6QIVlxatBh347wMJEAAYASAAEgL-VvD_BwE:G:s&OCID=AID2000043_SEM_6M11V6Kq&utm_source=google&gclid=EAIaIQobChMIjrP4qvSQ6QIVlxatBh347wMJEAAYASAAEgL-VvD_BwE

•     Circadence White Paper Teaching Cyber Security Remotely: Online Learning with Project Ares https://marketing.circadence.com/acton/media/36273/whitepaper-rise-of-distance-e-learning-in-higher-education

•     Project Ares Curriculum Example. Building an Immersive Cyber Curriculum with Project Ares: A use case from a public research institution in the Western U.S. https://marketing.circadence.com/acton/media/36273/immersive-cyber-curriculum-with-project-ares-use-case  

•     Cyberdegrees.org provides a comprehensive directory of colleges and universities offering cyber security degrees, as well as a wealth of information on career paths within the cyber security field, security clearances, the range of professional security certifications available.

If there is one thing that this pandemic has taught us all, is that out of chaos arises opportunity: Opportunity to be better professionals, better neighbors, better defenders, and overall, better people. We hope each of you continues to stay safe and secure during this time.

 

Photo by Avel Chuklanov on Unsplash

Cyber Security and Risk Mitigation Go Hand in Hand

Cyber Risk means different things to different people in an organization. Deloitte distinguishes it well: A CEO might worry about the expected financial loss related to cyber risk exposure; while the CFO is challenged to show the value of security while managing the associated costs. The CMO might worry about the impact to the brand if a breach to the company occurs; while the CISO is thinking about which key initiatives to prioritize to maximize risk buy down.  But one thing that savvy executives agree on is that cyber security is a business risk that should be included in corporate risk mitigation strategy and processes.

Cyber Risk Mitigation focuses on the inevitability of disasters and applies actions and controls to reduce threats and impact to an acceptable level.

Lisa Lee, Chief Security Advisor for Financial Services in Microsoft’s Cybersecurity Solution Group,  partnered with Circadence in April 2020 to talk about this topic in a webinar.  Originally broadcast for a financial risk mitigation audience, the practical advice Lisa offers in 6 areas of cyber risk mitigation is broadly applicable.

Cyber Risk Insurance

Insurance can help to reduce the financial impact of an incident, but it does NOT mitigate the likelihood of a cyber breach happening – in the same way that having car insurance helps with the financial consequences of an accident but cannot in anyway prevent an accident from occurring.

Identity and Access Management

Microsoft recommends making “Identity” the security control plane. Employees use multiple devices (including personal devices), networks, and systems throughout their lifecycle with a company. The explosion of devices and apps and users makes security built around the physical device perimeter increasingly complex.  At the same time, access to on-premise systems and cloud systems are shifting to transform to meet business needs.  Partners, vendor/consultants, and customers might also all require varying degrees of access.  A strongly protected, single user identity at the center of business for each of these constituents can exponentially improve the efficiency and efficacy of the overall security posture of the company.

Configuration and Patch Management

This is IT or cyber security 101.  Everyone should be doing it on a consistent basis.  But  20% of all vulnerabilities from unpatched software are classified as High Risk or Critical. The Center for Internet Security  is an excellent resource for more information on best practices.

Asset Protection (devices, workload, data)

There is a massive amount and diversity of signal data coming in from the network and there are many tools on the market to help assist in the collection, management, and assessment.  Lisa advised not to spend too much time trying to evaluate and select the best of breed tool in each category.  Rather, find a suite that works well together so that you don’t have to spend time on integration. Beyond devices, also consider your security policies and practices to ensure visibility for workloads across on-prem, cloud, and hybrid cloud environments.  And finally, consider protecting the information directly so that wherever data elements go, even outside the company, they carry protection with them.  The key to this is encryption.

