2020 TRENDS, INTELLIGENCE AND LATEST TRAINING PROGRAMS - Cybertech 2020 Special Edition - CyberGym
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Cybertech 2020
Special Edition
2020 TRENDS, INTELLIGENCE
AND LATEST TRAINING PROGRAMS
Bridging the mounting cybersecurity talent gap and training
your personnel in the skills they need to effectively defend
your organization from daily cyber threats
/ 1 /Table Of Contents
2020 Training Programs Page 3
The Changing Cybersecurity Landscape of 2020 and Beyond Page 4
2020 Complex Cyberattack Experience Page 5
2020 Cybersecurity Awareness Essentials Page 6
4G, 5G and IoT Environments - Security Tactics Page 7
2020 Cyber Crisis Management for Executives Page 8
Distribution of CYBERGYM'S live training facilities Page 9
Advanced Forensic Collection Page 10
Essential Incident Response Tactics Page 11
Cyber Threats and Defense Essentials Page 12
Advanced SOC-Intrusion Detection Tactics Page 13
Cybersecurity for External Contractors Page 14
Basic Incident Response for ICS Page 15
Cyber Guardian Certification Program Page 16-17
CYBERGYM Value Added Services Page 18-19
/ 2 / www.cybergym.com | info@cybergym.com2020 TRAINING PROGRAMS
A Complete, Organization-Wide Qualification
Cybersecurity Professionals
2020 Complex Cyberattack Experience
Advanced Forensic Collection
Essential Incident Response Tactics
4G, 5G and IoT Environments - Security Tactics
Cyber Threats and Defense Essentials
Advanced SOC-Intrusion Detection Tactics
Basic Incident Response for ICS
IT / OT Professionals
2020 Complex Cyberattack Experience
2020 Advanced Forensic Collection
Cyber Threats and Defense Essentials
Advanced SOC-Intrusion Detection Tactics
Corporate Executives & Senior Management
2020 Complex Cyberattack Experience
2020 Cyber Crisis Management for Executives
Cybersecurity for External Contractors
General Employees & Executives
2020 Complex Cyberattack Experience
2020 Cybersecurity Awareness Essentials
/ 3 /THE CHANGING CYBERSECURITY
LANDSCAPE OF 2020 AND BEYOND
Cyber threats are the number one existential concern of CEOs and executives, CYBERGYM’s Proactive
and rightly so. Hackers are breaking into corporate networks every 30 seconds
on average, and in 2019 the number of well-planned, complex, multi-stage Cyber Strategy for 2020
attacks grew by 40%.
Cybersecurity budgets have dramatically increased in recent years and are
Looking forward to 2020, CYBERGYM’s experts expect to see further expected to increase even faster in the face of the enormous corporate
sophistication and long-term planning in cyberattacks executed by larger challenges that data security and privacy are about to present. Companies
groups of professional hackers, and smaller hacker groups targeting the billions in the USA are currently spending between $1,300-3,000 per employee on
of mobile devices in daily use worldwide. Attacks will feature new types of cybersecurity initiatives, a figure that is likely to increase in 2020. As the
human-targeted and engineered breaching methods, while AI and non-human professional security workforce becomes pricier and scarcer by the day, these
algorithms will enable the automation and scaling of cyber terror, political huge investments are well justified, but their impact must be maximized.
cybercrimes, and national-level attacks.
CYBERGYM sees these challenges in a holistic way, offering qualification
One element that will remain key for any cyberattack is the human factor as a programs that are tailored to a detailed profile of each company and
door opener, enabler or even facilitator. This phenomenon is exacerbated by the organization, to match the precise threats, technology and manpower structure
global shortage in cybersecurity professionals; industry leaders estimate that involved, but most importantly, the skills and knowledge-level of its people.
in 2020, the demand for security professionals will exceed 4 million positions
globally, a massive 45% increase on the 2.8 million available today. As we launch into 2020, CYBERGYM has prepared a unique training portfolio that
answers the security trends we have prioritized as being the most crucial for
In the growing absence of the skilled, professional cyber manpower required, our clients in the coming year. In this way, we help organizations to maximize
decision-makers are challenged to re-think the use of their security budgets every dollar spent on security, ensuring that this investment achieves the
and must seek new and creative ways of optimizing the resources they best performance of your people - the most crucial, risky and costly security
have. Part of the answer to this challenge is to introduce progressive training resource you have.
and qualification programs, not only for IT and cybersecurity staff, but for all
employees.
