How the new Talos IR Cyber Range can prepare your employees for a cyber attack

How the new Talos IR Cyber Range can prepare your employees for a cyber attack
By Gerard Johansen, Charles Iszard and Luke DuCharme.
With the surge of ransomware attacks, information leaks and other cyber attacks in the headlines, most companies and organizations are aware that their employees need to be trained on how to stay safe online. But the real challenge lies in how to develop these pieces of training and tools in-house to build the necessary muscle memory to prevent and respond to an event.  Sending an analyst or two to a distant location for training depletes travel and training budgets, and when they return, there is little time to transfer this knowledge back to colleagues or managers.

Vendor-provided training focuses on the vendor’s proprietary technology and often neglects the concepts that need to be incorporated into an organization’s ability to respond.

To address these issues, Cisco Talos Incident Response (CTIR) created an interactive Cyber Range focused on Incident Response. This immersive experience is designed and delivered by incident response professionals for security professionals who need to increase their competency and muscle memory in incident response-related tasks.

CTIR Cyber Range is a comprehensive, three-day training exercise that utilizes a crawl-walk-run methodology. Students start by being shown various tools and techniques, then apply them to a real-world scenario. This step-by-step process allows students to build the skills necessary to tackle the next challenge, a guided scenario.

On the final day, the students are tasked with responding to a real-world attack scenario, during which they are required to periodically brief key stakeholders, identify a root cause, and brief their leadership – all while working collaboratively as a team to overcome the various challenges within the scenario.

CTIR Cyber Range includes several key features that were designed to develop the skills necessary to address security incidents. First, CTIR de ..

Support the originator by clicking the read the rest link below.