IBM (NYSE: IBM) Security today announced the industry's first mobile security operations center, able to travel onsite for cybersecurity training, preparation and response. Tactical Cyber Operations Center (C-TOC) IBM X-Force Command will travel the US and Europe to conduct incident response exercises with clients, provide on-demand cyber security support, and strengthen awareness and skills of professionals, students and consumers.
IBM X-Force C-TOC is a fully operational wheeled operations center, inspired by tactical operations centers used by military command posts and incidents used by first responders. Housed in a semi-trailer, the mobile center provides a "monitored floor" for sign-controlled cybersecurity, as well as conference and conference facilities that can accommodate around 20 operators, analysts and staff from the control center. incidents. The facility can be deployed in a variety of environments, with stand-alone power, satellite and cellular communications, providing a sterile and resilient network for surveys and responses, as well as a state-of-the-art training platform in cybersecurity.
Historically, cybersecurity teams have focused on detecting and protecting against cybersecurity incidents. However, as the threat landscape evolves, companies now recognize the need to plan and repeat their response to security incidents. The 2018 Cost of Data Violations Study1 found that companies that can effectively respond to incidents and remedy the situation in less than 30 days can save more than $ 1 million on the total cost of doing business. a data breach. Yet, less than 25% of professionals surveyed say that the company has put in place a coordinated incident response plan.
The IBM C-TOC will begin its journey with trips to the United States and Europe, with multiple goals:
- Training and Response Preparation: Focusing increasingly on improving response to incidents following major cyber security attacks, C-TOC can help companies train their teams in techniques (technical and management crisis) to react to attacks while simulating real conditions. how hackers operate and key strategies to protect the brand and the company's resources
- Support for On-Premises Cybersecurity: IBM has designed C-TOC with the features to deploy the mobile installation as a customer-specific security operation center. One potential use case under consideration is support for sporting events or other large gatherings where additional cybersecurity resources may be required.
- Education and Outreach: When C-TOC sits between IBM customer engagements, it will immerse itself in one of the industry's most realistic cybersecurity experiences - visiting university and local events, and even taking action awareness of children in primary school. generate interest in cybersecurity careers and help address the growing labor shortage.
"Living a major cyberattack is one of the worst crises a business can face.The leadership, skills and coordination needed are not something to test for the first time when faced with a real attack," he said. said Caleb Barlow, vice president of Threat Intelligence, IBM Security. "Having a mobile facility that allows us to realistically prepare for cyberattack and rehearsals to a larger, larger audience will be a game-changer in our mission to improve incident response efforts for organizations around the world." whole. "
Demand for cybersecurity preparedness and response increases
IBM Security has identified disaster preparedness and response as an underserved segment of the $ 114 billion cyber security market.2 In 2016, IBM invested $ 200 million in new equipment, services and software incident response, including the industry's first Cyber Range for the commercial sector. Since then, IBM has welcomed more than 2,000 people as part of its Immersion Cyber Security Training course at its Cambridge, Massachusetts facility. With the launch of X-Force C-TOC, this training is aimed directly at customers, as well as an expanded mission to provide on-site preparation and the possibility of additional cybersecurity services.
To create this Cyber Range experience and the C-TOC, IBM has consulted with dozens of experts from different sectors, ranging from emergency medical responders to active duty military officers. In addition to IBM's expertise in cybersecurity, C-TOC's experiences form teams on critical elements of crisis leadership: moving from the day-to-day business structure to the hierarchy of incidents to think in the future to anticipate the next evolution of a company. attacker.
The C-TOC training includes a "Cyber Best Practices Lab" with concrete examples based on real-life experiences with customers in the Cambridge Cyber Range. It will also allow companies to participate in an immersive and fun cyber attack that will allow teams to test incident response plans as part of a realistic high-pressure simulation. Here are some examples of these attack scenarios:
- Ox Response Challenge: This challenge was designed to allow the management team to immerse a wide range of stakeholders in a realistic "fusion team" environment in which players must determine how to respond to a cyberattack as a team in areas such as technical and legal aspects. , public relations and communications.
- OpRed Escape: Enter the mind of a cybercriminal and learn to think like a hacker; This exercise places participants in the "seat" of a real-world attacker, discovering how bad guys break into networks by observing an expert and gaining hands-on experience with a set of malicious tools.
- Cyber War Game: In this hands-on scenario, participants will discover a cyber-attack directed by a gang of cybercriminals targeting a fictional company. Operating on C-TOC's simulated corporate network, participants will use technical tools to identify and stop threats, while developing an intervention plan and developing leadership and crisis management skills.
Additional cybersecurity operations
IBM has also designed C-TOC to complement on-site support for customers as their cybersecurity needs increase. Cyber criminals are constantly on the lookout for important events and moments to launch their attacks, taking advantage of the increased interest, cash flow and Internet activity to achieve superior returns from malicious activity.
Cybersecurity at large events is increasingly being considered, alongside emergency response and public safety. For these events, IBM can use C-TOC on-site to help not only in preparation, but also to provide an isolated network, a cybersecurity watch track, and an incident control infrastructure.
Skills and awareness
The cybersecurity workforce shortage is a major hurdle for the industry, with an expected shortfall of nearly 2 million cyber security professionals by 2022.3 Educate younger generations for safe careers, and help current professionals cybersecurity to professionalize help to remedy the shortage of skills.
When not working with clients, C-TOC will visit academic institutions, businesses and community events for training and awareness activities. For example, C-TOC will travel to the National Collegiate Pentesting Competition at the Rochester Institute of Technology from November 2 to 4. It will also be available for events organized by IBM to spark interest in cyber security and STEM careers, such as IBM Cyber. Day for girls. C-OCT can also help to improve and expand skills within the existing cybersecurity workforce through on-site training and hands-on skills development with Cyber Security Teams. Critical skill sets to help them keep up with the latest cybermenaces.
C-TOC on tour in the United States and Europe
C-TOC will begin its US tour by visiting customer sites, schools and government facilities.
On October 18th, C-TOC will be based at the National Mall in Washington, DC, to provide cybersecurity awareness training to congressional staff and other public officials. C-TOC will travel to Europe in January to visit customers and organize events in several countries in 2019.
IBM will evaluate opportunities for additional mobile security operation centers and use-cases based on feedback and demand.
About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging treats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 60 billion security events per day in more than 130 countries, and has been granted more than 8,000 security patents worldwide.
