Cyber Training and Simulation – Getting Ready
This post is also available in: 
עברית (Hebrew)
“In the last few years, cyber threats have undergone an evolutionary – and even revolutionary – process. We’ve seen escalations like never before”, said Moshe Ishai, CEO of Comsec Consulting, yesterday. “Today, we find ourselves facing a number of absurdities, like the fact that even after defending an organization’s systems with all necessary and best-practice mechanisms, you still might be attacked”.
Ishai spoke to journalists for the revelation of a solutions for coping with new cyber threats: ComSimulator and Cyber Intelligence Hub.
ComSimulator, developed by the company in the last 3 years and already operating with clients, is a simulator game that lets companies and organizations practice ways to deal with various types of cyber-attacks. “Instead of designing security, it trains clients using existing infrastructure with facing the unknown”, said Ishai.
The company demonstrated the system in its operation room, where it showed examples of how a training session could go. One group, called the red group, can throw different scenarios on the participants, called the blue group, which then has to face the challenge and try using different techniques to deal with them. Everything is done in an environment suited to the client, with the organization’s familiar interface.
Shiran Kleiderman, system architect and manager of the operating room, explained that the ComSimulator can analyze participants’ reactions in real time, making the need of human controllers watching each participant and enabling organization-wide training with less monitoring personnel. After training, participants’ actions are investigated in order to improve operating procedures. The system also enables training over short or long term periods.
The Cyber Intelligence Hub, which is meant to help recognize new and emerging attacks and trends, scouts the web in search for information regarding currently ongoing or even future attacks. It analyzes data from websites, social networks etc. and network traffic, and can identify new threats, making it easier to stop attacks before they have the chance to afflict real damage.
“The basic assumption is that it is impossible to stop all attacks. Therefore, there’s a need to think of other ways to deal with them”, said Shay Zalalichin, Comsec’s CTO. “Our Cyber Intelligence Hub provides a solution that enables preemptive identification of threats pro-actively instead of reactively”. This way, he explained, various attacks were already stopped, including Anonymous’ Op Israel last April, that hasn’t managed to cause any real disruption.
