Cloud Range has introduced Cloud Range for Critical Infrastructure—the live-fire simulation training specifically designed to proactively train and prepare incident responders (IR) and security operations (SOC) teams in operational technology (OT) and information technology (IT) environments to defend against cyber attacks to critical infrastructure.
The digital convergence of OT and IT in critical infrastructure sectors has increased the focus of cyber attacks against OT and industrial control system (ICS) environments.
This has accelerated the need for cyber defense teams to understand, train, and prepare to protect these assets. However, OT and IT environments can have very disparate objectives, setups, and risks. OT security requires different protocols, analysis, forensics, and other security methods than traditional IT security networks.
That’s why OT/ICS security teams require unique training to ensure they can overcome the threats and challenges they face.
Cloud Range for Critical Infrastructure is the full-service OT/ICS/IoT cyber range simulation training environment with dynamic, live-fire OT/ICS, OT/IoT, and IT/OT incident response and security operations exercises.
The customizable OT environments include unlimited network scenarios to simulate any organization’s OT/IT network and emulate any industrial sector, including energy, nuclear, transportation, communications, water systems, buildings/facilities, and more.
The new OT solution not only strengthens the resilience of security teams, but also improves operational efficiency by providing a collaborative environment for IT/OT teams to work and train together and remove the complexity and friction between them that is common in most organizations.
“Cyber threats are increasingly targeting devices and systems that manage industrial operations, and the repercussions of an OT system breach can be much worse than an IT-related one. Organizations must expand their cybersecurity capabilities beyond data protection and include the concept of cyber safety and the protection of human lives,” said Cloud Range CEO Debbie Gordon.
“With a greater risk to critical infrastructure, we simply don’t have enough skilled and experienced cyber professionals to defend the front lines. Organizations can’t rely on the traditional training and certifications of their IT and OT teams, and they will need to invest in dynamic training content that mimics actual adversary methods to protect their data as well as people,” Gordon added.
Cloud Range for Critical Infrastructure mimics potential real-life cyber attacks and enables cyber defenders to see and understand an attack before it actually happens, preparing them to be ready to defend.
Attack scenarios are mapped to the MITRE ATT&CK Framework for Industrial Control Systems (ICS) so teams can understand the specific tactics taken by adversaries. The immersive, live-fire cyber range environment gives OT IR and ICS security teams the needed expertise, judgment, skills, and muscle memory required to be ready when a real attack occurs.
“The increase in frequency and sophistication of cyber attacks on OT systems in recent years should serve as a warning signal for organizations to take a proactive approach to OT cybersecurity,” said Bryan Singer, Principal Director, Global OT Incident Response Lead at Accenture.
“In order to understand the adversary you need to understand attack and defense. These are not skills you can practice in a live environment in a way that scales well for asset owners. Now organizations can fill the gap that exists between certification courses and having a readiness team in place with an environment that lets teams proactively test, drill, recognize, and respond to OT cybersecurity incidents,” Singer continued.
Cloud Range training missions are led by expert attackmasters providing teams with real-time guidance. Additionally, security leaders receive performance metrics and analysis with prescribed training plans based on the results of an exercise.
This new, live-fire OT cybersecurity simulation solution, improves technical proficiency, communication, collaboration, and critical thinking skills for SOC and IR teams.
“The industry-wide cyber skills shortage is well documented, but when you drill down deeper you find that there is a huge difference between the skill sets of an IT SOC analyst and OT SOC analyst,” said Mark Cristiano, Global Commercial Director of Cyber Security Services, Rockwell Automation.
“Many of our large customers have invested heavily in their IT SOC infrastructure and have tried to figure out how to leverage their IT SOC for their OT cyber response. By letting multiple teams practice together on a replica of their actual environment, Cloud Range extends the SOC teams’ capabilities to make the most use of their investment for an OT environment,” said Cristiano.
In addition to SCADA systems, workstations, software, and virtualized physical technologies, Cloud Range OT segments include network intrusion detection systems (IDS), human-machine interfaces (HMI), and programmable logic controllers (PLC).
The OT cyber range also utilizes fully licensed, cybersecurity technologies and OT network visibility and monitoring systems, including Dragos, Nozomi, Claroty, and others, enabling organizations to maximize their technology investment and security teams to practice in a true-to-life network with the real tools they use daily.
This full-service, bespoke model prepares cyber defense teams from both IT and OT disciplines to detect and mitigate cyber incidents within industrial environments to ensure critical cyber-physical systems and operations are protected.
“Designing, installing, and operating a robust cyber security and safety program must include effective training capabilities for the people operating those systems to test themselves and gain necessary cyber readiness experience virtually, particularly when human safety is at risk,” said Lucian Niemeyer, CEO, Building Cyber Security.
“They need to train and practice response and recovery within an OT-centric cyber range that represents a full array of threats to their actual infrastructure, whether that be a water system, an apartment building or a hospital. That’s the essential and significant value that Cloud Range’s ground-breaking OT range offers — the capability to efficiently simulate attacks and develop effective mitigation and responses without having to physically impact the technologies in use. Any asset owner responsible for connected operational technologies in industrial processes, business operations, critical infrastructure, or essential human services must incorporate use of this range into training programs to mitigate threats and enhance cyber safety protections,” Niemeyer continued.
According to a Gartner report, “Converging IT infrastructures with what are often long-standing OT systems, along with an increasing number of “greenfield” cyber-physical system projects are driving interest and investments into OT security. This interest comes with the realization that the need to connect and digitize industrial environments is introducing a new set of vulnerabilities and risks.”