Last week I was helping a scenario based cyber exercise at the Cabinet Office Emergency Planning College in Yorkshire. We were using the CYBX suite. It involved 8 countries managing a range of cyber challenges.
Below is the release from CYBX about the exercise and it's forerunner Silver Pilot involving many Regional and National UK cybercrime assets. cybX is managed by Serco who run the Emergency Planning College for the Cabinet Office.
Testing and exercising cybercrime units across the UK and Europe is an essential aspect of planning and preparing ourselves for the future of criminality and risk in cyberspace.
Serco has taken part in a ground-breaking exercise run by the UK’s National Crime Agency (NCA) to test the international response to serious cyber crime.
Specialists from across Europe were put through their paces using Serco’s unique and realistic cyber exercising capability - cybX - which prepares private and public sector organisations to test their ability to prepare and respond to serious cyber attacks.
Exercise ‘Silver Shadow’ - a multinational exercise run by the NCA’s National Cyber Crime Unit (NCCU), funded by the Foreign and Commonwealth Office and supported by the Home Office - saw officers from eight different countries come together to assess their collective response to a simulated cyber attack on a fictitious international petroleum company.
The aim was to test how investigators and prosecutors would work together in the event of a complex criminal incident spanning several different legal jurisdictions, to ensure an effective response to future cyber crime attacks.
The week-long exercise began on Monday 30 November and took place at the Cabinet Office’s Emergency Planning College (EPC) in North Yorkshire, which is run by Serco.
The countries involved in the exercise were Bulgaria, Georgia, Lithuania, Moldova, Romania, Ukraine, the UK, represented by the NCA’s NCCU, and the US, represented by the FBI. A representative from Europol’s Joint Cyber Action Taskforce (J-CAT) also took part.
cybX compliments the wider civil resilience training Serco provides at the EPC, enabling organisations to test and improve their cyber resilience in a safe, realistic and secure environment.Management and IT staff are tested through a variety of simulated scenarios on their ability to identify and end a cyber-attack, and manage their organisation’s response.
The training gives participants a greater understanding of their organisation’s risks, strengths and areas for improvement, as well as a better understanding of the communications and relationships they need with their supply chain, customers and other stakeholders, including law enforcement.
Richard Preece, Serco's Director of cybX, commented: “It’s been a privilege to support members of the UK and international law enforcement community. Every day we hear about another cyber-attack and our training has helped the NCA to improve their capability to tackle cyber crime.
“It’s one thing to invest in the best technology, but organisations must also invest in developing their people and test their capabilities. Serco’s training puts employees from the board room to server room through their paces, enabling organisations to be more resilient to the inevitable cyber-attack.”
Further details on the NCA website