Tierney - stock.adobe.com

Threat intelligence boosts security training

Security professionals in training can now benefit from real-time threat intelligence data, thanks to a partnership between Digital Shadows and Immersive Labs

Real-time threat intelligence data is now being used to train cyber security teams on immediate threats, with training company Immersive Labs joining forces with digital risk management firm Digital Shadows .

The result of the partnership is a lab-based learning environment that enables cyber security teams to learn to deal with the most recent threats quickly by coupling threat intelligence with relevant and near real-time learning.

The partnership is in response to industry views that cyber security training based on legacy methods and yesterday’s threats is not teaching security professionals how to work with threat intelligence and take action accordingly, consequently putting companies at risk.

Using the Mitre ATT&CK Framework, Digital Shadows’ weekly threat intelligence summaries and live threat intelligence feeds will be incorporated into Immersive Labs’ training environments within hours of global threats and vulnerabilities being discovered.

This approach is aimed at enabling security teams to complete a series of exercises to safely gain practical knowledge of the threat and mitigations to reduce the probability and impact of a successful attack.

As well as providing real-time skills-based learning, the platform’s analytics and insight functionality provides visibility of individual and team cyber capabilities, identifying skill gaps and confirming that time-sensitive threat intelligence labs have been completed. This is aimed at giving business leaders confidence that their security team’s skills are up to scratch and highlighting areas of cyber risk so that appropriate action can be taken.

James Hadley, CEO and founder of Immersive Labs, said: “The rate that cyber security threats are morphing is leaving security teams floundering, as most of what they have learnt on a training course becomes redundant almost as soon as they have left the room.

“Our labs provide bite-size war games that turn training into a game which challenges people to be creative and come up with their own solutions. Partnering with Digital Shadows allows us to take this one step further, with exercises based on real-time threat intelligence, so cyber skills training stops being theoretical and becomes highly relevant to front-line teams.”

James Chappell, chief innovation officer and co-founder of Digital Shadows, said: “This exciting new collaboration has real benefits to both companies’ customers. Threat intelligence has quickly become a priority for enterprises as they fight potential security incidents across multiple vectors. Through our partnership with Immersive Labs, we are now offering the ability to realise further benefits from that intelligence by increasing the skills of security teams and reducing their mean time to learn.

Read more about cyber security training

“The combination of threat intelligence and real-time learning environments will fundamentally change the way organisations are able to respond to threats and drastically improve the relevance of security teams’ skills.”

To illustrate the value of this approach to training, Chappell said that in a scenario where credit card skimmers targeted a number of large retailers as the Magecart Group did throughout 2018, a training lab could be created within hours of an attack being identified.

The resultant lab would use real-life scenarios and intelligence to help security teams to learn how the compromise works, so they can detect further attacks and respond to incidents effectively.

The Immersive Labs approach to teaching is based on observations that the most successful classes in  GCHQ’s Cyber Summer School were the ethical hacking challenges featuring games that enabled students to solve problems, as opposed to sitting passively in a classroom.

Digital Shadows protects organisations from digital risk by identifying and eliminating threats to their business and brand. The company monitors for digital risk across a wide range of data sources within the open, deep and dark web to deliver tailored threat intelligence, context and remediation options.

Read more on Hackers and cybercrime prevention