Intelligent Tech Channels Issue 63 - Page 37

A cyber range is flexible enough to rapidly build to great detail a production network as well as examine overall performance with a different set of tools . An organisation ’ s whole stack performance can be scored against the latest attack threats . In this way , businesses can safeguard the data held within their networks through the constant testing of their people , processes , and technology .
Best practices
Businesses should be determining the preparedness of their organisation against known threats by using cyber ranges in accordance with best practice guidelines :
• Performing exercises aimed at reviewing your current breach and disclosure process to understand the gaps within an organisation ’ s defence systems .
The Critical Infrastructure Act of 2022 signed into law asks companies to voluntarily disclose their cyber breaches .
• Conducting live-fire exercises on a cyber range can establish new success benchmarks and identify weaknesses within your people , processes , and technology .
• From this , a dashboard can be established to track performance in accordance with the new SEC standards .
• Based on the results of the range exercise , organisations then need to start a program of continuous security improvements that would include updating their processes , training their teams , and optimising their security stack .
• Businesses need to develop a regular cadence of communications across their leadership teams to provide security and risk reviews for all new business initiatives and third-party programs , ensuring an end-to-end security mindset .
Organisations that are investing in milspec cyber defence strategies like cyber ranges can dramatically increase their ability to defend against a hack , while maintaining a cyber cost reduction .
This means they will be able to accurately and confidently report to regulators on their cyber shielding practices , instilling confidence and trust in their customers and investors .
Cyber ranges provide evidence which can be presented to regulation Boards and shareholders , proving that an organisation ’ s systems are combat-ready to tackle the latest cyber threats . •