Managing Cybersecurity –

Awareness by experience
Kaspersky Interactive Protection Simulation –
security awareness training for top managers and decision-makers

kaspersky.com/awareness
1
Cybersecurity today – lost in a corporate ‘Bermuda triangle’

CEO SECURITY IT & BUSINESS

MANAGERS
Doesn’t see how Focused on protecting
cybersecurity spending confidential information Focused on business efficiency,
relates to revenues automation, new technologies
Many security controls are
under IT management

Mutual understanding and daily attention to cyberthreats between

these three is crucial to successful cybersecurity in today’s business

2
A fresh, practical approach is needed…

Lectures and technical red/blue

exercises are flawed:
We need a fresh and
Long, overly technical, boring, not for
managers workable approach
Fail to build “common language” at even a
common sense level

3
 Kaspersky Interactive Protection Simulation (KIPS)

 Fun, engaging and fast (2 hours)

 Teamwork builds cooperation

 Competition fosters initiative &

analysis skills

 Gameplay develops an
understanding of cybersecurity
measures

 No deep security expertise

necessary

4
Simulation can change attitudes
Typical situation / behavior
 Security controls are in place and
they’re believed to be enough
 Malfunctions or errors are often just
assumed to be ‘technical errors’,
rather than a cybersecurity incident
 Criminals use sophisticated
techniques to stay hidden - until they
strike at full power
 Cybersecurity = the responsibility of
the security department only
5
What we can show you
 How to deal with emerging threats and
how criminals operate (threat intelligence)
- both technically and understanding what
their goals are
 How to combine incident response with
incident prevention
 How to configure security controls
properly
 The importance of watching out for alerts
from security, IT and business standpoints
at the same time
Enterprise KIPS scenarios for all vertical sectors

Corporation Power station or water plant

Manufacturing and sales Industrial control systems and
critical infrastructure

Bank LPA new!

Large regional bank with corporate Web servers, public services issues
and retail business and an ATM network and GDPR procedures

Oil & gas Transportation

Mid-sized oil company with its own onshore Passenger and freight carriage
and offshore oil fields and partner network

6
 CORPORATION
Teams compete running a
simulated company
manufacturing goods, with B2B
customers buying directly and
via online channels and
suppliers shipping spare parts.
Some security controls are in
place, and the company is in
decent profit.

However, as the company

experiences a series of attacks
– Shellshock, APT, B2B
Ransomware, Insider – they
see the unexpected impact on
profits, and have to adopt
financial, IT or security
strategies and solutions to
minimize the impact of the
attack and keep their profits.

7
 BANK
Teams compete running a
simulated regional bank with an
ATM network, trade business,
online banking, a lot of security
controls in place, compliant with
security standards, predictable
fraud levels – and in profit.

However, as the bank

experiences a series of attacks
– Carbanak, Tyupkin, Cryptor,
Black Energy – they see the
exponentially growing impact on
profits, and have to adopt
different financial, IT or security
strategies and solutions to
minimize the impact of the
attack and keep profitable.

8
 OIL & GAS
Teams represent the IT security of
a company that owns oil fields and
delivers its oil to its partners. The
typical IT infrastructure – SCADA
systems for oil fields control, ERP
for high-level processes
management, reasonable security
controls – is everything a normal
oil & gas company should have.

The industry is one of the most

attacked verticals last year, so it’s
no surprise that different variants
of threats appear – from the most
primitive malware defacing
websites to highly realistic
ransomware and a
sophisticated APT. The impact
on revenues will be dramatic if
players don’t make the right
strategic cybersecurity and
business decisions…

9
 NEW

LOCAL PUBLIC
ADMINISTRATIONS
Team represents Cybersecurity
team responsible for protecting
the LPA from cyberattacks and
threats.
The LPA’s most important asset
is its reputation among its
citizens. There are three main
things that affect this reputation:
1) Timely and efficient access to
LPA services. 2) Protection of
sensitive and personal
information. 3) Maintaining and
operating of the LPA
infrastructure within the confines
of the law.

The team’s success is

measured based on its LPA’s
reputation at the end.

10
 INDUSTRIAL
Teams compete running a
simulated industrial object and
earning money.

As the plant experiences a

Stuxnet-style cyberattack they
see the impact on production
and revenues, and have to
adopt different engineering or IT
strategies and solutions to
minimize the impact of the
attack – and keep earning!

(We also offer an easier version

of this industrial scenario using a
water plant.)

11
 TRANSPORTATION
Teams compete running a
simulated logistic company,
with B2B customers placing
orders vie an e-commerce site
and regional salesforces.
Some security controls are in
place, and the company is in
decent profit.

However, as the company

experiences a series of attacks
– Heartbleed, APT, B2B
Ransomware, Insider – they
see the unexpected impact on
profits, and have to adopt
financial, IT or security
strategies and solutions to
minimize the impact of the
attack and keep in profit.

