Cyberbit: A military approach to training cyber security teams
There’s a war raging between criminal hackers and corporate computer defense systems — and when it comes to wars, military organizations know how to fight them best. The Israeli military is known for the high quality of its cybersecurity training, and that’s what Cyberbit’s Cyber Range offers: The same military-grade training and simulation systems.
Cyberbit was founded in 2015 as a subsidiary of Elbit Systems, a leading Israeli defense contractor. Its goal is to commercialize the cybersecurity training and technologies Elbit had developed in its work with Israel’s military and government agencies.
Distributing this former military technology more widely makes sense in today’s world, because all companies are essentially on the front lines of a raging cyber war. The military is good at monitoring national borders, but today’s borders are much closer. They are in the firewalls and routers.
A corporation’s cybersecurity teams are its first responders to a serious attack, and they need to coordinate the use of many different tools within a tight timeframe.
“It’s not enough to buy security tools — you need to make sure your people know how to use them and how to combine them against multi-stage attacks,” says Adi Dar, CEO of Cyberbit. “When a company is under attack, people have to know how to work in teams and how to make quick decisions under intense pressure. We make sure they know what to do under many different situations.”
Cyberbit’s Cyber Range systems get its name from a firing range — a place where the military tests its weapons and the skills of its soldiers. Cyberbit argues that the same approach should apply to corporate security training: The ability to test the performance of security tools and people in real-world environments.
A key capability of the Cyber Range is being able to create a virtual model of a company’s IT network — its routers, servers, and software, and then simulate many different types of attacks in real-time. These systems are regularly updated to train teams on best ways to respond to the latest types of cyberattacks such as Ransomware. They can also used to research future possible attack scenarios and proactively prepare defenses.
“The best cybersecurity teams are the ones with the most experience,” says Dar. “Our simulations are hyper-realistic which means teams can build experience in dealing with some of the worst and most damaging attacks and then learn from any mistakes without risking the organization.”
The shortage of cybersecurity experts in the US is a key driver of Cyber Range system sales as universities and colleges create new courses to meet high demand. Cybersecurity Ventures predicts as many as 3.5 million open cyber security jobs in 2021.
Dar says that customers also use the Cyber Range systems to test job applicants and make sure their teams have the required mix of skill sets.
Cyber Range systems have been installed in many US locations and also in India, Australia, France, Germany, and Austria.
Cyberbit also offers Security Orchestration, Automation, and Response software; Industrial Control Systems security; and Endpoint Detection and Response tools. These help filter out high alert volumes created by the complexity of IT systems and can be used in combination against multi-level attacks.
The company is constantly evaluating new security threats. Its Malware Research team recently analyzed a new version of the Ursnif Trojan, a highly sophisticated malware creation that uses a file-less technique to hide and steal data: New Ursnif Malware Variant — a Stunning Matryoshka (Матрёшка) — Cyberbit