Gamification Enhances Cybersecurity Capabilities for IT Staff Across Oakland County, MI
In this case study
Situation
The proliferation of ransomware paired with the ongoing decentralization of the workforce mean risks are increasing across the board for organizations of all sizes and industry verticals, including in the public sector.
To be effective, cybersecurity must touch every aspect of IT and operations. Yet too often, IT departments and skill sets are siloed from the cybersecurity team, which sometimes operate in a vacuum. It's critical for everyone to operate cohesively with the right mix of security tools and skills.
Oakland County, Michigan, the second largest county in the state and part of the Detroit metro area, formed a cybersecurity task force in 2020 to protect more than 1.25 million residents across its cities, villages and townships. One of the task force's missions is to expand knowledge of cybersecurity across Oakland County, including among its large team of IT professionals.
The County needed a way to increase cybersecurity awareness as part of its overarching goal of providing holistic security protection to its citizens.
"Our whole goal is to make the County more secure. The more knowledge people have about cybersecurity, the stronger our overall security posture," said T.J. Fields, Oakland County's Chief Information Security Officer.
Solution
As Oakland County's CISO, Fields applied for a cybersecurity grant from the Department of Homeland Security (DHS) that would fund a Countywide cybersecurity training event. Fields decided to participate in a cyber range that uses gamification to train and upskill not only his staff, but also IT-related personnel throughout the County.
"One of the reasons we wanted to use a cyber range is that it is a different and more fun way to engage people and bring them into the fold of cybersecurity," said Fields. "The assembled teams really stepped out of their comfort zones to learn and participate in this event. We're really proud of the participants."
Upon receiving the DHS grant, the County put the project out to bid in a competitive request for proposal (RFP) process. WWT responded to the RFP and was awarded the opportunity to work with the County on this project.
WWT created a red team capture-the-flag scenario within our Cyber Range environment for seven teams of four players from County departments that included IT department teams, law enforcement and emergency operations personnel. To make this event all County inclusive, school districts and municipal personnel were also included. All players had IT experience with varying levels of skills in cybersecurity.
WWT's Cyber Range is a controlled cybersecurity environment that serves as an arena for hands-on training with access to a suite of commercial tools and best-in-class technologies and solutions used to engage in a real-world cyber incident in a gamified environment.
Within our Cyber Range, our security experts host different events or scenarios to simulate force-on- force, real-world situations in a protected, scalable environment. Red team (i.e., attack) scenarios require the participants to think like hackers. Blue team (defend) scenarios provide training for prevention, identification and next steps in the event an organization is attacked.
The County's red team scenario in the Cyber Range:
- Taught participants the basics of attacking to help the team better fortify its cyber defenses.
- Provided an opportunity for disparate IT teams to work in a more cohesive manner to improve overall operations.
- Provided tailored technology and personnel performance analysis to assess individual skills and identify gaps across teams.
Prior to the launch of the Cyber Range event, WWT provided players with educational resources to build foundational knowledge. These resources include:
- Primers on various exploitation tactics.
- Access to tools used in our Cyber Range, including Burp Suite, Dig, DNSmap, DNSrecon, DNSwalk Docker, Fierce and Nmap.
- Learning labs hosted in WWT's Advanced Technology Center, which provided hands-on experience with Palo Alto GlobalProtect, Netskope Cloud Security Management Platform and CrowdStrike Falcon.
To maximize participation and engagement, we gave players various ways to earn points as they progressed through the game. Rather than a winner-take-all end goal, players accrued points for completing tasks such as pre-game education, navigating mini-games and overcoming various obstacles.
Outcomes and benefits
Stronger teamwork and collaboration: Oakland County teams worked together to solve practical cyber challenges in a simulated environment, building camaraderie along the way. Players were encouraged to think like a hacker in fun and innovative ways designed to foster creativity in the organization's security strategy.
Increased awareness of cybersecurity: Security touches everything, but not all of Oakland County's IT professionals had experience working with the latest cyber tools and technology. This scenario exposed players to emerging security solutions, relevant cyber attack tactics and potential vulnerabilities in their existing security posture.
Holistic education and upskilling: Unlike a blue team scenario, this Cyber Range exercise didn't put the onus on players to set up defenses that might require in-depth prior knowledge. Instead, our red team scenario taught Oakland County's IT team members the basics of attacking, making it more suitable for the varying levels of cybersecurity experience on the team — from novice to expert.
Improved security posture: Strong cybersecurity starts with a well-trained staff. WWT's Cyber Range gets IT teams thinking proactively about ways to improve and incorporate security into every project and process.
Areas of security expertise
Security transformation requires much more than a technology decision. It demands organizations bring together the right mix of technology, people, capabilities and areas of specific expertise. No matter where you are in your journey to security transformation, our strategic security consultants are ready to help you tackle cyber initiatives in these (and many more) areas:
- Governance risk and compliance
- Visibility, detection and response
- Cyber resilience, recovery and data protection
- Zero trust architecture and segmentation
- Strategic resourcing and staffing
How we did it
With more than 30 years of experience helping the world's largest companies and government entities, we've learned that organizational success is found in the overlap between:
Our deep domain expertise cuts across business and technology. Our ability to extensively test solutions and deploy them at scale allows us to both advise and execute to create new realities for our customers.
Here's how we did it for Oakland County, MI:
We leveraged our gamified Cyber Range built to accommodate the most complex and demanding client requirements. These technical domains include remote worker networks, vulnerable web applications, misconfigured container environments, workloads spanning multiple data centers, unmanaged IoT and ICS devices, compromised third-party vendor networks, and data exfiltration from insecure data stores.
We tapped the unmatched power of our lab environments. We help clients of all sizes make smart technology decisions faster to accelerate security transformation. As an innovative platform, our lab ecosystem generates insights that span every sector of the economy; features industry-leading partnerships with the world's largest OEMs and technology companies; and is trusted to deliver independent and informed guidance, always rooted in our company's customer-centric approach.
How can we help you?
Our comprehensive security services portfolio is designed to help at every stage of your journey. From idea to outcome, you won't find another partner who combines strategic consulting expertise with the ability to seamlessly execute complex IT deployments worldwide:
- Combine the insights of a traditional consulting firm with the ability to execute complex infrastructure solutions at scale globally.
- Work collaboratively to find the optimal way to develop high-quality, easy-to-use software that delivers value early and often.
- Cut your proof-of-concept time from months to weeks, if not days, by leveraging WWT's testing and automation infrastructure.
- Accelerate the planning, design and implementation of complex technology investments at scale around the world.