Written by Ana Maria Matejic
Security Services Manager, RHEA Group Brussels
Before connecting the “cyber range” concept with the “risk” world, it is important to start with the basics: why use a cyber range?
Probably the most interesting answer for this question is its ability to provide an environment where new ideas can be tested and fine-tuned. Indeed, assisting at a growing competitive atmosphere within any industry, creativity has taken the lead for those who want to keep their business among the top players. This has created a domino effect and influences the way cyber security and cyber risk teams support the business they serve. In parallel with keeping an organization at the forefront of their specific industry, there are also challenges influencing the way cyber risk is assessed and managed: regulatory landscape changes, new technologies adoption, mergers, and acquisitions or divestitures, compliance maturity, and even cyber security skills limitations.
In these circumstances, cyber ranges have the potential to become an important part of a mature cyber risk management strategy. That gives the opportunity, to the organization supporting this blend, to bring in the same space cyber security teams, risk teams, and executives. They will not only
experience cyber threat situations in a controlled environment but also understand how they can cooperate, in daily business, to prevent and contain them. Further, a cyber range offers the possibility to try new ideas on overcoming or treating risks that arise from business practices and
that, without simulating specific cyber situations, would not be that facile to uncover.
From a more technical perspective, cyber ranges are a useful tool to uncover internal risks related to operational cyber activities: gaps within the incident response plans or testing certain technologies prior to using them in production environments. This approach helps as a “preventive” control in the risk mitigation domain but also as a “protect the business” mindset for cyber teams that do outstanding efforts to contribute to the organization’s growth.
For example, Rhea’s CITEF cyber range (widely used in ECHO to support the Federated Cyber Rage solution) is designed to address the aforementioned scenarios and other business-specific ones but also answers to demands from a range of potential users:
- Students – They can test knowledge acquired in classes or develop their future cyber skills
- Instructors/Professors – They can use a cyber range as a classroom “lab” or as a “test
environment” for topics they would like to develop for their classes. - Professionals – Professionals from areas such as cyber security, IT operations, business
continuity operations or incident handlers can use for their teams benefit the cyber range to
improve communication, knowledge, response methods, and times and to anticipate capacity
needs.
Ultimately this will help the respective teams to align with business needs and also to help other teams such as the risk ones.