The cyber security industry has clearly shown that practice-based talent development is the crucial contributor to cyber capability and resilience for organizations and nations.
Abilities and experience are recognized as key pillars of competence development, beyond the supply and acquisition of mere knowledge and skills. Competence is built by experience and is in fact the behavioural cornerstone of the ‘human firewall’ and the ‘human perimeter’ that underpin an organization’s cyber resilience.
To be cost and time effective cyber security talent development must be: up to date on the latest and most complex attack vectors, hands-on and experiential to acquire muscle memory, very realistic as to exercise infrastructure and scenarios, easy to access, scalable to large audiences, and repeatable, based on deep-dive technologies such as simulation (in the future, AI and VR), measurable and shareable.
Using tools and processes available in the workplace enables meaningful developmental experiences in life-like simulated situations against the latest threats.
This translates into TOAR, the platform developed by Silensec and supported by industry partners for Training Orchestration Automation and Response, which ensures that:
– Training activities benefits of the latest threat intelligence inputs.
– Gamified exercises occur in a sandbox environment where the latest threats can be safely detonated in a replica environment according to an engaging slate of roll-out activities and events, designed, built, and deployed to reflect real-life use contexts, to apply any available tools of trade, to engage numbers of users and teams over a meaningful period of time. Such a slate of exercises runs on seamless functionalities based on high orchestration and high automation, in order to meet the requirements for cost and time- efficient deployment of resources, participants, events.
– Participants’ performance is full tracked and observed before, during and post exercises, with gathering and analysis of metrics, against a competency framework and other applied criteria.
– This also includes processes and technologies tested in an exercise. All resulting data is captured and made shareable with other internal / external business systems, such as for Learning Management, Human Capital, proof of concepts towards development roadmaps, for policy and regulations compliance, and collaboration and coordination frameworks.
CYBER RANGES provides the TOAR-enabled next-generation App-built simulation platform that provides a fully- featured sandbox environment to apply the latest threat data to the development of complex exercise scenarios that can detonate complex attack simulations into true-to-life IT/OT networks and are run by even large numbers of players, both individuals and teams, anytime anywhere. Through APIs then the resulting data is managed and exported to other stakeholders of an organization’s cyber security ecosystem.
TOAR enables CYBER RANGES to play the industry-wide role of ecosystem platform for effective cyber security capability and resilience building.