Through CyberSec4Europe, JAMK University of Applied Sciences is conducting Flagship 2, a two-day cybersecurity learning event to be held on 25-26 January 2022. It consists of both a targeted cybersecurity exercise activity and, in parallel, an open cybersecurity analyst activity for anyone qualified to participate in. Flagship 2 will demonstrate that analysing a cyber incident requires teamwork and skilled personnel who have the appropriate level of technical cybersecurity skills and knowledge. The exercise is a continuation of Flagship 1.

A Cybersecurity Exercise Activity

During the exercise, participants will be provided with guidelines concerning a fictional organisation they are working for. Using the documentation provided and the support of coaches, participants will be working in small teams to detect and technically analyse a cyber incident. The main challenge of the exercise is to determine whether the fictional organisation has the required competencies to resolve the business-critical case within the allotted time.

Besides having to explore technical questions, the exercise participants will have to address how the detected situation affects the core business of the organisation, and who needs to know about the suspected cyber incident. Participation in this exercise activity is available to CyberSec4Europe partners.

An Open Cybersecurity Analyst Activity

In the role of external cybersecurity analysts, participants in this activity will analyse a simulated cybersecurity incident using real-life tools and methods. The analysts will work with samples exported from the exercise environment which could be some combination of memory dumps, recorded network traffic, system logs and executable samples. Having reported their findings, if received quickly enough, the exercise activity may utilise them. But, if no quality reports appear in time, then pre-prepared analysis reports will be used instead.

The analysts will use an analysis environment, which was planned in a collaboration between JAMK and Masaryk University.

Participation in the open cybersecurity analyst activity is open to anyone 18 years or older with experience using Linux command line tools.

Participant Applications Welcome!

Jani Päijänen, the JAMK project manager, says:

To broaden the reach of the Flagship 2 cybersecurity exercise, CyberSec4Europe, JAMK and Masaryk University are excited to be launching an innovative activity for those interested in analysing a simulated cybersecurity incident using real-world tools and methods in parallel with the exercise. Many organisations lack the competencies to technically analyse a cyber incident. To help remedy this situation, we strongly encourage anyone interested in learning more about real-world cybersecurity issues to join this activity! So, we look forward to welcoming anyone with basic or expert cybersecurity experience to take the two-day challenge.

Anyone interested in participating in Flagship 2 is invited to complete the application form. Registration is open until 12 January 2022.

Flagship 2 Technology Platforms

The technology behind the Flagship 2 exercise is based on the Realistic Global Cyber Environment (RGCE), a cyber arena developed in JAMK’s cybersecurity, data analytics and artificial intelligence research, development and training centre, JYVSECTEC. The platform development started in 2011 and the first national cyber exercises were held in 2013. Since then, RGCE has been used in various realistic cybersecurity exercises and in cybersecurity masters’ level cybersecurity education at JAMK.

Flagship 2 re-uses the open-source SD-WAN interconnection requirement specification that was demonstrated in Flagship 1. The implementation is based on a requirement specification, documented in Part B of CyberSec4Europe deliverable D7.1.

Masaryk University’s open-source Cyber Sandbox Creator (CSC) was used to prepare the analysts’ virtual workstations.

Jani Päijänen, Project Manager

+358 40 7072 850

[email protected]