Security aware and knowledgeable users serve as the “front line” of your overall security posture. As such, training is one of the most essential components of your risk mitigation strategy and overall cybersecurity program. However, without learning cybersecurity from the “hacker’s” perspective and gaining a true understanding of how adversaries attack and compromise ICS networks and assets, you’re only getting half of the picture. Without that other half, you’re essentially blindly deploying generic security controls and “best practices”. In order to have an efficient and cost-effective risk mitigation strategy, you must understand not only where your vulnerabilities are, but also the tactics that attackers will use to exploit these vulnerabilities. Red Team/Blue Team Training provides the opportunity to learn these adversarial tactics in conjunction with the defensive methods; then students get to apply the skills they learn as they face off in a head-to-head competition, Blue Team (the defenders) against Red Team (the attackers).
Traditionally, Red Team/Blue Team Training has been a significant time commitment, often upwards of five days. Obviously, this can be taxing on those with constrained schedules and budgets. LEO’s Red Team/Blue Team Training uses cutting-edge computer gaming technology developed by the authors of “Hacking Exposed: Industrial Control Systems”, to offer all of the best aspects of Red Team/Blue Team Training, but in a fraction of the time and without a technical learning curve. Students of all levels can even play the part of the Red Team, regardless of experience or skill level.
In the end, students will learn that defending their ICS networks and assets is more than simply deploying “best practices” and “layered defense”. By applying the skills they learn against a live opponent who is strategizing against them, they learn how to create targeted defensive strategies and respond and adapt to active attacks.