Simulators add to education potential in cybersecurity landscape

When it comes to cybersecurity, if you teach a firm to defend itself, you just might protect it for a lifetime.

That’s the approach taken by an increasing number of cybersecurity companies, as IT Brew found at this year’s RSAC. RSA CEO Rohit Ghai—RSA and RSAC are now separate businesses—told us that the shift from cybersecurity being a fundamentally “elitist” industry to one that recognizes the importance of education and awareness is significant for the security sector.

“Demystifying cyber and netting it out in terms of cyber, you can also get overwhelmed,” Ghai said. “One is to get educated in terms of why you do what you do, things to worry about, things to pay attention to—but it’s a pretty complex equation. And for the mere mortal, for the normal human, it can be overwhelming, so netting it out and simplifying it is critical.”

That kind of simplification appeals to Debbie Gordon, founder and CEO of Cloud Range, an attack simulation company. She told IT Brew that the platform’s simulated environment, or range, is intentionally vulnerable, allowing users to see the gaps in their system and work on closing them, rather than adapting for one quick fix.

“We make the firewalls vulnerable, and we make it so the attack actually gets through, so that the SOC analysts have something to detect and respond to,” Gordon said.

The sims. Most simulators aim to provide users with pentesting capabilities. Red team attackers use tools like Stepping Stones to log their actions so customers can learn from their mistakes, but not all users believe that phishing simulations are helpful. Using breach and attack simulators can help defenders assess how to tweak their own systems—but that’s not going to show you where to look for vulnerabilities. Cloud Range’s segregated sandbox is fully contained, Gordon said, allowing users to experiment within the framework.

Ghai told IT Brew that one of the benefits of the conference is learning about the tactics used by different firms. He sees RSA as a responsible participant in the industry, and cybersecurity as a “team sport.”

“We are contributing to a lot of standards in education, and trying to lift all boats,” Ghai said. “That’s the only way we’ll be successful against the threat actors.”