Visiting the big crisis management exercise at the ENSIBS
Being part of the wonderful cybersecurity ecosystem in Brittany, we visited the ENSIBS and their excellent cybersecurity crisis management exercise. We used the visit not only to get impressed but also to make contact with potential future PhDs and PostDocs at the chaire, and of course to discuss joint research and teaching. Thanks a lot for the invitation!
Thanks a lot to François Theou and Jamal El Hachem for the great program and animation, and thanks to all the other professors, engineers, and students we met. And of course a big thanks you to our PhD student and proud absolvent of the ENSIBS, Léo Lavaur! Our chairholder Marc-Oliver Pahl, our associate professor Romaric Ludinard, and our PhD students Léo Lavaur and Nicolas Delcombel enjoyed the stay a lot!
About the crisis management exercise
Since its first edition in 2016, this exercise puts final-year cybersecurity students in a cyber-crisis management situation. Each year, the ENSIBS teachers build a new scenario in which students must defend a critical actor against all kind of cyberattacks. This exercise is a key aspect of the training, as students learn how to manage system security, but also crisis communication, legal procedures, and their own stress.
This year, in collaboration with the city of Vannes, students were to defend Breezh-aglo, a city operational system attacked by different kinds of actors. They are divided in four cells:
- the Technical Blue Team monitors the systems, raise alerts and deploys remediation;
- the Plan Team defines and provides processes for other cells to cope with crisis situations,-;
- the Actor Cell brings insights on the threat through forensic, threat intelligence, and OSINT;
- and the Management Blue Team aggregate and disseminate information from all other cells, communicates with external actors and media, and organizes the operations.
The exercise is held over three very intense days, during which students will have to go through each cell to vary their roles, but also assume positions with responsibilities in this fictional organization.
Alongside four other programs, the “Cyber-defense Engineer” curriculum at ENSIBS contributes to the excellence of the cyber landscape in Brittany. This curriculum is an original training program that combines technical skills and human factors, which are necessary to permanently defend and ensure the security of critical actors and companies.
The ENSIBS and the chair share a lot of partners, including the Pôle d’Excellence Cyber (PEC), the Brittany Region, and Airbus Cybersecurity, who provides the CyberRange hosting the exercise at ENSIBS and running a major part of our testbed at IMT Atlantique.