CYBERGYM Live Training Solutions
CYBERGYM builds training solutions for all levels of the organization, at the core
of which is live-training - the most effective, rememberable way for people to
gain first-hand experience of the potential risk and damage associated with a
multi-staged cyberattack.
Our training programs are conducted at our network of training facilities, which
we call Cyberwarfare Arenas, around the world, offering skillful cyber training
and live training sessions for your teams of security professionals, executives
and managers, and general employees.
/ 4 / www.cybergym.com | info@cybergym.com2020 Complex Cyberattack Experience
The primary goal of a cyber-readiness program is to instill in every employee, manager or Suggested Target Personnel
team member a high level of awareness of the security risks and threats to the organization in
question. All employees and managers of all levels, roles
and departments; security professionals (as an
CYBERGYM’s 2020 Complex Cyberattack Experience program is designed as a unique, entry- introductory level program).
level program that creates awareness and commitment in all employees, at all levels of your
organization. The program begins with an introduction to the major threats and data and privacy
security trends expected to characterize 2020. A complementary workshop touches on the Duration
various strategies of human-engineering hacking and the risks to corporate data assets, while
additional topics include seeing the organization from a client-privacy viewpoint. One full day
- Morning session - lectures and workshops
The highlight of the program is the opportunity it gives participants to experience first hand a - Afternoon session - live cyberattack
live, multi-stage cyberattack, beginning with the use of human-engineering methods to breach experience.
personal mobile devices, and continuing on to the compromise of major corporate networks
and data assets. The day ends with an open ‘meet the-hacker’ session, where participants get to
understand the hacker’s strategy, the attack scenario logic and stages, and how offensive hackers
both think and act.
This highly impactful and rememberable training is a once-in-a-lifetime experience for most
participants.
Training Outcomes
■ Acquire a deep understanding of the most relevant and current risks and trends
in cybersecurity
■ Develop an awareness of the daily risk of human-engineering hacking
■ Gain an understanding of recent privacy-driven regulations and their implications
on businesses
Undergo a unique, highly-effective experience for a cyberattack on corporate assets
/ 5 /2020 Cybersecurity Awareness Essentials
Generally, cybersecurity isn’t one of a general employee’s daily concerns. But, just one mistake Suggested Target Personnel
can be very costly; if an employee opens a malicious email attachment, the whole organization
could be exposed to a serious malware attack. General employees
Participants in CYBERGYM’s 2020 Cybersecurity Awareness Essentials training program gain Duration
an understanding of the cyber-threat landscape, including different types of attack and the
impact they can have. They’ll experience an actual cyberattack, enabling them to understand One full day
their responsibilities, as well as the tools and procedures they’ll need during the event. This
training radically improves your employees’ ability to detect and avoid cyber events.
Training Outcomes
■ Increase awareness of cyberattacks
■ Understand responsibilities and available interfaces
■ Enhance security-threat detection skills
■ Acquire insights into the hacker’s perspective and mindset
■ Undergo a unique, highly-effective experience of a cyberattack on corporate assets
/ 6 / www.cybergym.com | info@cybergym.com4G, 5G and IoT Environments - Security Tactics
As the global rollout of 5G mobile networks approaches, the world is about to experience an Suggested Target Personnel
eruption of billions of new mobile-connected devices of various types, including not only
personal smartphones but also surveillance sensors, industrial controllers, robotics devices, Security professionals; incident response
appliances and more. The sheer number of devices will present a new, unprecedented level of teams; SOC professionals; security and IT
security and privacy challenges for businesses. executives
CYBERGYM’s 4G, 5G and IoT Environments - Security Tactics program is designed for
security teams and executives who wish to be educated in the risks for corporate networks, new Duration
cybersecurity trends and updated offensive strategies that are the direct outcome of this new
reality. One full day
The program includes lectures, workshops, hands-on exercises and a live-training cyberattack
which follows a complex scenario of human-engineered breaches into mobile and IoT devices,
compromising the organization’s networks.
