Cyber professionals hone their skills
Rakesh Burgul, INS Chief Information Security Officer, recently attended a UK Civil Nuclear cyber exercise. The exercise was organised by the Department for Business, Energy & Industrial Strategy (BEIS) and here Rakesh talks about how important it is for businesses to be prepared for any threat of cyber-attack.
They say there’s nothing better than to roleplay something that you want to practice and that the more realistic you make it, the more valuable it becomes. With that in mind and as part of BEIS’s cyber strategy, part of which is aimed at up skilling cyber professionals in the nuclear estate in the UK, I attended a BEIS funded red-team event held at the NATO cyber range in Tallinn, Estonia. Red teaming is where you are pitted against an adversary in real time (in this case, a well-respected and well known pair of white hat hackers) and you have to make decisions and respond to attacks.
As part of a group of 16 cyber professionals from around the civil nuclear estate and our Regulator ONR, we were given an IT network to protect which mimicked a corporate network but significantly, this network was connected to a simulated Industrial Control System associated with a fictitious nuclear reactor. After two days of training in some hacking and IT forensics techniques, over the two following days, we were asked to protect the network from attack and/or manage any subsequent intrusions and incidents. A debrief followed on the fifth day.
The exercise was invaluable in helping me understand how the adversary thinks and works and what techniques are favoured. More importantly, we looked at the techniques on how to detect, mitigate and respond to such attacks.
Defending the UK’s critical national infrastructure, the country and the wider economy against increasing cyber threats is one of the greatest security related challenges we face – something that’s been recognised by UK government, the civil nuclear sector, and our regulators.
On the premise that there is no such thing as 100 per cent security and that the adversary is constantly looking for weaknesses and vulnerabilities and has plenty of time, we in the cyber world operate under the assumption that one day, our response skills will be required. These exercises help us to understand how to implement these skills and how we can minimise the reputational impact.