Why Training Matters

CYRIN Newsletter

Why Training Matters, or Why Cyber Training for Utilities is an Asset, not an Expense

There’s nothing like a pandemic to remind us of the importance of preparation—and the high costs that come with not being prepared. Human beings, corporations, the Utility Industry—we’re all vulnerable to anticipated attacks, but we’re also at risk due to attacks we cannot anticipate.

While that is true, it neglects something that has been with us since the beginning of recorded human history. Education and training are what make human beings good at something and provide a means for us to adapt to new surroundings.

How does this affect cyber training?

Training for the unexpected is an essential part of preparedness. Training in advance allows us to make mistakes in simulated environments so we can improve and learn without any catastrophic consequences. Why, for example, does the military conduct war games? They do so to train their troops, to familiarize their ranks with the unfamiliar and the unpredictable, and to allow people to make mistakes and learn from those mistakes when lives are not on the line.

The same philosophy applies to Cyber Security Training. As noted in an Ixia report on cyber ranges, "Even protégés must learn and this is where cyber ranges come into play. You cannot expect your IT organization to be able to defend against a complex cyber attack if you are not adequately training them. It's like sending someone who has never thrown a punch in their life into a fight against the championship boxer. The novice doesn't stand a chance. He'll lose every single time. Yet that is precisely the situation that most organizations find themselves in today with regard to securing their critical infrastructure."

The Warnings

The Utility Industry has seen the warnings. In 2018 Wired magazine reported that security researchers had sounded the alarm about Russian hackers infiltrating and probing US power companies the previous year. There was even evidence that these actors had direct access to American utility’s control systems.

The US Department of Energy’s report released in August 2017 concluded there were more than half a dozen “capability gaps” in the power sector’s ability to respond to cyberattacks on the electric grid. And since then, the Utility Industry and “the Grid” have faced unprecedented changes—renewables, stranded assets, modernization, digitalizing the grid, the Internet of Things. These developments are incredible advancements—yet they also bring new vulnerabilities. It is imperative that we learn to protect the Grid from attacks.

Alongside this rise of possible threats, there is a dangerous and widening gap in cybersecurity skills, a shortage of people trained with the proficiencies they need to protect the organizations where they work. How does the CYRIN platform address this gap?

Special Solutions for the Utility Industry

With special solutions developed for the Utility industry. With Labs that give you a foundational skill set, with Exercises that allow you to practice attack and defend simulations—critical skills that you need to defend yourself against hackers. And finally, realistic Attack Scenarios as the third leg of the stool. We developed these scenarios in tandem with some of the best-known experts within the industry so that we could host virtual electric utility networks, including separate IT and OT networks, PLCs and SCADA systems. We've recreated these events so you can train in a remote, virtual, realistic environment. And we now have a number of utility users successfully training on these virtual networks.

We not only build these scenarios, but we give you the ability to measure and monitor progress—in real time or with after action reports. For the trainees, this allows them to see and measure their results, and for managers and instructors, we have "live" access or after action reports that present aggregate statistics, such as average time taken per learning objective, and graphical histograms of run results. And coming soon—CYRIN in the cloud, or VPN access where you can use your own tools!

CYRIN is our next generation “cyber range” for online interactive training and testing. Our remote virtual training can meet your needs and make sure your company is prepared and protected. CYRIN is fully interactive and independent, providing online exercises for each cyber defender, and it offers a comprehensive monitoring of student progress against learning objectives within practical exercises.

Preparation is the Key

Finding after finding shows that cybersecurity awareness training—when implemented as part of a layered cybersecurity strategy—improves security by reducing risks of end-user hacking. CYRIN will help you create a workforce of cyber-savvy users with the tools they need to defend your company from threats.

Well-trained people stop cyber-attacks. Good preparation can protect your company and lead to higher profits. We all like to think that the breach won’t happen to us; we like to imagine our systems are immune to attack. But denial isn’t an effective strategy. Preparation is. Practice is. Training is. CYRIN can help your company prepare for and defend against the cyber security challenges of 2020 and beyond.

CYBER TRAINING

How do you combat these risks? One way to do it is by training. Training equals preparedness. As we do for the military, we can do for you. CYRIN offers unlimited on-demand training opportunities for you and your team with three levels of training including 35+ cyber labs, multiple training exercises and now several attack vectors on SCADA/Industrial networks for the utility industry.

What is CYRIN? CYRIN® is a business unit of Architecture Technology Corporation, headquartered at their ATC-NY cyber security division in Ithaca, NY. CYRIN lets you use real tools, real attacks, and real scenarios to hone your skills in a virtual environment. We think the best way to train is to actually do it.

CYRIN trains you in the next-generation of cybersecurity skills from your own desktop. With virtual cyber-security training in a real-world environment, CYRIN lets you test your cybersecurity skills on your own schedule with no custom software or travel necessary.

CYRIN - Virtual - Remote - 24/7 Live Access

Get prepared. Call us now.

< Read other CYRIN Newsletters

Contact Us for details to Set Up a CYRIN Demo
+1-800-850-2170 sales@cyrintraining.com

Watch CYRIN: The Next-Generation Cyber Range

Learn More About How CYRIN Online Training Can Benefit Your Utility