Cybercrime and cyber terrorism are a growing threat to organizations of any kind. The main cyber threats that every organization faces include theft of funds or of identities of clients, employees or users; theft and sale of proprietary data to competitors or other criminals; and large-scale attacks that may involve mass fraud.
Research shows that the level of cyber awareness among employees in organizations tends to be low, and that IT departments lack dedicated training and a security knowledgebase. Professional training is essential for protecting an organization’s assets and resources and guaranteeing its business continuity.
Building on MER Group’s vast experience in Homeland Security (HLS) and in particular cybersecurity, MER Academy offers hands-on cybersecurity training courses to help organizations reinforce their security posture and make sure all employees are aware of the risks and security measures that are required in their roles.
All MER Academy courses are based on the KSA (Knowledge, Skills and Awareness) methodology. Instructors utilize various teaching methods – such as video presentations, role play and situational exercises – to make the trainee’s experience more interesting and multi-faceted, thus ensuring optimal results.
The training courses are tailored for the specific needs of each organization. The training includes the following five components:
- Developing a specialized training program for the organization
- Lectures and lessons for transferring professional knowledge
- Simulation of cyber-attack for gaining hands-on experience
- Scheduled awareness campaigns
- Periodical simulations and updates to maintain a high level of knowledge
MER Academy – Cybersecurity Catalog
MER Academy tailors the following training courses to specific needs of each client.
- Introduction to Information Security: This course covers the basics of information security, including technologies (computer architecture, topology and communication networks), application (simulations of hacking incidents) and information security management (predicting risk and failures, optimizing for company-wide security).
- Computer Investigation and Event Handling: This course introduces tools and resources for quick and effective investigation of cyber events, including file systems and data retrieval processes; identification, acquisition and exploration of electronic evidence; review and investigation of computers and networks; and collection and analysis of accumulated data.
- Cyber Intelligence: This course guides organizations on taking a pro-active approach to cybersecurity and transition from reaction to breaches as they happen to preemption of attacks based on intelligence gathering and analysis (identifying attackers and clarifying their motivations, intentions and capabilities). The training familiarizes trainees with tools to gain better understanding of the evolving technological sophistication of cyberattacks and the thriving black market cyber economy.
- Management Seminar & Training: Advanced course exclusively designed to move beyond basic awareness and give senior and mid-level managers the ability to understand the importance of cybersecurity, as well as to learn tools to address the complexity of business operations in a cyber-threatened world. The training includes simulations of cyberattacks, their consequences and common decision-making dilemmas based on recent case studies, as well as discussions on helping employees understand how to protect, defend and respond to cyberattacks while minimizing impact on the organization’s reputation and business continuity.
- Cyber Awareness: The course provides guidance on implementation of a holistic solution for increased cyber awareness. The solution includes a technological platform that automatically manages the awareness cycle, identifies vulnerable positions and provides interactive training; this combination of technology and organization-specific learnings establishes an elevated security awareness baseline for the organization.
- Cyber and Hacking – Basic: Trainees learn about various cyber related topics, from hacking and phishing to cyberattacks against a company or organization’s computer networks and websites, and become familiar with common industry terms and security tools used by attackers as well as protection defense methods and technology used by security experts.
- Cyber and Hacking – Advanced: Knowledge of the trainees is extended beyond basic concepts into specific techniques used by real-world contemporary cyber attackers. Trainees will gain hands-on experience with various popular tools and methods – from user tracking through the web, Android attacks, and hashing in OS authentication and elsewhere. They will also learn key elements in penetration testing.
- Cybersecurity for the Defense Sector: An introduction to cyber security, focusing on Defense. Trainees will learn about current threats and attack vectors and how to establish a methodology to counter such attacks through detection, containment, isolation, purification, investigation and exploitation of vulnerabilities. The course also introduces existing research tools and security products and their implementation as a part of defense process. Trainees will practice real-life handling of basic and medium size incidents, drills, and various cyber scenarios.
- Incident Response (Finance Sector): The finance sector is a lucrative target for cyber criminals. This course was designed to give trainees knowledge and competence in detection and reaction to the cyber threats typical for the financial sector. It allows finance sector employees to experience the role, tactics and strategy of attackers and understand their mind-set. It also covers the incident response process, which includes classification of events, security analysis, communication & delegation within the team or to other teams/3rd parties.
- Cyber Forensics: A comprehensive course which provides trainees with a thorough knowledge in cyber investigations, ability to inspect events (forensics) and high skills in data recovery, reverse engineering, preservation of evidence, real time and ex-post facto investigation. Trainees will also learn to write investigation reports and become familiar with legal aspects and relevant investigation authorities.
- SCADA: Supervisory Control and Data Acquisition (SCADA) is a system architecture – utilized to defend national critical infrastructure – comprising computers, networked data communications and graphical user interfaces for high-level supervision of machines and processes. The purpose of the course is to prepare the security professionals to be able to recognize a SCADA cyber event, have knowledge how to defend the industrial control systems and keep the operational environment safe, and finally enhance security team’s expertise of incident response procedures.
Cyber Simulator
True learning requires real experience, but IT and security specialists in charge of cyber defense rarely encounter cyber-attacks. MER Academy’s Cyber Simulator allows trainees to gain true insight into cyber defense by facing real-life attack scenarios. Using the Simulator, trainees can learn the effects of cyber attacks on all aspects of the organization and gain crucial knowledge on the system-wide implications, which will be extremely valuable when real attacks occur in their networks.
To make simulations as life-like as possible, the Simulator simulates traffic and breaking points within the environment of the specific organization. Trainees are tasked with handling a situation where thousands of end-users are accessing their organization’s services, effecting performance, filling logs and creating false positives. This training on high traffic levels prepares trainees to to identify attackers even in the busiest times, using the tools they were taught.
Simulator Architecture: The MER Cyber Simulator has a flexible and versatile architecture, designed for creating different and customized environments. It utilizes real applications, network components and security elements that are the building blocks of a common (or customized) IT environment; and includes a robust traffic generator, which enriches the training environment.
Simulator Features:
- Tailor-made: Trainers can launch a customized cyber attack (or other activities, such as phishing, etc.) for all environments or in a specific trainee’s environment, deployed concurrently or on demand/schedule, and can edit any given Activity within a Scenario for adjustment before launching
- Documentation: The system records each trainee’s screen, keeps a key-stroke log for all trainee actions, and displays a mission clock (with the remaining time for the current Scenario for each trainee) as well as the final scores and trainee assessments, general notes and lessons learnt.
- Investigation: Screen captures of selected trainees can be watched (with fast forwarding possible using keystroke capture) and analyzed.