Designed to meet the participants’ specific needs and environment, each exercise had its own highly realistic, engaging and dynamic scenario which included live cyber-attacks as the exercises progressed. The overall aim of these exercises was to give the participants an opportunity to develop and practice the skills, techniques and procedures they need to detect, contain and recover from a sophisticated cyber-attack.
Real-time simulations for natural gas and civil nuclear sectorsThe first of these two exercises was delivered to staff from various companies involved in the transport and distribution of natural gas in the UK. The exercise featured cyber-attacks against the IT infrastructure of several companies as well as the Industrial Control Systems of simulated Above Ground Installations (AGIs) which control the flow of gas within a pipeline. Participants had to identify the compromised systems, contain the cyber-attacks, and recover the full functionality of the affected systems before the flow of gas was fully interrupted.
The second exercise
was delivered to staff from various organizations of the civil nuclear sector
also in the UK. The exercise featured cyber-attacks against IT systems,
physical protection systems such as pass control and video surveillance, and
Industrial Control systems simulating the cooling function for a nuclear power
Enhancing situational awareness and communications skills
Both exercises included simulated news reports detailing the impact of the cyber-attacks to the wider public and briefings to managers and executives, giving participants the chance to improve their crisis communication skills. The use of live cyber-attacks allowed the Guardtime Exercise Control team to adjust the complexity and speed of cyber-attacks to the participants’ skills and knowledge, ensuring no one was over or underwhelmed by the exercise.
Participants clearly valued the opportunity to exercise perishable cyber defense skills, analytical thinking to characterize an ongoing cyber-attack, achieving situational awareness, and communications with senior management. Mr. Paul Strilkowski who works in the Security Operation Center of National Grid and participated in the gas sector exercise stated:
“The exercise was invaluable for understanding the issues that would be encountered in a real-world event.”
Expressing his satisfaction for the civil nuclear sector exercise, Neil Kendall from the Nuclear Decommissioning Authority said:
“The event was very realistic and professionally ran. The exercise made use of cutting-edge technology and vulnerabilities. There was palpable sense of jeopardy during the event which made it very realistic. Great work from the Guardtime team.”
Guardtime continues to develop custom cyber exercises for various sectors. Luc Dandurand, who leads the development of cyber range automation and cyber exercises as Head of Cyber Operations at Guardtime expressed his satisfaction with the successful execution of these two exercises:
"We always work with domain experts to realize a sophisticated and highly-customized experience for our participants. We take great care in ensuring an adequate and sustainable tempo throughout the full exercise, and we do everything we can to ensure participants walk away with improved skills, knowledge and proficiency, as well as an expanded network of trusted colleagues. Many things need to happen to realize these objectives, and the key is attention to details and excellence in orchestration."