In every sport, the only way to stay on top of your game is to practice. During a recent cyber security training session, Intrust staffers battled in real time against simulated attacks. Exercises like these allow us to think and work fast if our clients are hacked.
Blue Team Versus Red Team
The training pitted six Intrust staffers as the Blue Team against a Red Team of would-be hackers. Instructors from Cloud Range Cyber served as the White Team to monitor and guide the operation. In three different scenarios, our goal was to protect a network and its assets and help ensure it could stay up and running despite incoming attacks. We had to identify threats, analyze them and respond to them, all on the fly. We managed to score 95 out of 100 on the main scenario, which was a multi-faceted, two-hour SQL injection attack.
The cyber security training reinforced a lot of what we already know, like the importance of maintaining a patch/update schedule. Some attacks that we faced were due to weaknesses in the applications and protocols being used. In those instances, even the strongest password doesn’t help. Nothing makes up for an insecure design. Taking the time to incorporate security best practices at all stages can reduce or even eliminate risk.
Cyber Security Training Benefits Everyone
The experience also reminded us how important effective communication is during an incident. By working together and tapping into our various skills, we multiplied our team’s effectiveness.
Information security, at its core, is risk management and the best way to reduce risk for ourselves and our clients is to weave security best practices into every level of the technology stack. These simulations expose our team to attack vectors we may not have encountered yet. By seeing and responding to these attacks in a safe environment, we gain a better understanding of the attacks and how to protect against them.
While there is a game kind of atmosphere around this type of training, it’s serious business. Just as firefighters constantly drill their responses to an emergency, we want to be fully prepared to understand threats to our clients and fend off those threats as quickly as possible.