Monitoring and Management

These two concepts are seemingly more about  ‘risk management’ vs. ‘risk mitigation’.  But monitoring helps you to ‘know what you don’t know’ in order to adapt and improve mitigation strategies.  And today, many of the monitoring tools from Microsoft and other vendors have features that enable cyber analysts to take action, i.e analysts can use the same tool that helps identify a vulnerability to then resolve it.

Cyber Security Training

Security is an ever-changing situation because bad actors are always developing new attacks.  Therefore, training and education is an ongoing requirement for cyber professionals.  Circadence’s Project Ares is a cloud-based learning platform specifically designed for continuous cyber security training and upskilling.   IT and cyber organizations that invest in on-going training for their people are making as strong an investment in mitigation as in the tool stack that the analysts use on-the-job.

With consideration in all 6 of these areas, you will be able to architect and compose a comprehensive cyber mitigation strategy.

Here’s a link to the full webinar.  It’s only 45 minutes long and Lisa provides more detail in each of these categories.

Great Dance Partners: How Cybersecurity and Risk Mitigation Go Hand in Hand

 

Photo by Toa Heftiba on Unsplash

Why Cyber Risk Mitigation is a Priority for Finance Leaders

The role of the CFO is evolving. Whether at a bank or credit union, today’s finance leaders wear many hats. One of which is a cyber security ‘hat’. Constant breaches within financial institutions warrant such a ‘wardrobe’. Insider threats are growing, outside adversaries are multiplying at rapid pace, and attacks on financial departments and companies are ever-increasing. Unfortunately, classic security controls like firewalls and antivirus are easily compromised as attackers become more sophisticated.

As threats increase, risks to businesses increase—and for CFOs and VPs of Finance, defining an adequate budget to account for those cyber risks and allocating proper resources is of the utmost importance to protect companies and its clients. Finance leaders are no longer siloed to reviewing financial statements and spreadsheets—their role extends far beyond the numbers to include cyber security.

Some CFOs may not be comfortable with this change but the reality of cyber security today mandates involvement from the CFO/VP of Finance to develop a cyber readiness strategy. Why are finance leaders critical to the cyber security conversation? Because many CFOs need to address and mitigate the business risk concerns of the C-suite , board , and investors (not to mention continuing to improve the ‘financial health’ of the company).

Any sort of digital compromise to a financial services company, results in damaging monetary and reputational outcomes that directly impact the financial function of the organization.

Hence why cyber risk mitigation is and should continue to be a critical priority for CFOs today. And for many, it already is: According to a 2019 study from Protiviti, 84% of global CFOs and VPs of Finance cited security and data privacy as a high priority[1] for them. Many CFOs are already taking the reins of the cyber security challenges to get ahead of looming risks and imminent vulnerabilities. How? By taking a more active role in defining cyber security strategy in a way that effectively hardens posture while ensuring company growth.

As such, the typical CFO responsibilities listed below, are only a part of many to come:

  1. identifying and monitoring risks of critical assets to protect company/client data
  2. ensuring critical infrastructure operations meet regulatory requirements
  3. contributing to the optimization of digital asset access and utilization to safeguard against attackers

That third responsibility may seem a tad ‘out of the norm’ for a CFO. Typically a CIO or CISO might be in charge of that objective. But as more financial services companies respond to digital transformation demands, data becomes a critical asset to protect. Much of that data “lives” on the devices that company employees use every day. CFOs should have a general awareness of who has access to what, where, and when and be aware of the policies in place that enforce security at all levels.

Since data is a valuable company asset, the CFO’s responsibility to ensure the financial ‘health’ of the company becomes much more complex as cyber security asset and risk management becomes a top priority. Security Boulevard writes “A modern CFO will have an excellent grasp on how an organization manages cyber security and will be able to ask the right questions.”[2] We agree!

For CFOs to make cyber security a priority, they are having to work across many lines of business within their organizations to contribute to the construction of a holistic cyber security program that has full buy-in from all employees (leadership/C-Suite included).

Learn how to prioritize risk mitigation in your financial services company.