Training Outcomes
■ Acquire a deep understanding of the most relevant and updated risks and trends
in mobile networks, new IoT devices, and networking strategies of ultra-high-speed
connected devices
■ Gain experience and expertise of a mobile-oriented cyberattack on corporate assets
■ Understand the offensive strategy and hacker point-of-view of human-engineered
mobile network cyberattacks
■ Undergo a unique, highly-effective experience of a cyberattack on corporate assets
/ 7 /2020 Cyber Crisis Management for Executives
In 2020, executives will be expected to make decisions that will have a crucial impact on their Suggested Target Personnel
organizations, shareholders, employees, customers and partners. During a cyber event, they must
be able to make the right calls, and fast, such as whether to pay the ransom demanded, how to CEOs and senior executives; board members
draft a crisis-management plan, and when to release public statements and share information
with the relevant authorities. This requires constant awareness, knowledge and skills that are Duration
touched upon in an impactful way during this authentic and realistic training.
One half day
In CYBERGYM’s 2020 Cyber Crisis Management for Executives program, trainees manage
a live, complex, multi-stage cyberattack on their organization’s most valuable assets. Tailored
to your organization’s specific profile in terms of global distribution, IT and/or OT technologies,
and security policies, the training simulates an actual attack and the most up-to-date threats,
with particular emphasis on risk management and the specific skills required to deal with a
cyberattack.
Training Outcomes
■ Understand cybersecurity threats and their short and long-term consequences
■ Recognize the range and complexity of cyberattacks, and their impact on the entire
organization
■ Gain experience of managing a realistic cyber event, in a highly stressful environment
■ Acquire insights into the hacker’s perspective and mindset
■ Use the required tools to make critical decisions during a cyberattack
■ Learn policies required for effective cyber-event management
Undergo a unique, highly-effective experience of a cyberattack on corporate assets
/ 8 / www.cybergym.com | info@cybergym.comDISTRIBUTION OF CYBERGYM'S
LIVE TRAINING FACILITIES
WCWA - Worldwide Cyber Warfare Arenas
VILNIUS
AMSTERDAM
NEW YORK LISBON
SHINJUKU
TEL AVIV
AKASAKA
JOHANNESBURG
MELBOURNE
/ 9 /Advanced Forensic Collection
Cyber incidents that involve hacking of desktop and laptop operating systems are rare, but they Suggested Target Personnel
are sometimes a precursor to a much larger cyberattack. Hackers tend to cover their tracks and
build complex fabricated fingerprints for their actions, so it’s critical that relevant personnel have Tier-2/3 security analysts;
the necessary forensic skills, such as exploitation, vulnerabilities, and information-gathering, at incident response teams
their fingertips, ready to deploy them quickly and wisely as required.
Duration
CYBERGYM’s Advanced Forensic Collection program gives participants training in incidents
of hacking of MS-Windows, enabling your team to gain practical hands-on experience of the Two full-day sessions
internal mechanisms of a complex malware scenario.
Sitting through a series of lectures at one of CYBERGYM’s secure training arenas, and working
together to solve exercises, your team will develop the understanding of essential tools and skills
they need to perform at their peak when duty calls.
Training Outcomes
■ Achieve a deep familiarity with the internal mechanisms of a cyber malware attack
Understand the theory and practical skills required to perform cyber forensics
in a complex OT/IT environment
■ Work in a unique team format, and test your team’s capabilities and collaboration levels
/ 10 / www.cybergym.com | info@cybergym.comEssential Incident Response Tactics
CISO and SOC managers play a pivotal role in detecting and defending against cyberattacks; in Suggested Target Personnel
the event of such an incident, the entire management of the response and actions taken are
overseen directly by the CISO or SOC manager. Since they are ultimately responsible for securing CISO and SOC managers; IT and OT personnel
the organization, they must be included in your organization’s cybersecurity decision and policy-
making. Defining, implementing and maintaining the entire protection-defense-response system Duration
requires careful communication, running routine testing and aligning business policies.
