Andrus Kivisaar, CybExer Technologies: “decision-makers are underestimating the cyber security threat landscape”

Even though in light of recent increases in cyberattacks one can hope for an increased level of concern from high-level management in various companies, the notion that cybersecurity training is something that’s just a “nice to have” is still prevalent.

It may be the idea that a business is immune to cyberattacks, and therefore, there is no need for company-wide training, or it might come from simply being unaware of certain risks. But the fact is that no matter how digitalized and complex the security systems are, at the end of it all stands a human person. And this human person needs to know how to act in high-pressure situations like an attack.

To discuss the best methods of cybersecurity training that are employed today and to delve deeper into some misconceptions surrounding the necessity of such training, Cybernews reached out to Andrus Kivisaar, the CEO at CybExer Technologies – a cybersecurity training company.

What has the journey of CybExer been like so far? Were there any milestones you would like to share?

The CybExer journey started before CybExer was founded. Namely, our team is made up of members from different backgrounds. Back in 2016, CybExer Technologies materialized after we had all worked together on some of the most complex cyber security exercises in the world. While working together, we went through a long process of tackling certain challenges in cyber – the process led us to eventually piece together what was wrong with the exercises we had been working on. There were a number of difficulties and inefficiencies, including a lack of technological solutions, and a lack of awareness about what was going on in the exercises.

• In 2018, we received the NATO Innovation Award for the visualization, documentation, and monitoring capabilities of our cyber security exercises.
• In 2021, we were the first Estonian company to win a NATO Procurement Agency tender. We successfully delivered our cyber range platform to the Luxembourg Ministry of Defence.
• In 2021, our cyber range platform was the engine behind a live-TV 7-hour broadcast of the CTF competition “Cyber Battle of Estonia.”
• In 2021, the multi-year agreement with the European Defense Agency to run EU countries' MilCERT exercises.
• In 2022, we partnered with experienced tech investors, raising 5 million euros to evolve and expand our activities.

In addition to those milestones, we have been part of many interesting R&D projects and continue to work with clients globally across different sectors.

Can you introduce us to what you do? How do you manage to keep the training both educational and engaging?

Our main product is the CybExer cyber range platform. Cyber range technology creates a sophisticated virtual environment that can be tailored to mimic IT systems. Essentially, the cyber range imitates the real-life IT infrastructure and allows you to see where it might be exploited. Within the simulated network of the cyber range, IT teams can launch a ‘practice’ attack and respond in real time. By partaking in these practical exercises, users learn to cope under high levels of stress, locating and exploiting vulnerabilities on various network systems, which in turn helps them develop the skills they need to identify, monitor, and resist cyberattacks.

The exercises take the form of Capture-The-Flag (CTFs) or live-fire drills or a combination of both (threat hunting). The exercises can be deployed via the cloud, on-premise, or in a hybrid manner. What makes the cyber range educational and engaging is the fact that it gives users a “real-life” experience. The participants can cooperate with their team, under intense time pressure, and in a competitive environment.

Why do you think certain companies often overlook employee cybersecurity training?

This tends to happen in situations where decision-makers are underestimating the cyber security threat landscape. Alternatively, it may be that the C-level doesn’t want to spend on cyber security – that is until something actually happens. And sooner or later, it will.

Have you noticed any new threats arise as a result of the current global events? What should organizations and individuals be on the lookout for?Due to the war in Ukraine, the world is currently in a very unstable state. From our perspective, we can only see the threat picture worsening, and encourage everyone to take cyber threats seriously – both on an organizational and individual level.

Since ransomware is becoming more prominent, what should and shouldn’t be done immediately in the event of such an attack?

First and foremost, one should make sure your data is backed up. If the event has already occurred, we advise that you work with the designated organizations such as CERT, Police, etc. However, we know that in many countries, there are still no legislative procedures in place to properly deal with these incidents.

At CybExer, you also provide training specifically tailored to universities. What kind of threats do educational institutions face nowadays?

Our University Cyber Range is a customized product for academic institutions and universities, which is used to support IT and cyber security research and study programs. The aim of the service offering is to allow the cyber range platform and its capabilities to be used as an educational and R&D tool. We believe that providing more practical and engaging cyber education to students and researchers is imperative to improving the IT and cyber security education of the future generation of cyber talents.

In your opinion, what kind of threats are we going to see more of in the next few years?We take it year by year, monitor the threat landscape, and adapt our cyber range platform accordingly.

Besides employee training, what other security measures do you think are extremely important for every business?We are focussed on cyber security, and we see that there is a lot of work ahead to be done in protecting the IT infrastructure that people and businesses are relying on for their daily activities. Cybersecurity and cyber safety are human problems. Both engaging with malicious activity and protecting against it are both something that an actual person must do. Understanding the networks, connections, machines, and vulnerabilities is still something that the employees have to know and work with. So there is nothing more important than educated and smart people who make things happen.

Share with us, what’s next for CybExer?

To grow and enlarge our footprint in the global cyber range platform market.

But currently, we are excited about integrating a student satellite ESTCube-2 into our cyber range platform.