In CyberSec4Europe project JYVSECTEC conducts an online-only cyber security learning opportunity, Flagship 2. The cyber security exercise, held on 25-26 January 2022, is a technically weighted learning event. The exercise is targeted at CyberSec4Europe partners. Their task is to detect and technically analyse a cyber incident that a fictional organisation has faced. Flagship 2 will demonstrate that analysing a cyber-incident requires teamwork and skilled personnel whom have the technical skills and knowledge in cybersecurity.
External Learners Are Welcome!
As in real life, many organisations may lack the competencies to technically analyse a cyber incident. Therefore, external learners are welcome to the exercise! They will play the role of external cybersecurity analysts and get to analyse a simulated cybersecurity incident using real-life tools and methods. The analysts will be provided samples that are exported from the exercise environment. By reporting their findings back to the exercise, the analysts are supporting the exercise participants investigating the incident.
The external analysts will use a safe prepared analysis environment to analyse the samples. The analysts’ environment was planned in co-operation between JYVSECTEC and Masaryk University.
What are the impacts to the core business?
Besides the technical questions, the exercise participants will face questions like how the detected situation effects to the core business of the organisation, and whom should and must know about the suspected cyber-attack.
During the exercise, participants will be provided with guidelines concerning a fictional organisation they are working for. With the available documentation and team coaches, participants will be able to detect and technically analyse a cyber-attack. The short duration of the exercise provides an interesting question: does the fictional organisation have the required competencies to resolve the business-critical case within the timeframe.
Technology platforms behind Flagship 2
The technology behind Flagship 2 exercise is based on Realistic Global Cyber Environment (RGCE). The exercise re-uses the open-source SD-WAN interconnection requirement specification that was demonstrated in Flagship 1. The implementation is based on a requirement specification, documented in Part B of CyberSec4Europe deliverable D7.1. The analyst’s virtual workstations have been implemented using open-source Cyber Sandbox Creator (CSC), documented in CyberSec4Europe deliverable D7.2 and created by Masaryk University.
Registration
Prerequisites to participate as a CyberSec4Europe external analyst is that the person is 18 years or older and has previous experience in using Linux command line tools. The two-day Flagship 2 cyber security exercise will be held on 25-26 January 2022.
The registration form is available until 12th January 2022 at https://link.webropolsurveys.com/EP/2CA45FFD85C5C345 .
Contacts
Questions regarding Flagship 2 can be sent to cs4e-flagship(a)jamk.fi or to Jani Päijänen, Project Manager, +358 40 7072 850, jani.paijanen(a)jamk.fi
References
Cyber arena concept: https://jyvsectec.fi/2020/10/comprehensive-cyber-arena-the-next-generation-cyber-range/
Realistic Global Cyber Environment (RGCE) Whitepaper: https://jyvsectec.fi/cyber-range/overview/
Cyber Sandbox Creator (CSC): https://gitlab.ics.muni.cz/muni-kypo-csc/cyber-sandbox-creator
Project and funding
CyberSec4Europe – working together to boost the security of all citizens of the European Union in their everyday digital transactions. CyberSec4Europe is funded by the European Union under the H2020 Programme Grant Agreement No. 830929