12
 KIPS played by managers and IT experts from 50+
countries

”The Kaspersky Interactive Protection Simulation was a real eye-

opener and should be made mandatory for all security
professionals.”
www.computerweekly.com/feature/Interactive-cyber-attack-a-dangerous-game

Atlanta, USA Kuala-Lumpur, Malaysia

It was truly eye-opening

and a number of the
participants asked about
using this game at their
companies.
Joe Weiss PE,
CISM, CRISC, ISA Fellow

13
KIPS outcomes are practical and valuable

Players arrive at conclusions about cybersecurity on their

own – important conclusions that are actionable in their
everyday work. For example: We at CERN have a huge
number of IT and engineering
systems, with thousands of
 A cyber incident isn’t ‘a virus’ – it’s damage to the people working on them. Thus,
business from a cybersecurity
perspective, increasing
awareness and engaging
 More automation and interconnectedness mean more people to take care about
attack surfaces, making it crucial to patch any security cybersecurity is as crucial as
the technical controls.
gaps that may occur quickly and effectively
Kaspersky Lab’s training proved
to be engaging, bright and
 It’s not enough for only IT security to care about efficient.

cyber-risks – other areas of the business must be Stefan Luders, CISO, CERN

involved too
14
Two forms of KIPS training
KIPS Live
 Up to 80 trainees in the same room
 The same language for all participants
 A trainer and a training assistant on-site
 Essential printed materials
More limitations, but stronger engagement due to
on-site presence and face-to-face competition.
Plays as a team-building event as well.
15
KIPS Online
 Up to 300 teams (= 1000 trainees) simultaneously,
from any location
 Different teams can choose a game interface in
different languages
 A trainer leads the sessions via WebEx
Perfect for global organizations and public
activities. Can be combined with KIPS Live to add
remote teams to an on-site event.
Training process overview
Game rules and KIPS is played by Ideal scenario revealed Results announced –
housekeeping teams and lessons learned congratulations to
explained winners!

The trainer explains the
game and its rules while
trainees listen and follow
slides on a big screen or via
WebEx.
20 minutes
Players read alerts and
information and decide on
the best course of action by
choosing cards according to
their strategy and budget
and time limitations.
After each turn. a rating is
updated.
The trainer facilitates,
encourages and controls
timing throughout.
40 - 50 minutes
The trainer explains the Participants can be invited
threats the players to share results and photos
encountered, reveals the on social media.
ideal scenario and guides
participants to the right
conclusions and practical
takeaways.
20 - 30 minutes 10 - 20 minutes

Overall 1,5 – 2 hours

16
Delivery options and languages

Kaspersky Lab trainer Train-the-trainer

Our certified trainer (available in all License to use the training inside
regions) the enterprise by internal trainers
or as a training center license

KIPS software and printed materials are available in multiple languages*, and
new localizations are being added regularly.

English French German Japanese Italian

Portuguese Spanish EU Spanish LA Russian Turkish

* Please check with the Kaspersky Security Awareness team if a specific scenario is available in your language – there may be some exclusions.

17
KIPS Live requirements

Group
20-80 people, split into teams of 3-4 people

Room
~ 3m2/person, no columns, regular form

Time
The game takes between 1.5 and 2 hours, and the room must be
available for 2 hours before the game starts, for preparation and
setup

Equipment
Projector, screen, 1 iPad per team + Wi-Fi, sound system
(speakers, microphones)

Furniture
Tables of 4 participants (rectangular tables should be no less than
75x180cm; round tables should be no bigger than 1.5m in
diameter). Participants should sit in groups of 4 at the tables.
Table for co-host, a chair for every participant.

18
 Kaspersky Security Awareness training products

Skills instead of just knowledge

Computer-based – easy delivery,

management & measurement

Real life examples & practical

exercises – students engagement
and motivation

Clear training structure and latest

L&D technologies - easy for
administrators, effective for students

Kaspersky Cybersecurity Awareness Training consists of 3 elements

which intermesh, but which are also fully effective when used
separately.

19
Key program differentiators

Role-based, Human-centric Continuous Easy to manage

targeted training approach incremental and control
learning
• Learn what you need • Training that’s structured in • Online
• From the simple to the
to know, based on line with the way people • Automated learning
more complex
your role and risk naturally think management
• Expanding and
profile. • Putting a positive, proactive • Invitations and motivational
applying previously
• Relevant real-life spin on safe behavior emails sent automatically
acquired knowledge in
examples and skills • Information and skills that with individual
new contexts
that can be put to are easy to digest and recommendations for every
• Learning by doing
immediate use retain, thanks to student
methodologies based on
the specifics of human
20 memory
 Kaspersky Security Awareness Worldwide

75 countries
250,000 trained
employees
as of March 2019
21
 BRING ON THE FUTURE

kaspersky.com/awareness
22