The company only offers courses for cyberdefense Blue forces, but those teams can train and re-train in several areas, including advanced courses for cyberattack. Once the students cope with an attack, they are debriefed to check skill levels. The trainers then develop a new plan—using a Network Management System—to inject customized scenarios that reflect individual training needs.
“It's a scalable process,” Barak says. “A scenario can take 1-2 hours or a day. It depends on the skill levels that customers bring with them. We recommend teams of four people with a commander and a person each responsible for the database, the active directory of emails and network administration because we want to check the teamwork.”
Elbit embraces the philosophy that the best hacking and network defense is conducted by closely knit groups of specialists, not the lone-wolf cyberwhiz.
“You have to find people who can work together because teamwork is more difficult in the cyberenvironment than on the battlefield. Attacks are dynamic and you never know where they are going to come from,” Barak says. “The main threats [today] are coming more from a national level, so you need to build an infrastructure [of cooperating teams] for cyberwarfare.
“A team can have a mix of experience, but usually you work with people who are at the basic level of training,” Barak continues. “We are seeing teams coming back for more sophisticated training. We can provide the capability as training or as a service.”
The training system can generate traffic immediately with many kinds of protocols and then inject the scenario into the simulation network. Trainees can put new rules into the firewall so they cannot be attacked again from the same IP address. They can jump between events, see all the recorded data and compress time between events.
Elbit uses two business models: professional services for training people at its facilities on a generic network, or a turnkey project for which it creates the system, builds the facility and trains the trainers.