lolloj - Fotolia

QA launches cyber attack defence training facility in London

Training firm QA launches a cyber attack simulation facility in London to enable organisations to test and learn cyber defence skills

IT training firm QA has launched a £150,000 facility in London to enable organisations to learn and practice how to defend against themselves against cyber attacks by using simulations.

This means all relevant members of an organisation – from the chief executive to the information security team – will be able to experience a cyber attack first hand and test their skills under stress.

The 20-seat, hands-on Cyber Lab has been designed to enable organisations to rehearse incident response, conduct digital forensic investigations, create ‘offensive defences’, undertake security operations and practice crisis media management. 

All of these topics are covered in depth by QA’s range of cyber security courses and certifications.

According to QA, a variety of standard, tailored and bespoke courses will be available to cover topics such as crisis communications and media management in industry-specific scenarios.

“Every day, every department in every organisation is at risk of a cyber attack. This situation is exacerbated by an unprecedented shortage of teams with the right skills to help defend corporate data,” said Richard Beck, head of cyber security at QA.

“In cyber warfare, everyone has a role no matter what their function in the business. This is mirrored in our training.

“Everyone has a role to play when it comes to defending the organisation, from the communications and marketing teams to the penetration testers. It embraces emotional and technical training to provide the closest experience an organisation can provide next to the real thing,” he said.

Read more about cyber security

  • CEOs staying informed on current cyber security risks has a positive effect in the boardroom and beyond, according to certification and accreditation organisation APMG.
  • Cyber attacks constitute a group-level risk that is managed as part of BP’s standard set of risk management processes, says group chief.
  • Security risk management and investment needs buy-in from top management, says Sharvind Appiah, CISO at transport and logistics firm Geodis.
  • Many FTSE 350 firms still have a long way to go to manage the risks of a cyber attack, a government-backed cyber governance health check reveals.

Cyber attack simulations are a powerful teaching tool because they take people out of their comfort zones, according to Marco Gercke, director for the Cybercrime Research Institute.

The simulation approach, which is gaining traction in commercial and government organisations worldwide, is patterned on war games used by military organisations.

“The aim is to confront top managers with what feels like a real situation in which they are required to make decisions relevant to their roles,” he told the Gartner Security and Risk Management Summit 2014 in London.

Gercke believes it is vital to get support from the top managers because they are often the targets of attacks aimed at gaining entry to a network. He said they are also not aware of the devastating effects cyber attacks can have on a business and that they do not know their legal and regulatory obligations.

He said simulations can be used to illustrate and highlight all these things. Simulations will also force top managers to answer and ask questions about their organisation’s cyber defences, including identifying their organisation’s most important data assets and considering the potential risk of cyber attack to those assets, he added.

Read more on Hackers and cybercrime prevention