ACSC-SimSpace Cyber Range

SimSpace RangeWise Cyber Range Platform

Through a unique partnership with premier Cyber Range provider SimSpace, the ACSC has developed a unique opportunity for cyber operators to test their skills and responses during a hands on keyboard exercise conducted in SimSpace’s high fidelity cyber range.

ACSC organizations are partnering with peers to expose their SOC and technical incident response staff to peers, giving them the opportunity to learn new tactics, techniques and procedures to investigate and respond to a simulated environment, using the tools they would normally use.

This opportunity promises to mature cyber response capabilities, practice incident response communications, develop team dynamics, and provide a next generation experience that few cyber operators get to experience.

 

Participating Organizations

  • Commonwealth of Massachusetts
  • Federal Reserve Bank of Boston
  • Liberty Mutual
  • Manulife/John Hancock
  • MassMutual
  • Munich Re
  • Schneider Electric
  • State Street

2021 ACSC-SimSpace Cyber Range Training program

Three incident response exercises conducted on the high fidelity SimSpace Cyber Range simulating a business network which has been compromised and where Blue Team Defenders can use their actual investigation tools, like Splunk to document and mitigate. 

  • One exercise specifically for an individual organization, conducted in parallel with other ACSC members to  allow blue teams to compare notes on effective response strategies.  The primary goal is testing 8-10 blue teamers as they respond and practice incident management, effective communications, and efficient teamwork.
  • Two exercises on a shared team, where 4-5 of blue teamers from one organization work collaboratively with another member organization to exercise and learn from one another.  This encourages real time skill sharing, challenges teams to communicate effectively, and builds a network of blue teamers.

The 2021 Outcome

Three successful events that allowed seven teams to learn about their effectiveness, make adjustments to their incident response plans, and identify gaps in their response capabilities.  Some teams were able to try out new tools, like CrowdStrike EDR, and understand its effectiveness. All teams provided positive feedback and would like to continue to use cyber ranges to continue to improve their defenses, responsiveness, and resiliency.