Further, CFOs bring a unique perspective to the ‘building a culture of cyber security’ conversations as they are extremely committed to helping the company grow. While CFOs may not be cyber security experts, they do have a unique take on how and what solutions to invest in that will maximize the potential for company growth over time.

By working hand-in-hand across departments like IT and legal, CFOs and finance leaders can develop a holistic cyber security plan that goes beyond merely ‘evaluating cyber insurance coverage’. A huge part of strategic cyber planning includes understanding what current companies are doing to mitigate cyber risk. Foundational elements need to be established first.

While cyber insurance is a good start, other measures need to be taken to ensure that companies are not just reacting when threats occur, but instead, are taking proactive measures to get ahead of threats before they hit. A proactive approach should also include the adoption of a persistent cyber security training program to support frontline defenders who are doing the day-to-day defense against ambitious yet malicious adversaries.

With the right cyber security training in place, teams can be assessed on their abilities to identify and mitigate risks before they happen, while supervisors (e.g. CISOs) can glean insight into how teams are responding and areas for improvement. This intel can translate upward to the CFO who will need to know the risks associated with gaps in cyber security response.

 

Check out our webinar:
Great Dance Partners: How Cyber Security and Risk Mitigation Go Hand-in-Hand.

[1] https://www.cfodive.com/news/cybersecurity-is-latest-cfo-domain-study-finds/567056/

[2] https://securityboulevard.com/2019/08/is-it-critical-for-cfos-to-understand-cybersecurity-2/

Photo by Carlos Muza on Unsplash

Living Our Mission: Building a Roadmap to Bring Product Vision to Reality with Circadence’s Raj Kutty

This installment of the “Living our Mission” blog series features Circadence’s Rajani “Raj” Kutty, Senior Product Manager.  

Raj is fascinated by technology’s evolution in the marketplace and that interest has informed her career path toward success. She achieved her masters degree in computer science from University of Pennsylvania in 2003. From there, she spent 15-16 years in the tech industry and has always been interested in the everchanging advancements in technology. Her tech background consists of Java programming, business analysis and product management. In the beginning of her career, she worked on mobile app designs, web app development, and programming for various industries including finance, insurance, retail, and more. For the last 10 years, she’s moved into the direction of product management. Her shift into this area began because she enjoys building a roadmap for product development and seeing it through the various stages from identifying a problem in the market, and creating a product that solves pain points for customers. Her experience working with many different industries provides an advantage to Circadence since she has a first-hand understanding of why these businesses can benefit from additional cyber security training to protect company assets.

Raj started at Circadence about 7 months ago and was immediately captivated by the concept of cyber readiness and the security industry as a whole. Throughout her profession, she noticed a growing issue many companies faced: a lack of cyber security awareness and training. Over the years, she heard a lot about the cyber workforce shortage and knew the first step to creating a solution for this problem was to get the user engaged with the right type of training. In her mind, if the user is engaged in training, then it would result in better cyber defense for the organization. Her previous work experience, thoughts about cyber security readiness and ideas around engaged training were validated when she heard what Circadence was doing to help companies be “cyber ready” using gamified learning platforms. In the past, training would consist of a video, classroom lecture or reading textbooks- something dry and boring, she said. Raj felt Circadence offered a unique solution to get people interested in cyber security, which could lead to more strategic cyber defense performance and possibly minimize the cyber workforce gap.

“Training has to be fun and interesting to the user, while still being effective. I feel like Circadence is offering this to the cyber workforce in a game-play mode, which is more engaging for the user.”

Day to day, Raj works with different departments and team members at Circadence developing product strategy and bringing a product roadmap to life. Her knowledge across many industries helps ensure our products meet the needs of different organizations, while still maintaining in-depth cyber training and ease-of-use for the customer. Much like planning a road trip, which requires knowledge of route to destination, Raj leads her team every day by investigating and communicating strategy and plans to determine where they need to go next to bring the product to market.

