Dynamic Hands-On Training for Cyber Defenders

Cyber Range

Cyber Securityis a Team Sport.

Defend as a Team Against Cyber Threats Today!

Modular, Scalable, Flexible and Adaptable• Fully Integrated System• Dynamic Simulated Environments• Adaptable to Changing Needs and Threats• Easy Intergration of New Technologies• Skill and Role Based Training, Assessment and Certi�cation• Small Physical Footprint

Costumized Tailorable Solution• Custom Designed Security Challenges, Dynamic Exercises and Network Model

Modeling and Simulation• Robust Modeling and Simulation Capabilities• Applies Virtualization Techniques to Support Key CSL Functions

Cyber Maturity Model• Promotes Complete Cyber Self Suf�ency• Grow Skilled Workforce to Achieve Dynamic Defence• Individual and Team Pro�ciency• Basic, Intermediate, Advanced and Refresher Training

Experienced, Qualified and Ready to Succeed• Leaders in Cyber Readiness and Cyber Training• Contributed to the US DOD 8570 Training Program• 50 Years of Demonstrated Success• Mature Low Risk Solution, Ready for On-Time Delivery• Low Total Cost of Ownership

• Executive and Technical Training (and Certification) by Role Pro�le• Proficiency Evaluation by Role and Assignment• Individuals• New Recruits• Teams• Cyber Technology Evaluation• Cyber Defense Protection Strategy Development• Cyber Incident Countermeasure Development and Evaluation• Capture the Flag Exercises• Red vs. Blue Team Cyber Exercises• Modeling & Simulation of Security Operations with our Virtual Security Operation Center• Security Protocol Monitoring

Companies that are looking for better training to their IT security staff can now tap into Sypris’ expertise and skills with Sypris’ Security Training and Simulation Platform. Our Simulation Platform can also be used for testing and validating large-scale IT security solutions in a virtual environment, including validating SCADA (Supervisory Control And Data Acquisition) systems. Training-wise, the platform offers opportunities to master:

• Early detection of cyber attacks • Cyber incident response and investigation protocols • Real-time cyber security defence strategies

What is a Sypris Cyber Range™?Our Cyber Range is a unique learning system and modeling & simulation capability delivered on an open platform based upon commercial off the shelf (COTS) technology. It has three major components:

• Virtual Training Platform (VTP) • Knowledge Base • Self Paced Cyber Security Challenges • Dynamic Cyber Defense Exercises

• Cyber Analytics and Simulation Platform • Customizable Virtual Environments • Virtual Security Operations Center

• Sypris Cyber Range • Conduct Capture the Flag Exercises • Industrial Control System Modeling & Simulations • Network Attack & Malicious Traffic Generation

What Problems Can Be Solved with a SyprisCyber Range™?

• Reduced operational risk and greater resiliency to operate through a cyber attack • Roles based Cyber Defender proficiency • Quicker, effective response • Mechanism for continuous improvement in tune with the latest threats

It is a single, integrated, coherent System Architecture that is �exible and easy to use. Sypris integrates the latest technologies and content from best-of-breed partners into the range to ensure customers are equipped to handle the latest threats.

Challenge 1:We need more Cyber Defenders who are proficient

• 56% of organizations say they do not have enough security staff to handle their current demands• 52% of respondents (security pros and executives) said the shortage of skilled staff is contributing to the incidence of breaches in their organization• 47% said they believe their customers are being affectedData from The 2013 (ISC)2 Global Information Security Workforce Study-Frost & Sullivan / ISC2 / Booz Allen

Challenge 2:In our view, the current approach to mobilizing a Cyber Defense is inadequate for quicker,effective response

• Organizations are adopting technology faster than their people and processes can absorb and leverage• Classroom training does not establish proficiency in tactics, procedures, and the use of technology• Cyber Defense is trained as an individual “sport” when the real environment is role-based, and requires team behaviors and culture• New recruits are hired based upon Certifications, not pro�ciency

Challenge 3:The threats are dynamic and proliferating,making it difficult to keep up

• Many solutions are reactive and have a short effective life• Investments become obsolete quickly

Citizen Services & Immigration Control Law Enforcement

Critical Infrastructure Management Public Administration Services

Information Management Emergency & Disaster Management Inter-Agency Collaboration

NEC Global Safety DivisionGlobal headquarters: 2 Fusionopolis Way #07-01/02/03, Innovis, Singapore 138634 nec.com/safety safety@gsd.jp.nec.com

© 2016 NEC Corporation NEC and the NEC logo are registered trademarks of NEC Corporation.

