ONSITE • REMOTE • ONLINE • CLOUD
One eSecurity's CYBEX Service offers simulations of real cybersecurity incidents that your team will probably have to face sometime soon.
There are many different types of Cyber Exercises, ranging from a single challenge for your technical team in a hypothetical scenario, to a real and complete tabletop involving the crisis management team, making decisions based on real information coming from other areas or groups.
A Cyber Exercise can have different approaches and perspectives according to the client’s goals and objectives. These goals can be focused on evaluating the response capabilities and the internal knowledge of the company processes, identifying gaps in plans and procedures, measuring team technical knowledge and analyzing how teams react, measuring response time, testing business continuity plans, etc. They can also serve as training for different departments / areas / committees, evaluating their relationship models and interfaces, and analyzing how they work together.
The One eSecurity Cyber Exercises approach is based on real cyber threat situations adapted to the operational environments of our clients.
The scenarios can be precisely adapted to the client’s needs or demands. They can also aim to resolve existing weaknesses in the organization or consolidate strengths, to increase the level of effectiveness with which threats are contained or neutralized, or to improve the detection and reduce the potential damage of incidents, when they arise.
The alignment of the objectives, perspectives (strategic, tactical, and operational/technical), and teams involved, set the strategy that marks a successful exercise. Besides the topics mentioned above, there are also other factors that affect the Cyber Exercises design and scope. These factors are:
One eSecurity understands the aforementioned factors, options, and criteria, and it has established the following types of cyber exercises in order to cover all possibilities:
These types are represented in the following figure:
One eSecurity uses its own methodology that combines its experience and processes to build the most adequate attack scenario. This methodology is based on best practices and includes five phases, starting with the definition phase in which One eSecurity identifies the client's needs and requirements, gaining an understanding of their operational environment in order to mimic this in the cyber exercise.
Define and Design Stages
In the Define stage we develop a workshop with key client staff members to understand the real threats, threat agents, vulnerabilities, and critical assets. Combining these, we will propose two or more scenarios for the client to select from.
One eSecurity designs the cyber exercise chosen by the client:
Customize and Build Stages
In the next two stages, One eSecurity considers existing workflows/IRP or playbooks in order to refine the Cyber Exercise (continuous improvement) and include company platforms/committees to complete the scenario’s context. One eSecurity develops and reviews all the required material for the day (videos, speeches, notes, screens and review physical accommodation etc.…).
In accordance with the committees and roles defined in the crisis management plan and/or IR plan, One eSecurity organizes teams in round-table environments during the exercise and gives them a predefined time for every inject to collaborate, and agree actions and decisions between the different defined teams.
Once the inject time is over, the One eSecurity exercise leader discusses with the participants the actions and decisions that were taken and gives recommendations according to best practice. During the exercise, One eSecurity staff will document the decisions and actions of the teams, in order to write a final report on the effectiveness of the company’s response.
A final report that contains the analysis, recommendations and conclusions of the exercise will be delivered to the client according to each of the phases of the incident response:
|Cyber Consulting||SANS Training||Cyber Threat Intelligence|
|One eSecurity CYCON service can give you honest answers to the most complex questions and acting as a guide throughout decision-making processes.||One eSecurity is partner of the SANS Institute in Spain, the worldwide leader in cybersecurity training.||The Cyber Threat Intelligence service by One eSecurity provides (both internally and for clients) knowledge and information on key threats for decision-making and forecasts of risk situations on IT systems and networks.|
|Learn more||Learn more||Learn more|