The security industry faces a tough and growing problem: many of the fundamental decisions made which affect security are made by people that don't have the right cyber skills or experiences. This talk describes how the creation of a realistic, hands-on wargame environment can be leveraged to not only teach participants about attack and defense but to enable other organizational advantages.
The game environment puts two attacking teams competing in parallel with a single defending team, with all teams evaluated and scored. The game environment role-plays different attack motivation, technique and mindset with one team playing as hactivists and the other playing as nation state. The defending team manages a diverse mix of IT and OT assets, including an emulated oil refinery comprised of SCADA and HMI using industrial control protocol communications. And, the game leverages the human dimension, inclusive of insider threat and social engineering.
The game is 2.5 hours start to finish, comprised of short intro brief, teams then move to their operations areas where they are given team briefings, then an hour of gameplay, concluding with team post-briefs. Winning teams often are those that communicate best. The defending team has the most scoring opportunity but faces the toughest challenges.
This talk will present the technical architecture of the game environment for technical attendees interested in building their own. Our talk will present business value to the game for non-technical attendees interested in promoting their organizational capability, building brand awareness, or creating a customer-oriented training service. And, we will show screenshots, videos and detailed diagrams giving all attendees a close view of how the game is built and delivered.