A cyber range is a platform that provides hands-on cybersecurity practice to teams of professionals. The range simulates the worst possible attacks on IT infrastructure, networks, software platforms and applications. The range also contains learning management components (A “Learning Management System,” or LMS). An LMS enables both instructors and students to make measured progress through a defined training program. The LMS may also connect with what is known as an “orchestration layer” that connects specific parts of the curriculum with the underlying IT assets that comprise the range.
The range’s underlying infrastructure might include a network, storage, compute (servers) as well as switches, routers, firewalls and so forth. In some cases, the range is built using an open source platform like OpenStack. A virtualization layer helps reduce the range’s physical footprint. Some ranges are partly or fully cloud based. The range’s “target infrastructure” simulates the actual digital assets that might be subject to a cyberattack. Beyond training, cyber ranges are useful for people and organizations that wish to experiment with new cyber defense technologies.
They can use the range as a safe place to solve complex cyber problems. They can test new ideas and see how teams interact with emerging cybersecurity solutions. The cybersecurity threat landscape never sleeps. Attacks can come at any time, and their nature may change at a moment’s notice. Highly trained threat actors are constantly evolving, testing, innovating, and developing new tools. No one is immune, from government organizations to the smallest family-owned business.
Cybersecurity is becoming more challenging and serious. Organizations, from corporations to state governments, are struggling to find and train the personnel who will enable a robust cyber defense. Some cyber ranges are created to test commercial products, such as servers, against malicious actors. That’s the job of the IBM X-Force Command Centre, to name one such range. It is a simulator that enables testers to see how systems will withstand malware attacks, as a cybersecurity guide.
There are Smart grids — The power grid is such a significant target for malicious actors that the utility industry has invested in building cyber ranges for their unique IT and network environments. These ranges are able to simulate the inter-connected power networks that comprise the grid. They also run the Supervisory Control and Data Acquisition (SCADA) systems that are common in the power industry.
The growth of Internet of Things shows a new attack surface. Many IoT devices lack inherent security features, so it’s essential to have experienced security operators work in their defense. The cyber range for IoT must simulate the large number of devices and the distributed, perimeter-free environments in which they are deployed. As the cybersecurity landscape continues to evolve in ever-more threatening ways, the cyber range will have a role to play in preparing cyber professionals to rise to the occasion of cyber defense.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
