QualiFYI | ep.3: TSI CTO Talks Cyber Range
In this month’s QualiFYI episode, I’m joined by TSI CTO, Chuck Reynolds, where we talk the importance of automating cyber range training environments in an attempt to identify and resolve vulnerabilities before they are found by bad actors. Check out the video below!
Q: We know that cyber attacks expose a company’s vulnerabilities, and that’s a company’s worst nightmare; especially over the last couple of years, with data breaches taking over the news. Tell us, what is cyber range and why is cyber range training more crucial now than ever?
A: Well, there are so many complex vulnerabilities that companies are exposed to. The biggest problem that we have in the industry today is that there’s a cyber component to everything. So, there’s a huge demand for cyber experts to help defend and attack and secure our networks and different industry segments. The problem is that most of the universities and training programs focus on beginner and intermediate environments with canned simulated training environments and particular scenarios built inside of them.
What they don’t do, which is a real reason why we need a cyber range, is they don’t have a full production replica of the exact network that they have to work on, and basically exposing that as a cyber range to do experiments and to train their end users on. In particular, universities do a lot of training of open source tools and these canned tools and they don’t work on the actual real industry components of these networks from Cisco and Juniper. So these people don’t have the opportunity to train and get up to speed on them in a timely fashion.
Q: How has the landscape of cyber and training evolved?
A: Well, early on, basically the Department of Defense and some other organizations have put together simulated simulation environments of cyber, and those work great for that, as we mentioned, beginner and intermediate training environments. What’s happened now is the networks have become so much more complex and the number and types of different kinds of attacks have become so more complex that we really need some automation around a cyber range to basically deploy it, use it and get it up and running quickly so that the end users and the administrators of the range can all do those things and use those things.
Unfortunately, a lot of these tools are the open source tools that we talked about, and the need for actual real production environments and spinning those up is really critical on a cyber range so that it can be rapidly deployed and consumed by people.
Q: How important is environment automation in cyber range training and why?
A: It is extremely important. A tool like CloudShell Pro can provide Environment as a Service to shorten the time it takes to administer and deploy a cyber range. We’ve had some national guard events where it took six to eight weeks with tens of engineers to set up and provision and build a network, only to use it for a few days and then tear it all down again.
So being able to automate the setup and provisioning so that it can happen in minutes instead of weeks is a huge boon to this; allows people to do more cyber exercises and more cyber training. The ability to save away a particular snapshot of the network to come back and do forensics analysis on it, or to do some after exercise reviews and understand what happened; to learn from that in a training environment is a fairly big deal. So having something like a cyber range as a service based on CloudShell Pro, which is something that we offer a lot to bring people up to speed on the cyber ranges and be able to deploy them and use them and consume them rapidly.
Q: When you hear Environment as a Service, what is the first word or phrase that comes to your mind?
I have to say CloudShell Pro.
CloudShell Pro is a great tool because it manages the life cycle of your workflows and your infrastructure and automates that entire process for your company.