Cyber security exercise concept and framework
Cyber-exercises have become central measures in the preparation of crisis and emergency management of organizations. Meanwhile, there is a variety of cyber-exercises at national, European or international level, as well as some private initiatives. The aim of these exercises is often to simulate difficult, complex and realistic situations (e.g. cyber attack, security incident, blackmail or similar) to be better prepared for a real case and to be able to react more efficiently.
The CURSOR project aims to study the possibilities for and develop a nationwide exercise program that takes into account both nationwide and sector-specific (program) exercises. Several methodological steps are needed to achieve this. In the first step, a comprehensive analysis of current state of practice and research in the field of cyber-exercises will be carried out. Furthermore, actors and organizers in the field of cyber-exercises will be interviewed to obtain a comprehensive overview of technology, content and organization. Based on this study, the next step will be to derive the requirements for a national cyber exercise program and to identify possible goals and measurement criteria with relevant stakeholders. On this basis, a cyber exercise program will be specified and strategic as well as operational aspects will be highlighted.
A further goal of the project is the development and specification of a cyber exercise platform, which processes exercise results of program exercises and enables an exercise history. A challenge is, for example, how to design the integration of non-program cyber exercises in this context. A proof-of-concept cyber exercise calendar will be designed and implemented to discuss a part of the exercise platform and its facets, together with relevant stakeholders, incorporating this feedback directly. In addition, recommendations and support measures for cyber-exercises will be defined, in particular to support operators of essential services and organizations in carrying out cyber-exercises based on the cyber-exercise program.
The result of this project is a study that will provide a concept for a nationwide cyber exercise program and cyber exercise platform as well as the implementation of a proof-of-concept exercise calendar. These findings can be used as a basis for a discussion for further development of a national exercise program and can thus indirectly contribute to the resilience of Austria against the impacts of attacks stemming from Cyber space.
- Partner: AIT Austrian Institute of Technology GmbH (Koordinator), FH St. Pölten, Bundeskanzleramt, Bundesministerium für Inneres (BMI), Bundesministerium für Landesverteidigung (BMLV), nic.at/Cert.at
- Project duration: 09/2019-02/2021
- Funding: KIRAS Sicherheitsforschung - Ausschreibung 2018/19, Konzept Cyber Übungen (F&E Dienstleistungen)