Heading 1

Download

Cyber In security News

TM

KEEPING THE LIGHTS ON
SEPTEMBER 2018
SUBSCRIBE FOR FREE
Photos by David Hechler
An electric company’s 'gym' helps train corporations to defend themselves against cyberattacks.
By David Hechler
FOR A TECH EVENT, it was almost elegant. It was held on a Wednesday night in July at 101 Greenwich Street in downtown Manhattan, not far from Wall Street. The wine and beer flowed freely. The catered refreshments included a global array, ranging from hamburger sliders to sushi and sashimi. The room was large with a small auditorium next to it. And the guests were mostly dressed in the old fashioned kind of business attire, including dresses, suits and even ties.
     The occasion? The opening of a gym. But not just any gym, of course. This was CyberGym. The press release called it “the first U.S. World Cyber Warfare Arena.” CyberGym is actually a global chain. The new facility joins a secure network that includes facilities in Australia, the Czech Republic, Israel, Japan, Lithuania, Portugal and South Africa.
     It was founded in 2013 by the Israel Electric Corporation and Cyber Control, an Israeli cybersecurity consultancy. After the guests finally took their seats in the auditorium, the electric company’s chairman welcomed them to the event. But Yiftah Ron-Tal had to do so from the large video screen above the stage. He was stuck in Israel, he explained, where he was obliged to wait for an important vote in Parliament.
     His icebreaker to loosen the crowd wasn’t a joke. It was a statistic. His company, Ron-Tal told the guests, had suffered a whopping 191 million cyberattacks. And that was just in 2017. That’s the kind of street cred that Israel Electric brings to the table. It claims it’s the most cyberattacked entity on earth, which isn’t a bad sales pitch for what CyberGym is selling—as long as the lights are on.
     After the video, there was a panel discussion on the global state of cybersecurity in general, with a smattering of details about the operation of the new CyberGym. But one thing wasn’t clear even to many of the guests who were celebrating its opening. The gym was miles away from the gala.

Visiting the ‘Gym’
A month later I stopped by CyberGym, which is located at 224 W. 30th Street, near Madison Square Garden. Akhileshwar (“Akhi”) Bhat, who heads business development, and Mark Koslo, the U.S. sales manager, showed me around.
     CyberGym is all about training corporate teams what to expect from, and how to respond to, a cyberattack.  It prepares them for an attack, then blasts them with a simulated one that feels real.
I asked about the name. I didn’t see any treadmills or barbells. That’s not it, Koslo said. “This is a real workout that will test you.”
     They hadn’t signed up any clients yet when I was there. It was summer and they’d expected it was going to take time. But two prospects had appointments to visit in early September, they told me.
     Everything looked ready for action. Monitors were on. The Red Team Room (aka the Attack Room) featured a large painting of a hacker on one wall and faux graffiti on two others—to give it the proper ambiance, they explained. The Security Operation Center (SOC) had a wall of large monitors with displays constantly changing. On another wall, three clocks were set for the time in Tokyo, New York and Israel.
     I asked why the party hadn’t been held here, where the guests could have viewed the layout first-hand. “Our facility is only 4000 square feet,” Koslo explained. Too small for the crowd, the bar, the refreshments and the staff.
But the place is absolutely inseparable from the concept, he continued. “If you really want people to focus, there’s nothing like taking them out of their environment and bringing them here.”
     There are two additional reasons why the location is important. Clients must gather the entire team involved in cybersecurity for the training. “If these guys train together,” Koslo said, “they’re going to react together at home.” And when the clients are at CyberGym, the training is “risk free” because their own data is safe. CyberGym will never have access to it, so there’s no chance that trainers will inadvertently create a problem, as they could if they were conducting exercises in the client’s facilities using the client’s equipment.

Turning Up the Heat
The staff customizes the training for clients, but the basic idea is that a company brings in the personnel who will be called upon to respond to an attack. The trainers begin by presenting instructions in the Training Room. These will vary in length and complexity, depending on the exercise’s goals and the participants’ level of knowledge. Then the clients move to the Blue Team Room, where they will attempt to defend themselves against the hackers in the Red Team Room.
     The trainers do everything they can to make it feel like an assault. In Israel, Koslo says, the Red Team Room and the Blue Team Room are in separate buildings, and the instructors literally “turn up the heat” on the defenders to enhance the sense that the attackers are in charge and that they’re “bringing the heat.” Here they will aim for the same effect without the thermostat.
     Cybergym’s proprietary software logs all events during the attack. These records are used during the debriefing. Instructors and trainees can review what happened and assess the performances of individuals and the team.

What About the Lawyers?
I asked whether lawyers are included in the mix. They are if they’re part of the team. Yet Bhat noted that not many lawyers have been in touch.
     He was thinking of law firms, which are vulnerable to attack in the same way that companies are (see The Bullseye On Your Law Firm’s Back ). But their cybersecurity spending seems to be mostly on the product side, he said. They may pick up software from Cisco, but buying training doesn’t seem to occur to them.
     Yet, human error should be at the top of their list. That’s where the problems occur most often, Bhat noted. To defend against the resulting attacks, he continued, a firm needs expertise and knowledge throughout the group. “That’s your best chance of shutting down an intrusion—with a group effort,” he said.
     On the company side, Koslo added, lawyers belong on the team. After all, he pointed out, “they’re the ones who will have to clean up after a breach.” If their companies can get ahead of the risk, so much the better, he said.

A Global Effort
Likewise, CyberGym benefits from its own group effort. Cyberattacks are a global phenomenon, and it can help tremendously to be part of a global defense team. It gives the organization an advance warning system.
     For example, Koslo said, sometimes attackers try out an innovative assault in Eastern Europe before unveiling it in the U.S. Almost like opening a play in New Haven before rolling it out on Broadway. Knowing what’s going on in the Czech Republic can help CyberGyms elsewhere prepare a defense.
     Another benefit of being global: When the New York facility lines up clients, the first trainers will be flown in from Israel, Koslo said. Once demand picks up, they plan to build out their own training staff, he added.
     The global effort was also on display at the downtown gala in July. Beyond the chairman on the video screen, the company’s Israeli CEO, Ofir Hason, was on the panel along with Buky Carmeli, another Israeli who is a cybersecurity expert and heads CyberGym’s advisory board. Norihiko Ishihara had flown in from Japan and also gave a presentation. He’s the CEO of Strategic Cyber Holdings, a CyberGym investor.
     The suits and ties were part of the international business launch, along with the wine and sushi. It sounds like Koslo and Bhat expect different attire at the “gym” on 30th Street. Maybe not running shorts and yoga pants, but clearly they expect to see some clients sweat.
Mark Koslo (left) and 
Akhileshwar Bhat