CyberSec4Europe in collaboration with Finnish project partner JAMK University of Applied Sciences is running Flagship 1, a two-day cybersecurity exercise. The event on 12-13 January 2021, the first of its kind and requiring no previous experience, is open to representatives from CyberSec4Europe partners, although future events may be made available to others.
During the exercise, participants will be provided with guidelines concerning a fictional organisation they are working for. With the available documentation, participants will be able to examine and analyse a cyber attack and seek to mitigate the damages. The short duration of the exercise provides an interesting challenge: one of the key questions is what to expect participants are able to learn in a complex learning situation in such a short time.
In the exercise, the fictional organisation’s internal and external communication representatives are alerted. The recent cybersecurity attacks in Finland and abroad have shown that communication is usually a duty of non-technical employees. A detected successful cyber attack not only concerns the targeted organisation, but also an organisation’s ecosystem and its stakeholders who need to receive timely updates on the attack and its aftermath. It helps when people speak the same language, so that internal and external communication can be clear and effective.
Jarmo Viinikanoja, the JAMK Exercise Leader, says:
We are welcoming people into the midst of a cybersecurity attack. With the now-piloted exercise, attendees should gain a good understanding of how a team could collaborate and communicate during an incident response.
A video setting the scene for Flagship 1 is available at JAMK’s video sharing service.
Technology platform behind Flagship 1
The technology behind Flagship 1 is based on Realistic Global Cyber Environment (RGCE), a cyber arena developed in JAMK’s cybersecurity research, development and training centre, JYVSECTEC. The platform development started in 2011 and the first national cyber exercises were held in 2013. Since then, RGCE has been used in various realistic cybersecurity exercises and in cybersecurity masters’ level cybersecurity education at JAMK.
In Flagship 1 an open-source SD-WAN interconnection requirement specification is proven. It is used for interconnecting various cyber range internal and external services and endpoints as show in the picture below. The implementation is based on a requirement specification, documented in Part B of CyberSec4Europe deliverable D7.1.
A report on the experience and lessons learnt during the course of the exercise will be published and made generally available.
Overview of Flagship 1 cybersecurity exercise environment