Three full-day sessions
In CYBERGYM’s Essential Incident Response Tactics program, participants face various
complex attack scenarios and learn how to mitigate them. The training covers the full spectrum
of breach identification: endpoint and network levels, SIEM and security standpoints.
One of the unique advantages of this program is the involvement of CYBERGYM’s Red Team;
in-house, expert hackers who are deployed during the identification and investigation stages of
the training.
Optional OT-environment sessions benefit from CYBERGYM’s strategic partnership with the Israel
Electric Company, which provides functioning SCADA equipment. Participants are exposed to
scenarios involving specialist industrial equipment and prevalent attacks, such as ransomware,
DDoS and data leaks.
Training Outcomes
■ Identify cyberattacks while optimizing SIEM and security systems
■ Develop adaptive response strategies to complex cyberattacks
■ Detect and rectify network anomalies
■ Enhance security-threat detection skills
■ Detect, limit, remediate and stop cyber incidents, intrusions and data breaches
■ Acquire insights into the hacker’s perspective and mindset
/ 11 /Cyber Threats and Defense Essentials
As the people behind the SOC team, the IT department is fundamental to the safety of your Suggested Target Personnel
organization; they ensure that appropriate detection and response processes are implemented as
designed, to secure the whole organization. As such, the IT department is central prior to, during IT and OT professionals
and after a cyber event; they are often the first to encounter and perform a rapid analysis on
potential threats. One of the IT department’s challenges is communicating and coordinating with Duration
the SOC and general workforce. Miscommunication can lead to critical issues going unreported.
Two full-day sessions
CYBERGYM’s Cyber Threats and Defense Essentials training program enhances your IT
department’s response to cyber threats and cross-team communication and cooperation.
Participants learn how to identify network vulnerabilities, analyze infrastructure in a systematic
manner, and identify security gaps and real-life cyberattacks.
Training Outcomes
■ Identify cyberattacks while optimizing SIEM and security systems
■ Enhance security-threat detection skills
Defend system infrastructure from various attack vectors
■ Detect, limit and stop intrusions and data breaches
■ Contain and repel cyberattacks
■ Acquire insights into the hacker’s perspective and mindset
/ 12 / www.cybergym.com | info@cybergym.comAdvanced SOC-Intrusion Detection Tactics
Tier-2 and tier-3 analysts are required to sort through every escalation received from their tier-1 Suggested Target Personnel
colleagues (for example, about potential malware intrusions). As experts, they use complex
security tools and conduct advanced analyses, including deep incident and root cause analyses, Tier-2 and tier-3 security analysts; incident
potentially affected data sets, and reverse and forensic engineering. response teams
In CYBERGYM’s Advanced SOC-Intrusion Detection Tactics training program, participants Duration
face various complicated attack scenarios, covering all areas of security breach identification:
endpoint and network levels, SIEM and security standpoints. Three full-day sessions
Participants create a well-designed, executable plan for managing and responding to
cyberattacks, including steps for preventing data breaches, loss of information and loss of public
confidence. They also acquire crucial digital forensic expertise and learn how to perform a
comprehensive attack analysis.
Training Outcomes
■ Identify cyberattacks while optimizing SIEM and security systems
■ Strengthen anomaly-detection capabilities
■ Detect when and how a cyber breach occurred
■ Develop an adaptive response to complex cyberattacks
■ Enhance security-threat detection skills
■ Detect, limit, remediate and stop cyber incidents, intrusions and data breaches
■ Acquire insights into the hacker's perspective and mindset
Experience APT containment and remediation live and in real time!
