By Sri Narayanan
Dec. 13, 2017
Pitting seasoned cybersecurity professionals against one another in a high stakes battle of strategy and endurance, the inaugural Ixia Cyber Combat on December 7th hosted 20 teams from across the region in its first-ever simulated cyber wargames in Singapore.
The Ixia Cyber Combat─12-hour test of skill, strategy and endurance where participants compete against peers in a live skirmish─leverages multiple skills in network infiltration, data mining and exfiltration to root out attackers inside the networks they are protecting.
The goal? To find the greatest number of flags by either penetrating the other team's servers, defending services or analyzing the attack traffic inside the network. Along the way, organisers hoped participants would hone their skill sets and plug gaps in training and knowledge with a range of new tools and scenarios they could apply to their organizational defenses.
Guo Gen and Mai Linh of Team Wizlynx were the inaugural winners of Ixia Cyber Combat 2017.
The best defense is an offense
According to Naveen Bhat, Managing Director, Asia Pacific, Ixia, the objective of Cyber Combat was to educate cybersecurity practitioners to defend better. "Cybersecurity is a lot like the sport of Judo. You have to teach a judoka how to attack and not just defend. Understanding your enemy by thinking and acting like him makes you a better defender."
Bhat noted the massive Wannacry ransomware attacks earlier in the year succeeded because security practitioners had failed to heed vulnerabilities in their networks. "Protecting your business is like protecting your home. You know where the entry points are and install the necessary defenses. But when the environment is unfamiliar or changed, you're vulnerable again," he observed.
So the goal is to ensure practitioners are upskilled to meet the evolving cybersecurity landscape. "There are 14,000 malware attacks every night across the globe. No matter how good you think your security defenses are today, they won't be good enough tomorrow," he remarked.
Thinking like the enemy
To address the rise of cyber vulnerabilities, Bhat advocates practitioners hone their skills in simulated cyber security attack scenarios. He stressed that many enterprises rely on compliance solutions and vulnerability assessments to reduce the risk of security breaches but these do not close the gap in assessing security resiliency.
"There are tectonic shifts occurring in the cyber security space. Demand for skilled and talented practitioners is far outstripping supply so platforms such as Cyber Combat offer the industry a forum to stay current, upskilled and updated on the latest tools and technologies," he said.
Bhat suggests practitioners must think like perpetrators and hackers if they are to exercise true defensive measures to protect their organisations.