Overview

Simulate potential threats to reveal security response weaknesses and strengthen security.

Changing business models related to cloud, mobile, social, and the Internet of Everything (IoE) introduce new security challenges. Add the complexity of threats that change continuously and increasingly sophisticated attackers, and it is clear why now more than ever organizations need effective security solutions to protect their infrastructures, data, and brand reputation.

The best defense is a good offense, and your organization can take the offensive by building a robust, comprehensive security solution that addresses the increasing sophistication and frequency of attacks. The first step is to have an accurate and current understanding of the state of your organization’s security posture.

Cisco® Security Posture Assessment service specializes in Cyber War Games, which is a role-play framework that challenges your organization’s existing technology and procedures to help improve incident readiness and response.

Cisco has developed a specific methodology for conducting war game workshops that assesses your organization’s Blue Team capabilities through increasingly complex phases of identification, defense, response, and recovery from an attack.

The attack challenges responses, methods, teams, and decision makers throughout the war game. Through monitoring, feedback, and mentoring, the process develops individual and team skills in coping with complex scenarios.

Cisco tailors each workshop to your needs to ensure the specific context is understood and your top concerns are well tested.

War Game ExerciseCisco’s Cyber War Games assess resilience posture, including how an organization responds to realistic crises, and under which conditions resilience is likely to fail. Cisco’s approach uniquely combines technical aspects of an attack (to illustrate how it is triaged) and the performance of core crisis management. It demonstrates effective tools for managing the business consequences, and coordinating capabilities in an escalating crisis.

Cisco Security Cyber War Games

© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partner use only. Not for public distribution.

The best defense is a good offense, and your organization can take the offensive by building a robust, comprehensive security solution that addresses the increasing sophistication and frequency of attacks.

Cyber War Games simulates a prolonged and persistent attack conducted by the Cisco Red Team in several phases and aims to mobilize your organization’s security team through phases of identification, defense, response, and recovery.

Cyber War Games addresses:

• Preparatory learning and masterclasses

• Multiple, custom, and escalating scenarios

• Fusion of technical and contextual factors

• Mentoring and real-time observation

• Completeness and effectiveness of response and contingency plans

• Factors and conditions that lead to failure• Process and team agility

Objectives An important goal of these exercises is to elevate knowledge and awareness, and improve your ability to respond to complex attacks.

Beyond developing the requisite knowledge, managing a crisis requires very effective processes that are configured appropriately and adaptable to changing circumstances.

The purpose of Cyber War Games is to not only test whether the plans are well designed, but also to test the effectiveness of processes and procedures, and to examine the organization and management of those processes.

Core objectives of Cyber War Games are to:

• Examine capabilities to address an in-depth or prolonged attack through phases of identification, defense, response, and recovery

• Test response agility to escalating crises and challenge processes and decision-makers

• Examine how appropriate, complete, and effective response and contingency plans are

• Examine how business continuity plans are enacted and adapted, identifying factors that lead to failure

• Identify multiple points of failure whether tactical, operational, or doctrinal

• Identify imperatives for change and immediate priorities for response process redesign

© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partner use only. Not for public distribution. 2

An important goal of these exercises is to elevate knowledge and awareness, and improve your ability to respond to complex attacks.

Overview

Cisco Expertise and ResourcesCisco’s attack and penetration experts on the Red Team draw on extensive security experience in a variety of industries and government agencies to perform these assessments. Their expertise is supported by a combination of best-in-class tools, methodologies, and unparalleled access to product development engineers who help you make the most of the sophisticated security features included in the technologies in your network. Exploitable vulnerabilities are evaluated by Cisco experts, who are uniquely positioned to provide the global reach and security expertise necessary for successful global threat correlation, with hundreds of research analysts dedicated to the full-time collection and analysis of threat intelligence.

Sample Assessment Phases

© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partner use only. Not for public distribution.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) DEC15CS4670 04/15

First Impact:• Alerting and indicators• Detection capabilities

First Response:• Accurate interpretation• Triage management

Situational Awareness:• Knowledge and decision making• Risk assessment

Escalation:• Risk assessment• Crisis management

Summary:• Feedback on performance• Analysis of effectiveness

Implementation:• Recommendations• Training and workshops

Why Cisco?Security engineers that are certified by Cisco have deployed, secured, operated, and optimized the performance of many of the largest and most robust networks in the world. Cisco offers security solutions guided by security experts with deep technical knowledge and experience. They use industry-leading tools and best practices to deliver security solutions that enable business growth, reduce cost, and mitigate risk.

Availability and OrderingThe Cyber War Game service is available through Cisco and Cisco partners.

To Learn MoreTo learn more about how Cisco can help you protect your organization from today’s dynamic threat landscape, visit www.cisco.com/go/services/security.

Exploitable vulnerabilities are evaluated by Cisco experts, who are uniquely positioned to provide the global reach and security expertise necessary for successful global threat correlation.

Overview