With hackers attacking almost every government body, institution and business, organisations have to do more than hide behind technology -- they have to invest in people too, from the server room to the boardroom. That's the message from cybX, a new cybersecurity training scheme in North Yorkshire.

Cybx is a simulator for an organisation's technical staff to run through mock cyber attacks -- a sort of boot camp for those in the front line of cybersecurity. cybX begins its first mini training exercise next week, and full courses start at the beginning of August.

Training takes place at the Emergency Planning College, near York. The EPC is a crisis management training centre that teaches government departments and businesses how to cope when things assume the dimensions of a pear, whether it's a cyber attack, a terrorist incident or just crowd control at a major event. It's run by Serco, a British outsourcing company that does everything from managing airbases and hospitals to tagging criminals.

'Every organisation is under attack'

Hack attacks can come from rival governments, criminal organisations, hacktivists or even insiders. "Threats are coming from everywhere and have widely varying motives," warns Chester Wisniewski, Senior Security Advisor at cybersecurity firm Sophos. "Many cyber extortion and opportunistic money making schemes originate in Eastern Europe, while data theft and intellectual property-focused efforts largely come from Asia. And cyberactivism often originates in our own back yard."

Richard Preece, director of cybX, warns that cyber attacks are "happening constantly" and that "almost every organisation is under attack."

Indeed, a 2013 survey by anti-virus company Kaspersky found a whopping 91 percent of organisations had suffered cyber attack in the last year. "If you look at the National Risk Register," says Preece, referring to the Cabinet Office's annual report on civil emergency risks, "cyber attack is right up there."

"Businesses face a variety of threats," says ThreatTrack CEO Julian Waits, "often based on the type of industry they are in. For example, in the energy industry, hacktivism is a major concern -- it's playing out in the news right now. A hacktivist group called AnonGhost, for example, has announced its intentions to target the oil and gas industry worldwide. Other industries like the financial services sector are concerned about organized cybercrime syndicates. All organizations and government agencies possess data that criminals can profit from, so they are all targets."

Chester Wisniewski of Sophos is worried that organisations aren't properly prepared. "Governments and businesses are relying too heavily on certifications and expensive tools rather than experience and proven abilities. There isn't an easy way to solve that problem. The other issue is not taking the threat seriously enough. We have seen several businesses actually shut down over hacking attacks, like Code Spaces."

Fortunately, Preece believes the decision-makers in government and business are alive to questions of cybersecurity. "They're very aware of the threat," he says.

Organisations have to be proactive in anticipating attacks, Preece advises, and agile enough to react quickly when they happen. They must then be resilient enough to survive the consequences, flexible enough to come up with new ways of doing things, and adaptable enough to learn the lessons of the attack.

At cybX, cybersecurity staff are trained to recognise an attack, terminate the hack, and restore service. They're also trained to learn from the incident to move to a "new normal" that safeguards against a repeat of the problem.

The training replicates the traffic of a network to give a realistic simulation, teaching coders how to wade through the clutter and false positives of their network to find malicious code.

But the lessons learned take in more than just technology. "There is no amount of technology that will save an organization from human error," says ThreatTrack's Julian Waits.

And a big part of cybersecurity is communicating with non-technical staff. Preece points out that decision makers within an organisation have to understand the problems too. "A cyber attack very quickly moves from being a technical issue to an organisational issue," he says.

"Some will get through," says Preece, and the best any organisation can do is to be capable of "taking the hit."

Read the full story at:

http://www.cnet.com/news/new-uk-cybersecurity-training-scheme-prepares-for-hackers/