/ 13 /Cybersecurity for External Contractors
Contractors are often unaware of potential cyber threats and security procedures. Additionally, Suggested Target Personnel
third-party vendors are not necessarily bound by your company’s security policies; indeed,
sometimes, they are not even aware of them. External contractors
In addition to explaining the company's security policies, CYBERGYM’s Cybersecurity for Duration
External Contractors training program demonstrates a real-time cyberattack, instructing
participants how to detect and react to threats. Training includes exposure to real-life scenarios, One half-day session
such as email phishing attempts, ransomware attacks, and concealed GSM attacks.
Training Outcomes
■ Increase awareness of cyberattacks
■ Understand responsibilities and available interfaces
■ Understand damage limitation
■ Enhance security- threat detection skills
■ Acquire insights into the hacker’s perspective and mindset
/ 14 / www.cybergym.com | info@cybergym.comBasic Incident Response for ICS
CYBERGYM’s comprehensive Basic Incident Response for ICS training program includes the Suggested Target Personnel
theoretical principles and practical exercises required to manage and lead organizational cyber
incident response processes. Participants gain in-depth knowledge of critical concepts and tools OT professionals
in the field of ICS incident response.
The content, case studies, tools, hands-on experiences and methods used in the program are Duration
focused explicitly on the management, investigation and analysis of ICS and OT cybersecurity
incidents. Three full-day sessions
Training Outcomes
■ Acquire the necessary expertise, methodology and practical experience required to
become a skilled first responder or incident response team member, in organizations
that utilize ICS or OT systems
■ Manage corporate security policies and ensure compliance with standards and
regulations
■ Develop and update organizational policies and procedures
■ Evaluate the extent of damage and assign responsibilities
Detect and mitigate real-life APTs
/ 15 /CYBER GUARDIAN
CERTIFICATION PROGRAM
Transform your in-house security specialists into
multidisciplinary security professionals
Cybersecurity Awareness - Essentials Workshop
Introduction to the key architectural and technological
concepts of cybersecurity. Implementations and
1
applications in: networking and communications,
computer architecture, software development &
execution. Security Monitoring & Management
2 Tools, concepts and methods used to monitor and
manage the network security infrastructure. Gain an
Security Monitoring
essential & Management
understanding of the big security picture
as well as the cybersecurity incident flow unfolding
Network Security Concepts & Methodologies within the organization's network.
cybersecurity key threats, attack patterns and risks in
the cyber world; methods and concepts in protecting
3
and attacking the organizations critical data assets.
Essential Tools for Cyber Investigation
4 Professional tools to investigate an incident, collect
initial evidence, and extract the required information
for use by the incident response team.
Incident Response - Principal Tactics
Tools, skills and work methods utilized by an incident
response team, within the organizational context, and 5
during a live cyberattack in one of our Cyberwarfare
Arena environments.
Cyber Crisis Management
Skills and concepts required for successful
6 management of a major cyber incident and its
Graduation
damageBoot Camp
to the organization, based on best practices
and actual case studies.
Ethical Hacking & Penetration Testing Principles
Principles, methodologies and tools for ethical hacking
and penetration testing, covering key concepts such 7
as exploitation, vulnerability, information gathering and
more. Secure Software Development - A Basic
Introduction
8 Principles for designing secure software architecture
and developing secure code, utilizing known
practices and techniques, such as input validation,
Overview of Cyber Basics authentication strategies, memory access protection
Internal processes, mechanisms and stages of and more.
malware execution. Gaining hands-on experience 9
in collecting evidence and performing a forensic
investigation during an actual-live cyberattack, at the
Cyberwarfare Arena.
Graduation Boot Camp
10 An intensive experience, summarizing all skills,
tools, concepts and techniques covered during
the program. The participants will be challenged
with a series of live incidents, during which they
will demonstrate their skills.
/ 16 / www.cybergym.com | info@cybergym.comCyber Guardian Certification Program
Cyber Guardian Certification program will take your IT professionals to the next level, giving them the skills
and knowledge they need to manage and operate the entire incident lifecycle from first response, through
mitigation and forensics.
Once certified, your cybersecurity teams, external service providers, and decision-making executives will be
able to rely entirely on your ‘Cyber Guardians’ who will have a full understanding of the event,
and how to manage it.
