CYBER SECURITY EXERCISE – LITERATURE REVIEW TO PEDAGOGICAL METHODOLOGY
JAMK University of Applied Sciences hosts a cyber security research, development, and training center JYVSECTEC (Jyväskylä Security Technology). It aims to provide a value for customers and accelerates the technological development and preparedness against threats. It offers cyber security related services, e.g. cyber security exercises, personnel training, software testing, and management consulting as well as accreditation and certification functionalities.
Cyber security exercises are the major service at JYVSECTEC. Cyber security exercises are executed in real life simulation environment, RGCE (Realistic Global Cyber Environment). It provides the same functionality as the real Internet, but it is isolated from real Internet and fully controlled by JYVSECTEC, enabling the use of global threats and scenarios.
The organization participating in exercises can engage in cyber exercise with different functionalities or persons acting in different roles such as technical persons, process management or business management. The goal is to train individuals and by the increased knowledge of individuals improve the organization’s ability to handle and tolerate cyber threats. There are often two or more organizations participating in the exercise, which enables the network of partners and subcontractors to develop their resilience. JYVSECTEC mindset is to provide a variety of scenarios that simulate threat actors that are threat-driven with their tactics, techniques and procedures (TTPs).
Cyber domain is a complex environment where technology, processes, human activities are combined, and effectiveness is difficult to predict. In a real-like enclosed environment, learning can be structured in the required areas of competence development. On the other hand, working as a part of a team enables the integration of training into the organization's genuine functions, thus enabling the development of organizational functions. In accordance with the goals of the exercise, a scenario is made for the exercise, which enables execution the exercise objectives.
In a cyber exercise, an individual acts as part of a team in a predetermined role. The teams in the exercise are the Blue Team, the White Team, the Red Team, the Green Team, and possibly research teams, often called the Purple Team. The Blue Team defends their fictional organization environment, The Red Team is a threat actor, The Green Team is charge of the construction and maintenance of exercise infrastructure and the White Team is a leading team. The Purple Team observes and researches actions.
This paper is a literature review comparing assessing different pedagogical principles implementation in cyber security exercise. Our perspective is based on collaboration and simulation of real life events in exercise. Games and simulation are powerful methods when focus in education event is on student performance, engagement, and learning motivation. Simulation is one of the seven game pedagogy genres (action, adventures, fighting, role-playing, simulations, sports and strategy games) with game modelled natural or man-made systems or phenomena. Students act as players with pre-specified goals that they try to achieve. In simulation scenario-based environment will be created where students try to solve real life problems and increase their knowledge by applying it previous experiences.