Request a demo

This year will be the biggest test to date for security organizations. With a rapidly changing threat landscape, sprawling attack surfaces with remote workforces, and exponential growth in ransomware attacks, organizations of every size are revisiting their security priorities to ensure business continuity. 

  • Today, there are a number of real-world security situations that require better methods to design, test, and validate security changes before you deploy them in your security environments. A few examples include:
  • Zero-Day patch deployments
  • Adding new products to your security stack
  • Training new and existing security staff
  • Running red/blue team events to test incident response
  • Security engineering projects for ZTA and other new initiatives
  • Validating policies for cyber insurance
  • Evidence of compliance validation

And the list goes on.

Our goal is to take a clear-eyed look at the state of security in 2022 and build confidence in our security postures. According to the Merriam-Webster Dictionary (sorry, I know I should have used the Oxford English Dictionary), confidence is defined as:

con·​fi·​dence | \ ˈkän-fə-dən(t)s, -ˌden(t)s \
  1. A feeling or belief that you can do something well or succeed at something.
  2. A feeling or belief that someone or something is good or has the ability to succeed at something.
  3. The feeling of being certain that something will happen or that something is true.

For our purposes, I want to focus on the second definition, “a feeling or belief that someone or something is good or has the ability to succeed at something.” 

Almost every IT function uses the same basic concept of having a staging area, or sandbox, to conduct testing and development work and then push things into production. For security teams, it’s equally important to test and validate the entire tech stack. According to the Gartner 2021 CISO survey, “78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio, with 12% of CISOs having 46 or more tools.” Getting all of these products optimized and working in congress is not a trivial task and is one of the many things that makes a CISO’s life challenging.

Adding a cyber range to create a full-stack security development environment is one of the best ways to achieve a high level of cyber confidence and protect your organization and people. 

The cyber risk management life cycle

For those of you who say, “wait, that looks like a DevOps model,” you are not wrong. We believe that in 2022, security leaders should apply the same model to drive continuous improvements in strategy, engineering, optimization, training, validation, compliance and integrations within production environments. 

In this new security model, production environments are dynamically cloned on a cyber range so you can:

  • Implement and validate security strategies before moving them to production.
  • Develop and scale security engineering initiatives.
  • Optimize tech stacks in partnership with SecOps and vendors to provide optimal security configurations. 
  • Train teams to the highest level of understanding and competency.
  • Produce evidence for compliance, cyber insurance and mapping to frameworks.
  • Synchronize development and production environments. 
  • Build confidence across every aspect of your security posture.

One of the key tenets of the scientific method is to change one variable and then assess the results before moving to the next step. In complex systems, making any change comes with an inherent risk. Will a change in one part of the system impact another part of the system? As an example, let’s look at how a cyber range-based security development life cycle can help you build confidence in your next Zero-Day patch deployment.

Don’t “patch and pray,” “know before you go” 

Now let us consider the ever-recurring Zero-Day event. Good vendors will respond promptly and provide you with a “tested” patch when those events occur. However, vendors often provide patches that have been tested together. This is one of the primary reasons for adding a cyber range to your arsenal of security weapons. A few hours of testing against the cause of the Zero-Day on a range will let you see how all the patches work together. You will be able to export this data to your SIEM for more in-depth analysis and ensure the fixing of one problem does not cause others. 

According to a recent article in Dark Reading, nearly 60% of breaches are caused by patching issues. These breaches can occur because patches are not applied, applications can not be updated at a given time, or due to compatibility or other issues. It seems simple to those outside of security teams: The patch is there, just install it. However, those inside security and applications environments know it is not that simple.

This is one of the primary reasons to add a cyber range. It will lessen the pressure to “patch and pray” and enable your security and application teams to “know before they go.” We all know the old adage,  “An ounce of prevention is better than a pound of cure,” or as my shop teacher told me, “measure twice, and cut once.” Whichever analogy jumps to mind for you, we all know having the right tools to test before we deploy will raise our confidence that we are doing the right thing for our teams and organizations.

Confidence as an operational model

It's easy to write a blog, but more difficult to run a security team with confidence. Our customers include the US Cyberdefense Command, which must constantly fend off well-funded and organized criminals and nation-state threat actors. Five of the top 10 banks trust us to power their threat intel and incident response functions. We experience the same security challenges alongside you every day, have the same operational demands and fight the same fight as you. We don’t just recommend the cybersecurity development life cycle, we live it and use it daily. In this series, we will share what we, our partners and our customers experience. 

Want to learn more about how SimSpace can help you build confidence in your teams, technologies and processes? Click here to request a demo. 

Blog byShaun Walsh
Shaun Walsh
Shaun Walsh
Shaun Walsh is the VP of Global Marketing at SimSpace. He has spent over 20 years in senior leadership positions for leading companies in the cybersecurity, cloud computing, AI and enterprise networking industries.