Get your cyber war game on
The latest simulation tools allow teams to practice the coordination and collaboration they need to effectively respond to cybersecurity challenges
BY PAUL McCLOSKEY
38
GCN MAY 2017 • GCN.COM
The use of war games to ex- plore decision-making has long in- terested agencies outside the defense space. Now that interest might be ex- panding as agency managers, financial analysts and cybersecurity profession- als confront the vicissitudes of a new presidential administration and the need to provide direction to a fresh team of government decision-makers.
Just after the Trump administration opened for business this year, Unisys launched a set of services to help cus- tomers plan for cyberattack-related crises by using war-gaming techniques to simulate threats and then develop strategies for avoiding and responding to those threats.
Unisys customized the Defense De- partment’s cyber war-gaming method- ology and combined it with standards from the National Institute of Stan- dards and Technology. The tool catego- rizes the challenges to organizations as “most likely,” “most dangerous” and “out-of-the-box/it will never happen.” It seeks to build war-game scenarios that align with real threats and then lead, monitor and analyze exercises based on those scenarios. Participants work in teams to meet objectives as conditions change.
John Bone, a retired Army colonel and former chief of joint concept devel-
opment, experimentation and wargam- ing at the U.S. Joint Forces Command’s Joint Irregular Warfare Center, is lead- ing the Unisys effort as the company’s global director of wargaming and exercises.
Bone said there are also plans to use war gaming to study national security policies and their impact on DOD.
“The current group of senior leaders in the military grew up in the last 14 years as the result” of the 2001 terrorist attacks, he said. “And so they are not necessarily opposed to the objective underpinnings of a war game and a de- tailed, objective analysis.”
CHANGING THE MINDSET
Nevertheless, the cybersecurity play- ing field has become so complex that few stand-alone tools are productive anymore. “The idea that I could have a static defense — put in a firewall and I don’t have to worry about anything — is no longer the case,” Bone said.
Instead, the “attack vectors and the threat have become so agile and so adaptable, so inventive in how they approach the victim, that you have to have more of an active pursuit,” he added. “You have to change your de- fense posture, and you have to change how you think about it.”
Developing a new mindset about cy-
berdefense will mean adopting unprec- edented assumptions about building a culture of resilience, Bone said.
“The reality is you will be attacked, you will be penetrated,” he said. “So how do you prepare, rehearse, train and provide confidence to the public that your \[team\] is ready to respond to and manage these intrusions through a war game?”
Given those conditions, war-gaming experts consider it a distinct asset to have the flexibility to choose large or very small teams when conducting a simulation.
“I think this is a great thing, and one of the things we talk about with war games is that they are perfectly scal- able,” said Nicole Monteforte, a princi- pal at Booz Allen Hamilton who man- ages the firm’s war-gaming team.
Last fall, the firm partnered with the National Academy of Public Administra- tion on its effort to help President-elect Donald Trump smoothly transition into office. In the exercise, the team came up with a series of war games that ad- dressed aspects of the presidential tran- sition, including a long-term look into the future.
Booz Allen Vice President Ron Sand- ers said, “We tried to take a 10-year projection \[and ask\] what’s the future going to look like? What are the chal-
INTROVERSION SOFTWARE’S DEFCON