Her main focus over the last couple months has been a new portal Circadence is developing called CyberBridge. CyberBridge is the entry point at which users can access all Circadence cyber learning platforms including Project Ares®, inCyt®, Orion® and more. It’s a global SaaS platform that offers different types of cyber training content for different markets.

“I love that I get to help design a product that addresses the cyber challenges across different industries and the ability to provide a readiness solution pertinent to each sector’s security pain points.”

The products Raj helps map to market fulfills her goal of bringing much-needed cyber awareness and training solutions to everyone and every business. Her perspective: With every tech integration, Bluetooth connection, and device-to-device communication we implement to make our working lives easier, we inherently increase our cyber risk as our attack surface widens. There are no signs of a slowing tech usage, hence why the importance of cyber awareness continues to grow each day. When we talk about how businesses need to protect themselves, we’re really talking about the people of a business, since people are what make up a company. In today’s world of escalating cyber threats, it’s everyone’s responsibly to gain cyber awareness to protect a company.

“Cybersecurity is like community immunity, when everyone gets vaccinated, we are improving and protecting our greater community, and cyber security works the same way.”

Photo by John Lockwood on Unsplash

Photo by Bogdan Karlenko on Unsplash

Microsoft Security Blog: Rethinking cyber scenarios—learning (and training) as you defend

In this third and final post in the series, Microsoft’s Mark McIntyre addresses more advanced SecOps scenarios that an experienced cyber practitioner would be concerned with understanding.

Living our Mission: Project Ares Takes Full Flight with Cloud-Native Architecture

According to CIO magazine, about 96% of organizations use cloud services in one way or another. In partnership with Microsoft, we are proud to announce that Circadence has redesigned its Project Ares cyber learning platform to fully leverage a cloud-native design on Microsoft Azure.  This new, flexible architecture improves cyber training to be even more customized, scalable, accessible, and relevant for today’s professionals.

This transition to cloud infrastructure will yield immediate impacts to our current customers.

  • Increased speeds to launch cyber learning battle rooms and missions
  • Greater ability to onboard more trainees to the system from virtually any location
  • More access to cyber training content that suits their security needs and professional development interests

Proven success at Microsoft Ignite

At the recent Microsoft Ignite conference (November 2019), more than 500 security professionals had the opportunity to use the enhanced platform.  Conference participants set up CyberBridge accounts and then played customized battle rooms in Project Ares. Microsoft cloud-based Azure security solutions were integrated into the cloud-based cyber range to provide an immersive “cloud-in-cloud” sandboxed learning experience that realistically aligned to phases of a ransomware attack.  The new version of Project Ares sustained weeklong intensive usage while delivering on performance. 

So what’s new in the new and improved Project Ares?

Curriculum Access Controls for Tailored Cyber Learning

One of the biggest enhancements for Project Ares clients is that they can now control permissions for  training exercises and solution access at the user level. Customer Administrators will use the new CyberBridge management portal to tailor access to Circadence training exercises for individual users or groups of users.

Single-sign-on through CyberBridge enables the alignment of training exercises to individuals based on their unique learning requirements including:

  • Cyber skill-building exercises and complex missions within Project Ares for cyber professionals
  • Cyber foundation learning with Cyber Essentials tools for the IT team
  • Security awareness training with inCyt for general staff

Cyber Essential learning tools and the inCyt game for security awareness will be added to CyberBridge over the next several months. With the capability to pre-select training activities reflective of a company’s overall security strategy, enterprise security managers can call the shots.

“As the administrator, you now choose what curriculum content your team should have. “This provides more flexibility in cyber training for our customers in terms of what they can expose to their teams.” ~ Rajani Kutty, Senior Product Manager for CyberBridge at Circadence.

