Although cyber ranges were developed originally for the public sector, they have expanded far beyond their original roots.
These simulated IT environments are invaluable for cybersecurity training and cyber resilience training. Leveraging technology like cloud computing and virtualization, modern cyber range platforms have greatly expanded their scope and effectiveness.
Cyber ranges are simulated environments designed as much for security training as for software development.
A cyber range consists of two primary components — a cybersecurity lab or virtual IT lab supported by a learning management system. Most ranges feature a virtualization layer, and may also include network and computing infrastructure. More modern and sophisticated cyber ranges are able to virtualize nearly everything, eliminating their physical footprint altogether.
Along with cybersecurity training, potential use cases for cyber ranges include:
At least on paper, cyber ranges are intended to help security teams gain hands-on experience in cyberwarfare, so that they’re better equipped to deal with emerging threats and maintain a heightened security posture.
In practice, however, most ranges fall short. Some of them are too limited in scope, with generic scenarios that aren’t relevant to trainees. Others are far too broad, simulating a company’s operating environment perfectly but offering nothing in the way of guidance.
It’s when a cyber range strikes the right balance that the technology’s true value becomes clear.
It’s no secret that the cybersecurity sector has been warring with cybercriminals since the earliest days of the Internet. It’s also no secret that we’re not exactly winning that war. Particularly in the face of the cybersecurity skills shortage, we simply don’t have enough professionals with practical experience.
Cyber ranges directly address this issue, and several others.
Real-time feedback: With a traditional exam, you rarely know what you did wrong until days — sometimes weeks — later. By that time, there’s a good chance you’ve forgotten what you did wrong. With cyber ranges, feedback can be instantaneous, ensuring employees can identify and correct dangerous habits sooner rather than later.
Even the best cyber range solution can fail to deliver if your organization doesn’t back it with the right training program. In order to provide your employees with an adequate level of training, you cannot simply deploy a cyber range. You have to adhere to several best practices, as well.
What are you trying to accomplish with your cyber range? What are the most significant threats facing your organization? How effective might your training be in addressing those threats?
Every decision you make regarding your cyber ranges must account for your business’s unique threat landscape, security posture, and employee permissions — and more importantly, the impact you want your training to have on them.
A sanitized version of a network is useless for training purposes. In the real world, there’s going to be noise. There will be tides of notifications, a ton of extraneous network traffic, and plenty of other distractions.
Your team needs to learn how to detect threat actors through this noise.
Create cyber range simulations that can perfectly imitate your own network infrastructure, security posture, and threat landscape. Generic simulations and drills might still teach your employees a thing or two, but they’re nowhere near as valuable as tailored lessons.
Don’t fall prey to the mistaken belief that you can simply turn people loose into a cyber range and they’ll train themselves. Cyber ranges are only one part of the equation where security training is concerned. They need to be paired with a lesson plan in order to be effective.
Don’t just expect your people to embrace cyber range training for its own sake. Incentivize them. Give them a reason to engage, such as by allowing them to track their own progress and see how they’re improving over time.
If a system is cumbersome or frustrating to use, people won’t use it. And if they’re forced to use it, they’ll do the bare minimum. All this is to say that your cyber range has to be seamless and simple to use, lest it distract from its core purpose.
As you might expect, cyber ranges are seeing widespread use across multiple industries and verticals and for multiple purposes. Security training aside, some of the most common use cases include:
You can only learn so much sitting in a classroom. To contend with modern threat actors and sophisticated cyberattacks, security professionals need hands-on experience.
Given they can’t very well risk putting out fires in the hopes of finding a teachable moment, cyber ranges remain the best option. The best way to ensure that when a threat actor finally does set your business in its crosshairs, you’re ready for them. Unfortunately, given their relative complexity, setting up a modern, cloud-enabled cyber range is often easier said than done — especially if you want to prioritize the employee experience.
How can you prevent your cyber range training from being a boring, frustrating slog? What can you do to ensure that your efforts to provide hands-on cybersecurity training don’t devour your entire IT budget? We answer those questions and more in our blog post How to Improve Cyber Security Hands-On Training Experiences for Employees.