LEFT TO GOWatch Livestream
Commitment to increase the level of international cooperation between industries through extensive cyber exercise. The course is focused on determining methods of identifying cybersecurity incidents as well as developing tactics for responding to them and mitigating damage in the aftermath of an attack. Further attention is also directed at upgrading technical and structural cooperation.
To fulfill the role of the aforementioned threat actors the organizers assign a team who’s responsibility it is to prepare the infrastructure for playing out each cyberattack scenario launched in accordance with the plan of action on the day of the training. Threat actor activities are regulated by the Training Coordination Centre. The assigned team is located in Moscow, at the BI.ZONE office.
The role of defence is to be enacted by the actual cybersecurity divisions of participating organizations, which have to be notified of the events in advance. As part of preparation for the training exercises, each organization appoints a person responsible for prepping the technical infrastructure side of the exercise and managing team relations within their company, employing necessary resources in each phase.
The dedicated segment must be connected to event monitoring and incident analysis as a separate IT system, in order to allow SOC to use real tools and processes.
This needs be so, as it is necessary to achieve maximum similarity with every-day situations, just as it is necessary to distance away from synthetic scenarios, in order to evaluate the effectiveness of measures in practice, and provide recommendations for improving them.