Greater Scalability and Performance in Cyber Training

With a cloud-native architecture design, Project Ares can support more simultaneous users on the platform than ever before. Project Ares can now handle over 1,000 concurrent users, a significant improvement over historical capacity of 200-250 concurrent users on the platform.  The combination of  content access control at the group or individual level and the increased scalability of Project Ares creates a solution that effectively spins up cyber ranges with built-in learning exercises for teams and enterprises of any size.  Additionally, this means that no matter where a cyber learner is geographically, they can log on to Project Ares and access training quickly. We see this as similar to the scalability and accessibility of any large global content provider (e.g. Netflix)—in that users who have accounts can log in virtually anywhere in the world at multiple times and access their accounts.

Now that Project Ares can support a greater volume of users on the platform, activities like hosting cyber competitions and events for experts and aspiring security professionals can be done on-demand and at scale.

“We can train more people in cyber than ever before and that is so impactful when we remember the industry’s challenges in workforce gaps and skills deficiencies.” ~ Paul Ellis, Project Ares Senior Product Manager at Circadence

The previous design of Project Ares required placing users in “enclaves” or groups when they signed on to the system to ensure the content within could be loaded quickly without delay. Now, everyone can sign in at any time and have access to learning without loading delays. It doesn’t even matter if multiple people are accessing the same mission or battle room at the same time. Their individual experience loading and playing the exercise won’t be compromised because of increased user activity.

Other performance improvements made to this version of Project Ares include:

  • Quicker download speeds of cyber exercises
  • Use of less memory on user’s computers, and resulting longer battery life for users, thanks to lower CPU utilization.
  • These behind-the-scenes improvements mean that training can happen quicker and learning, faster.

New Cyber Training Content

One new Mission and three new Battle Rooms will be deployed throughout the next few months on this new version of Project Ares.

  • Mission 15, Operation Raging Mammoth, showcases how to protect against an Election attack
  • Battle Rooms 19 and 20 feature Splunk Enterprise installation, configuration, and fundamentals
  • Battle Room 21 teaches Powershell cmdlet (pronounced command-lets) basics

Mission 15 has been developed from many discussions about 2020 election security given past reports of Russian hacktivist groups interfering with the 2016 U.S. election.  In Operation Raging Mammoth, users are tasked to monitor voting-related systems. In order to identify anomalies, players must first establish a baseline of normal activity and configurations. Any changes to administrator access or attempt to modify voter registration information must be quickly detected and reported to authorities. Like all Project Ares Missions, the exercise aligns with NIST/NICE work roles, specifically Cyber Defense Analyst, Cyber Defense Incident Responder, Threat/Warning analyst.

Battle Rooms 19 and 20 focuses on using Splunk software to assist IT and security teams to get the most out of their security tools by enabling log aggregation of event data from across an environment into a single repository of critical security insights. Teaching cyber pros how to configure and use this tool helps them identify issues faster so they can resolve them more efficiently to stop threats and attacks.

Battle Room 21 teaches cmdlet lightweight commands used in PowerShell.  PowerShell is a command-line (CLI) scripting language developed by Microsoft to simplify automation and configuration management, consisting of a command-line shell and associated scripting language. With PowerShell, network analysts can obtain all the information they need to solve problems they detect in an environment. Microsoft notes that PowerShell also makes learning other programming languages like C# easier.

Embracing Cloud Capabilities for Continual Cyber Training

Circadence embraces all the capabilities the cloud provides and is pleased to launch the latest version of Project Ares that furthers our vision to provide sustainable, scalable, adaptable cyber training and learning opportunities to professionals so they can combat evolving threats in their workplace and in their personal lives.

As this upward trend in cloud utilization becomes ever-more prevalent, security teams of all sizes need to adapt their strategies to acknowledge the adoption of the cloud and train persistently in Project Ares. You can bet that as more people convene in the cloud, malicious hackers are not far behind them, looking for ways to exploit it. By continually innovating in Project Ares, we hope professionals all over the globe can better manage their networks in the cloud and protect them from attackers.

Rethinking cyber learning—consider gamification

This post originally appeared on Microsoft’s Security Blog, authored by Mark McIntyre, Executive Security Advisor, Enterprise Cybersecurity Group