The phrase “practice makes perfect” is misleading. There is no such thing as perfect. However, good practice makes you better and allows you to refine and verify your skills—and one of the best ways to practice is at a range. If you want to get better at golf, go to a driving range. If you want to improve your marksmanship, go to a shooting range.
You may not think of cyber security in the same way, but the same principle applies. Organizations today must defend against a complex and expanding attack surface, against sophisticated adversaries and a daunting threat landscape. You certainly don’t want to wait until you’re in the middle of an active cyber attack to find out the hard way that you’re not as prepared as you should be. An environment that allows you to develop and validate your cyber skills she is invaluable.
You need one scope of cyberspace.
The real thing
There is a common saying that you can’t learn to ride a bike by reading about it in a book. Likewise, you won’t gain any strength or fitness value from watching a YouTube video on proper form for pushups. Some things really have to be done to fully understand them or get value from them. You can study theories and go through the motions, but nothing beats the real thing.
What makes a series valuable is that it allows you to work on tactics and techniques in an environment that is relatively close—or at least very similar—to the actual scenario where you will use those skills. Hitting a real golf ball with a real golf club or shooting a real gun at a target develops muscle memory and gives you first-hand experience that is invaluable when you need to use those skills in the real world.
Ranges also allow you to rate and evaluate gear. You can try different golf clubs or golf balls to see how they perform, or try different guns or ammunition to determine which one works best or which you prefer.
Likewise, a cyberspace should also mimic a real IT environment as much as possible. It should provide realistic network traffic and accurately mimic network, user and threat actor behavior. Ideally, it should be a scalable, high-fidelity, open platform that provides flexibility for training in various scenarios.
A cyber scope is versatile and allows for a variety of training or validation scenarios. Red Teams can practice hacking skills. Blue Teams can train against live cyber attack scenarios. Organizations can evaluate security controls and configurations to validate their security posture.
It is important that the environment and movement of the cyberspace range be as realistic as possible. It should reflect real-world scenarios as closely as possible to allow security professionals to develop critical skills and empower you to conduct product and team evaluations leading to continuous improvement in your safety posture.
Are your cybersecurity tools and controls in place to defend against the overwhelming volume of sophisticated threats? Does your IT security team have the knowledge and experience needed to detect and respond to targeted cyber threats? How do you know?
If you wait until you need a skill or tool, it’s already too late. You need to do the research, learn the techniques and work ahead so you are ready when the need arises. A cyber scope can play an essential role in optimizing your security readiness and ensuring that you are prepared.