RHEA Talk: The Value of Cybersecurity Education
On 6 May 2021, we held our second RHEA Talk webinar in which four experts discussed the benefits of using a cyber-range for cybersecurity training, hosted by John Bone, RHEA’s Chief Commercial Officer:
- Bram Couwberghs, Director, RHEA Security Services
- Matteo Merialdo, Manager, Security Services Research & Development
- Shahid Raza, Director of Cybersecurity Unit at RISE Research Institutes of Sweden
- Trish Dyl, Director of Cyber Range and Partnerships, Ryerson University
RHEA is a global leader in cyber-range technology and development, providing systems to space and government agencies, businesses and educational facilities. With cyberattacks growing exponentially, cybersecurity education is essential not only for students and IT professionals, but also for every employee within every organization. How can cyber-ranges support this and what else can they provide?
Here we summarize our experts’ answers to some of the questions raised at our recent RHEA Talk. These include:
- How can a cyber-range support operational resilience?
- Should CEOs be trained first?
- How are you addressing the growing gap in the cybersecurity labour force?
- Can CITEF integrate real-world data in order to offer a true digital twin?
Watch the video of the complete webinar to find out more.
What is a cyber-range and how does it help with cybersecurity?
Bram: In the military, it is of utmost importance that people are trained before they are deployed abroad. That is done by recreating an operational environment in a safe place where people can use real tools and systems in scenarios that fully replicate what they will face in the field. That way they are not only trained how to use those tools but they feel comfortable and focused in the ‘fog of war’; they know the possibilities and the limitations, and their reaction times are significantly reduced.
It is the same with our cyber-range. We do not train people using random scenarios. Instead, our CITEF platform allows partners to recreate their own environments, including all their cyber protection tools and mechanisms. The scenarios used for training are based on real-life events they will most likely face at some point. By emulating real environments and tools, we see the same positive effects as in military situations – people have reduced reaction times and can stay focused and confident that they know what to do in any event.
Matteo: A cyber-range is a multi-purpose virtualization environment that can connect not only virtual machines in many scenarios but also physical elements. In addition to training, a cyber-range can be used for research and development, and testing and accreditation.
Our first experience was a complex emulation of a complete space mission for the European Space Agency, including the satellite, ground segment and mission control system. In other examples, we are now building an emulation of the navigation system on a ship and soon will begin creating an emulation of a medical lab with physical medical devices. Training options in any emulation can have different levels of complexity and are provided as part of the package.
Every cyberattack is an act of aggression towards a target, looking to exploit weaknesses in systems, processes, people and/or products. It is exactly that challenge that RHEA wants to tackle, supporting our partners to protect all of these elements against their adversaries.
Bram Couwberghs, Director, RHEA Security Services
What benefits does a cyber-range deliver to institutions?
Trish: Ryerson University identified cybersecurity as a key sector, which is how the Rogers Cybersecure Catalyst was born. We focus on bringing cybersecurity skills to all members of the community – scaling entrepreneurs through our accelerator programme and providing free learning modules and resources to small businesses and a whole range of content for schoolchildren and teachers.
We want to close the global cybersecurity skills gap across all sectors. RHEA’s cyber-range platform is a critical tool in our kit to do that. We’re delivering workshops, boot camps and full day open skills programmes. We’re also able to provide exercises that include multiple business units, so that a whole organization can rehearse its response in a safe environment and discuss its reaction to the exercise.
Shahid: RISE is the largest state-owned research institute in Sweden. One of our major use cases is cybersecurity education. By using a cyber-range, trainees find that if they are successful in defending themselves in the virtual world, there is a high chance they will be ready to protect themselves in a real-life setup when it is attacked. We also find that during training, people share their problems and ideas as well.
Another important use case is cybersecurity research. We have a strong team who are involved in more than 10 European and other projects. There are lots of opportunities; for example, we are developing a setup that can be used to train AI algorithms against adversarial settings.