This program includes a comprehensive body of knowledge, hands-on
exercises and a live-training experience, covering the details required to manage a real-life cyber event.
Certification Outcomes
■ Develop the ability to carry out the organization’s initial and ongoing risk analysis
■ Acquire the skills to perform an initial analysis of suspicious activity, identify false
alarms, react to ongoing cyber incidents, minimize damage and optimize the
mitigation process
■ Gain the knowledge, experience and technical ability to perform the initial
evidence collection and forensic investigation of a cyber incident, and provide the
required findings
■ Act as a single point of contact, and liaise between the organization’s technical
teams, workforce, management and external experts and suppliers
■ Correlate the organization’s cyber-incident management and attack-mitigation
processes with the organization’s procedures and policies
■ Act as the organization’s leading cyber-defense authority, responsible for
maintaining cybersecurity awareness among all employees
Suggested Target Personnel
IT professionals; newly recruited security professionals
Duration
18 days
/ 17 /CYBERGYM Value Added
Services
A complete and comprehensive response to
your cybersecurity needs
/ 18 / www.cybergym.com | info@cybergym.comCYBERGYM Value Added Services
A complete and comprehensive response to your cybersecurity needs
Leveraging a unique combination of top-of-the-line infrastructure, extensive cybersecurity
expertise, and key insights gained from training your personnel, we’ll test, analyze and
evaluate your organization’s cyber strategies and technologies, identify gaps, and support
you through the process of closing them.
Our main services
Penetration Test
Test the effectiveness of your security technologies, policies and human skills in the safest, most realistic environment. Scalable
and customizable to any organization size, distribution model, environment and workforce, our penetration testing will enable
you to discover and map the weakest points in your defenses.
Vulnerability Assessment
Get an in-depth view of the state of your security and how to improve it. Powered by our Red Team of professional White-Hat
hackers, we’ll launch a series of complex cyberattacks on your security systems, testing them against external and internal
threats, including private applications, infrastructure and cloud services.
IT Incident Response Services
Certified by CYBERGYM, our highly-qualified team delivers the ultimate incident response performance, identifying and
containing threats in order to prevent damage to your organization.
SOC as a Service
Our ex-intelligence cyber experts around the world are available to take care of your SOC needs; identifying, mitigating and
collecting forensics for any cyber incident, to optimize your cybersecurity posture.
/ 19 /About CYBERGYM
CYBERGYM provides tailored cyber-training solutions to organizations around the world.
With the most relevant threat model and a technological environment configured to your
technological setup, we make sure your people gain the experience they need, as individuals
and as a team. CYBERGYM further qualifies your general workforce and executives, delivering
an all-inclusive, organization-wide solution.
Founded in 2013 by experienced veterans of Israel’s prestigious intelligence organizations,
CYBERGYM gives you the peace of mind of knowing that your teams are always ready, and
cyber investments are maximized.
CYBERGYM Israel (HQ) CYBERGYM USA CYBERGYM Japan
1 Mivtza Yonatan St 224 West 30th St., 101 Homat Royal, 1-14-11,
Hadera 3852024 Suite 502 New York, NY 10001 Akasaka, Minato-ku
Tokyo, 107-0052
Tel: +972-4-667-9701 Tel:+1-877-292-3749
Sales@cybergym.com info@cybergymny.com Tel: +81-3-6807-4312
info_jp@cybergym.com
CYBERGYM Australia CYBERGYM Lithuania
370 Docklands Dr. Kareiviu 11B
Docklands, VIC 3008 Vilnius LT-09109
Tel: +61-3-91318300 Tel: +972-4-667-9701
Sales@cybergym.com.au Vilnius@cybergym.lt
CYBERGYM Netherlands CYBERGYM South Africa
The Base, Evert van de Beekstraat 1, Building 1 Pendoring Office Park,
1118 CL Schiphol 299 Pendoring Rd,
Blackheath, Randburg, 2195
nl@cybergym.com
SA@cybergym.com
www.cybergym.com | info@cybergym.com
/ 20 / www.cybergym.com | info@cybergym.comYou can also read
