ONSITE • REMOTE • CLOUD
One eSecurity's CYBEX Service offers simulations of real cybersecurity incidents that your team will probably have to face sometime soon.
There are many different types of Cyber Exercises, ranging from a single challenge for your technical team in a hypothetical scenario, to a real and complete tabletop involving the crisis management team, making decisions based on real information coming from other areas or groups.
A Cyber Exercise can have different approaches and perspectives according to the client’s goals and objectives. These goals can be focused on evaluating the response capabilities and the internal knowledge of the company's processes, identifying gaps in plans and procedures, measuring the technical knowledge of the team, and analyzing how the teams react, measuring response time, testing business continuity plans, etc. They can also serve as a training for different departments/areas/committees, evaluating their relationship models and interfaces, and analyzing how they work together.
The One eSecurity's Cyber Exercises approach is based on real cyber threat situations adapted to the operational environments of our clients.
Scenarios can be precisely adapted to the client’s needs or demands. They can also aim to resolve existing weaknesses in the organization or consolidate strengths, to increase the level of effectiveness with which threats are contained or neutralized, or to improve the detection and reduce the potential damage of incidents, when they arise.
The alignment of objectives, perspectives (strategic, tactical, and operational/technical), and teams involved, set the strategy that marks a successful exercise. Besides the topics mentioned above, there are also other factors that affect the design and scope of the Cyber Exercises. These factors are:
One eSecurity understands the aforementioned factors, options, and criteria, and it has established the following types of cyber exercises in order to cover all possibilities:
These types are represented in the following figure:
One eSecurity uses its own methodology that combines its experience and processes to build the most appropriate attack scenario. This methodology is based on best practices and includes five phases, starting with the definition phase in which One eSecurity identifies the client's needs and requirements, acquiring knowledge of their operational environment in order to imitate this in the cyber exercise.
Define and Design Stages
In the Define stage we develop a workshop with key client staff members to understand the real threats, threat agents, vulnerabilities, and critical assets. Combining these, we will propose two or more scenarios for the client to select.
One eSecurity designs the cyber exercise chosen by the client:
Customize and Build Stages
In the next two stages, One eSecurity considers existing workflows/IRPs or playbooks in order to refine the Cyber Exercise (continuous improvement) and include company platforms/committees to complete the scenario’s context. One eSecurity develops and reviews all the required material for the day (videos, speeches, notes, screens, and review physical accommodation etc.…).
According to the committees and roles defined in the crisis management plan and/or IR plan, One eSecurity organizes teams in round-table environments during the exercise and gives them a predefined time for each and every inject to collaborate, and agree on actions and decisions between the different defined teams.
Once the inject time is over, the One eSecurity exercise leader discusses with the participants the actions and decisions that were taken and gives recommendations according to best practice. During the exercise, One eSecurity staff will document the decisions and actions of the teams, in order to write a final report on the effectiveness of the company’s response.
A final report that contains the analysis, recommendations, and conclusions of the exercise will be delivered to the client according to each of the phases of the incident response:
|Cyber Consulting||SANS Training||Cyber Threat Intelligence|
|One eSecurity CYCON service can give you honest answers to the most complex questions and acting as a guide throughout decision-making processes.||One eSecurity is partner of the SANS Institute in Spain, the worldwide leader in cybersecurity training.||The Cyber Threat Intelligence service by One eSecurity provides (both internally and for clients) knowledge and information on key threats for decision-making and forecasts of risk situations on IT systems and networks.|
|Learn more||Learn more||Learn more|