Assessing Cyber Skills to Improve SOC Team Performance
with CRS Cyber Range powered by Cyberbit
With over 4,000,000 cybersecurity positions open globally, the race is on to fill millions of critical positions to decrease the risk for your organization. Accurately assessing the skillset of incoming candidates, existing team members, and team readiness for multiple incident types is of paramount importance to reduce risk exposure for your organization. The more you know about a team member or candidate’s cyber skill set, the better prepared you will be to up-skill existing team members or make informed hiring decisions regarding qualified candidates.
Certifications Test Theoretical Knowledge. Assessments Verify Skill
Getting your CISSP is not as hard as it used to be. With hundreds of crash courses on sites like Coursera, Udemy and many others; those who seek to gather industry certifications can do so quite easily. According to a recent report from Fortinet, 85% of organizations have team members that have security certifications. In fact, 82% of organizations prefer to hire candidates with certifications. However, given that the testing for these industry certifications are in a quiz format, they do not accurately tell us whether a candidate has the appropriate technical skills to be successful in a cyber role.
Organizations Struggle to Recruit Qualified Candidates
The struggle to find qualified individuals to work in a Security Operations Center is real. According to the same Fortinet report, 68% of organizations struggle to recruit, hire and retain cybersecurity talent. With such a struggle existing in the market you want to ensure that the talent you are bringing into your team is qualified, workforce ready and can immediately contribute to a team struggling with incident overload.
Cybersecurity Skills Gaps Have a Major Impact
Cybersecurity professionals have reported a major impact as a result of the cybersecurity skills shortage. According to the Life and Times of Cybersecurity Professionals Report from ESG/ISSA, 70% of cybersecurity professionals feel that their organization has been impacted by a shortage of skilled analysts. Fortinet has reported that 73% of organizations had at least one intrusion or breach over the past year that can at least be partially attributed to a gap in cyber security skills on their team. 47% of organizations had three or more incidents that could be attributed to the cyber security skills gap.
With ore and more organizations being charged with the protection of sensitive data, organizational assets, and intellectual property; ensuring your team has the skills to succeed is no longer a nice to have. Accurate assessment is now a core need.
Cyber Skills Assessment Across the Employee Lifecycle
Assessing whether a candidate has the right skills and knowledge to be successful does not stop once an employee has been hired. With accurate assessment, based on displayed skills and knowledge, you can develop an up-skilling plan for any employee. Assessment throughout the training process will allow you to see whether the training is working, if an employee is ready for promotion, or if skills have deteriorated over time.
Working in a zero trust environment should require every member of the team not just to tell you what skills they have, but to be able to show you the skills they can leverage when it counts. Only with accurate assessment can you truly reduce the risk to your organization with confidence.
Key Capabilities of CRSI Range:
CRS Range: Assessing Technical Skills Based on Actions
CRS Range: Assessing Technical Skills Based on Actions
CRS Range powered by Cyberbit is the world’s only “zero to hero” cyber skills development and assessment platform. By immersing candidates or trainees into hyper-realistic simulated cyber-attacks, CRS Range can Measure and asses specific skills and response timing based on the technical actions displayed throughout the simulation. Say goodbye to tabletops, skills in theory only and quiz answers as your sole assessment metric. Using sensors built into corporate, military, financial or custom networks on CRS Range, you can access if your candidate or trainee possesses the technical skills to be successful in their role.
Assess Performance with Real-Life Scenario’s
CRS Range powered by Cyberbit contains the world’s largest catalog of on-demand cyberattack simulations to test if a candidate or trainee can perform under pressure. Each scenario is built using real malware and follows the attack flow of a real-world attack that has occurred to increase the realism of the assessment scenario.
Each scenario is built according to the Cyber Attack Lifecycle, beginning with attacker entry and ending with data extraction. CRS Range complete scenarios are the perfect tools to assess the ability of a candidate or trainee to know when to apply skills, measure performance under pressure, and check their ability to integrate into an existing team structure.
Assess Ability to Effectively Use Security Software Stack and MITRE ATT&CK Integration
CRS Range includes leading cyber security tools including SIEM, Firewalls, EPO, etc. out of the box or can onboard any tool you use in your SOC. Using tools from leading cybersecurity software providers will help you to assess familiarity with specific software, the understanding of the candidate or trainee or when to use the software and ensure they can effectively deploy your security stack to keep malicious threat actors from performing criminal activity using your assetts.
Understand Time to Detection, Investigation and Mitigation
Using the sensors built into CRS Range, you can see an exact timeline of the simulated attack. Included in this timeline are the behaviors and actions of the simulated attacker as well as the actions of those being assessed. Goals built based on the NIST incident response framework are also included providing the most accurate view of time to response currently available.
Integrated with NICE Work Roles & KSAs
Assess Ability to Retain Information
Each simulated attack scenario included in CRSI Range is followed by a quiz based on the scenario the candidate or trainee just
participated in. These quizzes not only assess the soft skill of information retention, they also assess whether a candidate or trainee
can rapidly recall detailed information following a period of intense information ingestion. Trainees or candidates with the ability to rapidly ingest, analyze, and assess information will increase the probability of attacker identification using known attacker behaviors.
Assess Team Cohesion
Your team’s ability to work together and effectively communicate can greatly shorten or extend response time. Understanding how a new element (i.e. new team member, newly promoted team member, or new tool will affect your team dynamic will allow you to make an informed decision. For example, if a new team member or candidate possesses a more aggressive personality, there may be a culture clash leading to a drop in team performance. Other soft skills that can be assessed are ability to communicate under pressure, ability to maintain calm under pressure, and leadership skills during a pressured situation.
Assess to ImproveUsing the integrated NIST incident response framework, CRSI Range detects all the actions required to effectively mitigate an incident. Additionally, those being assessed on CRSI Range are required to upload the appropriate evidence to prove that they have detected the incident. Given the current state of the cyber security skills gap, CRSI Range is built not only to assess but to provide constructive feedback, allowing those using CRSI Range to understand their own skills gaps providing a safe environment for rapid improvement of cyber skills.
The implications contained within this information are far reaching and thus, having a team member with this specific skill set can greatly reduce the risk to your organization, as you can now take action and implement hardening policies to prevent attacks from groups known to exhibit these behaviors.
Cyber Range Solutions Inc. All Rights Reserved.