Performing training over an emulation of your infrastructure is far more effective than just training in a generic IT environment. This is really important for critical infrastructure.
Matteo Merialdo, Manager, RHEA Group Security Services Research & Development
How can a cyber-range support operational resilience? And should CEOs be trained first?
Trish: I think it is very important that CEOs are brought into the conversation and are part of the cyber training experience, because one of the biggest disconnects I have come across is that across the ecosystem, from the junior staffer to the CEO, no one understands each other’s language. So what we are doing with our tabletop exercise is trying to create a bridge so they understand where each other is coming from. But all of this has to happen in parallel. You cannot wait for the C-suite to understand what the realities are – you have to understand the attacks and learn how to mitigate them now.
Awareness through a bit of ‘scariness’ is important for CEOs. When they appreciate their reaction to their company being hacked in a virtual world, they realise what they might do when there is an actual attack. They are then open to being trained and learning what steps they could have carried out.
Shahid Raza, Director of Cybersecurity Unit at RISE Research Institutes of Sweden
How is RHEA’s cyber-range evolving and are stakeholders involved?
Matteo: We have adopted an agile approach to improving the platform that includes taking into consideration all feedback from our customers and partners, prioritised according to difficulty and urgency. Any suggestion from a stakeholder is well considered.
How are you addressing the growing gap in the cybersecurity labour force?
Shahid: There is a huge gap between supply and demand for cybersecurity experts. The issue is that a traditional, formal university education is a long process. Our mission with the cyber-range is to bring this to people who are already working, for whom it is not practical to go back to university but instead need to learn on the job. For this, more cyber-ranges are needed.
Trish: We have an 86% placement rate among the people we train, representing all kinds of folks from young people to those in mid-career to people who have retired and want to try something new. Approaching training in this unique, diverse way is something I think even the most institutional university needs to consider.
Can CITEF integrate real-world data in order to offer a true digital twin?
[A ‘digital twin’ is virtual representation of a physical object, system or process that precisely emulates the original. Digital twins can be used to understand how something is performing now and will perform in future under varying conditions.]
Matteo: Digital twins is a very hot topic, across the space sector in particular. But it depends how you define a ‘digital twin’, as some that claim to do this are only offering limited emulation. RHEA’s CITEF has the infrastructure and technology to build a true digital twin, because you can already use it to build very complex emulations. And if you consider the definition of a digital twin to be one that includes real traffic data, then we are not too far away from that.
Providing learning opportunities that are both immersive and ultra-realistic ensures learners are fully prepared to tackle real-world challenges that they may encounter in their jobs. The value of training is immense. The ability to empower someone, both personally and professionally, is one of the greatest benefits we can offer.
Trish Dyl, Director of Cyber Range and Partnerships, Ryerson University
Can a cyber-range be used to offer certification?
Shahid: RISE is also a certification body in Sweden. One of our goals is to use our cyber-range for testing and validation for the new European cybersecurity act, which will cover IoT, cloud and 5G. It may need a few extensions from RHEA but we are definitely interested in using CITEF as a certification platform.
How can we be ready for unknown cyberattacks or other challenges?
Bram: I think the only way we can tackle new challenges is by collaboration. We work really closely with our customers and partners. And our security services team is built around our engineering research and development team, who are working on next generation technologies such as AI, blockchain and quantum key security. So we are connecting the dots. Also, the reason we built CITEF in an open way is to be able to tackle the next challenges we face in as agile a way as possible.
Shahid: The cyber-range is the perfect platform for that. We plan to use it to work on something called deception technology, for example, which is a next generation ‘honeypot’. A cyber-range gives you flexibility to do many things in a virtual world that you cannot do in a real-world scenario, giving you a tool and experience to fight zero-day attacks when they happen in a real environment.
Find out more
Learn about our Next Generation Cyber-Range Services.
Download the CITEF brochure.
Subscribe to receive information about future RHEA Talks and to receive our Cybersecurity Bulletin.