We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Today, cybersecurity skill development platform Cyberbit announced that Emirates NBD Bank has won the 2022 International Cyber League (ICL) competition, a mock cyberwar designed to test security teams’ abilities to mitigate simulated cyberattacks.
During the exercise, teams from more than 200 organizations across North America, Europe and Asia were put through drills and simulated attacks in a virtual security operations center. The goal was to see how quickly the teams could detect, investigate and respond to attacks using commercial security tools.
The event lasted more than four weeks. Organizations that took part in the event included the U.S. Air Force, AT&T, Customers Bank, RBC, Illinois Treasury Department, T-Mobile, The British Army, Texas Instruments E&Y and Starbucks.
Key tactics that featured in the exercise included phishing, insider threats, keyloggers, fileless attacks, data exfiltration, and denial of service (DoS).
An introduction to red teaming and simulated cyberattacks
The event highlighted the importance of breach and attack simulations, or ‘red teaming,’ in teaching security professionals how to respond to high-level, adversarial cyberattacks in real-time.
The concept of red teaming is immensely valuable as it provides the opportunity to test a security analyst’s ability to think fast, and measures how effectively they can respond to a malicious threat actor under pressure.
While the ICL is the biggest test of its kind, similar simulated attacks have been run in the past to measure an organization’s security resilience.
For instance, at the end of 2021, Israel led a 10-country simulation of a major cyberattack on the financial system, including countries from the United States to the U.K., United Arab Emirates, Austria, Switzerland, Germany, the Netherlands, and Thailand.
More broadly, simulated attacks are so common that a 92% of organizations use external firms to perform red team exercises regularly. Only 1% reported conducting tests once a month or more. Additionally, 25% said they run tests once every two to six months and 39% said they do so every seven to 11 months.
The widespread popularity of red teaming, and of events like the ICL, highlight that enterprises recognize the need to continually test and refine their incident response process. This way companies can find vulnerabilities, and make incremental improvements to their organization’s security posture to optimize cyber resilience.
The breach and attack simulation market
The growing popularity of security testing is one of the key reasons why the global automated breach and attack simulation market is in a state of growth. Researchers anticipate it will increase from a value of $380.89 million in 2022 to $1355.04 million by 2026 as more organizations look to implement continual security testing.
Cyberbit’s flagship solution, a skill development platform, offers automated breach and attack capabilities and successfully completes over 500,000 cybersecurity exercises per year. Cyberbit most recently raised $70 million as part of a funding round in May 2020.
The organization is competing against providers like Cymulate, which has raised $70 million in funding to date, for an Extended Security Posture Management platform that runs simulations of attacks, maps their network, and generates a rundown of recommended remediation actions.
It’s also competing against providers like Mandiant (owned by FireEye), which offers penetration testing to identify vulnerabilities and misconfigurations in enterprise environments. Mandiant recently reported raising annual revenue of $483 million last year.