The Challenge The Solution

Benefits

Why NEC Cyber Security?

Sypris Cyber Range™Applications to Mobilize for Cyber Defense

The Cyber Range will be offered as part of NEC’s Cyber Security Factory

The Sypris Cyber Range™ platform provides an operationally focused approach to test skills and assess aptitude of both individuals and cyber defense teams by operational role and assignment.

Within this framework, each trainee is assigned a Learning Plan that forms the baseline for a unique scoring approachthat measures their pro�ciency andoverall progress.

Four training delivery methods are utilizes within the Range framework to drive Cyber Defender pro�ciency:• Classroom-Based Modules with Integrated Simulation Labs• Self-Paced Security Challenges• Team-Based Dynamic Exercises• Custom Course Module Assessments and Delivery

Self-Paced Security Challenge Learning is Delivered in 5 Topic AreasCategory

Web Application Security

Application Security

Cryptography

Network Security

Forensics

Description

Courseware focused on the security and vulnerabilities of web-based applications

Traditional cyber security subject that emphasizes the security of single system and the applications running on it. Includes coverage for privilege escalation and OS/Application threats.

This subject area covers cryptography and includes topics such as encryption algorithms, secure communications protocols, digital signatures, etc.

Courseware that focuses on all aspects of the OSI model for an understanding of inter-computer communications.(Packet Captures, etc.)

Incident response, data collection, forensic data management (chain of custody), etc.

Subject

Web

Application

Cryptography

Networking

Forensics

Classroom-Based Modules with Simulation Labs Cover 5 Levels:Course Module

Basic CourseModule

IntermediateES Course Module 2

IntermediateICS CourseModule 3

Advanced CourseModule 4

Refresher CourseModule 5

Integrated Classroom-Based/Self-Paced/Team-Based Training

Module 1.1 Cyber Fundementals IModule 1.2 Cyber Fundementals IIModule 1.3 Incident Response Tier 1

Module 2.1 International Cyber Incident Response EngagementModule 2.2 Traffic AnalysisModule 2.3 Defence in DepthModule 2.4 Incident Response Tier 2

Module 3.1 Critical Infrastructure OverviewModule 3.2 Industrial Control System Security IModule 3.3 Industrial Control System Security II

Module 4.1 Malware Analysis/Revers EngineeringModule 4.2 Incident Response Tier 3Module 4.3 Penetration Testing/Vulnerability AssessmentsModule 4.4 Digital ForensicsModule 4.5 Capstone Cross-Sector Cyber Defence Exercise

Module 5.1 Basic Course RefresherModule 5.2 Intermediate ES Course RefresherModule 5.3 Intermediate ICS Course RefresherModule 5.4 Advanced Course Refresher

Dynamic Exercise

Attack & Defend:Symmetric or Asymmetric

King-Of-The-Hill

Botnet Takeover

Penetration Test

Objectives and Exercise

• Gain and maintain control of machines• Exploit target vulnerabilities• Plant �ag to indicate control and gain points• Defend own system by removing vulnerabilies• Harden system ot patch vulnerable codes• Earn points while system not compromised

• Similar to most Capture the Flag exercises• More machines added into system as game progresses

• Role-play as malware analyst and computer forensic analyst• Team-based working on different scenarios• Earn points based on time to complete and completeness of solution

• Role-play as penetration tester• Team-based working on different scenarios• Earn points based on time to complete and completeness of solution

Team-Based Dynamic Exercisesare Conducted in 4 areas:

At Sypris and NEC, our vision for Cyber Security Training has 2 critical elements:

• Take Cyber Security from an individual to a team sport• “Train as you would have to defend” – in an operational role

We bring hands-on, real world training to you and your cyber security teams. Our mission is to ensure your teams have the very best training possible, in a safe and secure environment.

We offer a full curriculum of 17 one week classes designed to take you from Basic through Advanced capability. If you don’t have the time to commit to a full curriculum, choose from these 3 powerful options:

With each of these options, you and your teammates can earn CPE Credits toward maintaining your CISSP Certi�cation.

Our classes are all taught on the world class Sypris Cyber Range. Sypris and NEC offer you a real-world, modeling and simulation platform for your cyber experts to train on how to discover, neutralize, repair and defend your network with an integrated, multi-layer approach.

For over 50 years, governments and top defense companies have trusted us to support their mission critical programs. With our focus on cyber security, we have unique and extensive experience managing the largest, most complex and signi�cant date protection assignments across the globe.

Team Custom to Your Environment Individual

Latest threads4 Hours of Hands on Training to Resolve a Current Threat in the News

Security challenges4 Hours Learning How to Solve 4 Real World Challenges

Dynamic Exercises4 Hours of Red vs. Blue Team Challenges

Simulation of Your Environment:Modeled and Simulated Exercises based upon your operational environment.

Threat Level

Nation State

AdvancedPresistent

Threat MostOrganizations

Agility/Speed of Action

ConventionalThreat

Passive

Active

MaturityLevel

TrainingInstruction

Competency

Pro�ciency

Environment

Tools Level

SecurityChallengesHands-on-Lab

Intermediate

Individual

Standard/Costumized

IntegratedPicture

DynamicExercisesFacilitated

Advanced(Custom)

Team

Customized

DynamicDefence

Modeling &Simulation

Advanced(Scenario Based)

Organixational

Customized / Real World

ResilientEnterprise

AdvancedSimulation

Expert

Mastery

Real World

Reactive& Manual

Knowledge BaseClassroom Based

Basic

Baseline

Standard

Sypris Cyber Range™Dynamic Virtual Training Platform A Better Approach for Learning

HW Interfaces (Switch) SW Interfaces (Upload Procedures)

Web User Interfaces

SCADA DevicesPartner Equipment

(e.g., BreakingPoint)Physical Systems

(e.g., ICS, CKMS, ECNS)Applications Training Content

Administrators

• Maintain User Accounts• Create/Modify User Roles

• Modify System Settings• Perform Modelling & Simulation

Cyber Security Lab

Dynamic Virtual Platform (DVP)

Administration Dashboards Messages

Training

KnowledgeBase

SecurityChallenges

DynamicExercises

Simulation

Modeling & Simulation

Core Modules Cyber Range Interfaces Dynamic Virtual Platform Cyber Security Lab

Instructors

• Create User Learning Plans• Schedule Dynamic Exercises

• Monitor User Training• Access User Pro�ciency

Users

• Follow Learning Plans• Access Knowledge Base

• Run Security Challenges• Participate in Dynamic Exercises

An Architechture that is Flexible, Adaptable and Extensible

Advance Your Cyber Maturity Training FrameworkFully Intergrated Training Solution

World Class Role-based Cyber Security,Training for Individuals and Teams

Training

Infrastructure

Basic

Intermediate

Advanced

ICS Simulations

Real-TimeSimulationChanges

Real-WorldModelling

CyberRange

Mod

ellin

g an

d

Sim

ulat

ion

Single UserAccess

Multi-UserAccess

CustomisableNetwork & ThirdParty Hardware

MultipleNetworks

As a simulation platform, Sypris’ Cyber Security Simulator enables companies to test and validate large-scale IT security solutions. The realistic virtual environment even allows for the testing of large-scale, multi-site industrial control systems such as SCADA. The strength of the platform is that it offers real-life virtualisation and real-time simulation of networks and systems.

Our real-world system setup enables trainees to evaluate attack scenarios and allows them to test their security responses in a realistic manner. Attack scenarios can be simulated or can be done as red team-blue team war gaming.

Our platform is a unique and highly-effective method of training because we are able to replicate industry-specific simulation environments to provide realistic training scenarios. For example, we can provide environments that replicate the infrastructure of a financial institution, a telecommunications carrier or a power company.

Graduate from our Dynamic TrainingReact Swiftly to Real Security Crises

Classroom Training and Assessment :

Knowledge Base

Self-Paced Training :Security Challenges

Team-Based Training :Dynamic Exercises