Day: May 6, 2022

THE SITUATION

QA, a tech and digital skills organization in the UK, recognizes that the technology sector is facing a supply-and-demand dilemma. Talent is in short quantity and commands a high price. QA is tackling this problem head-on by providing a comprehensive suite of talent and training services to help individuals and companies drive the digital revolution.

QA embedded Project Ares into their training solutions and then ran a new cybersecurity academy for key client. The client is ecstatic about Project Ares and the valuable knowledge the learners gained from using the gamified platform. QA ran the 20-hour training course over 3 weeks using Project Ares cybersecurity learning tools for 10 students. The students trained in all nine Project Ares Battle Rooms and two Missions: Mission 1 for Disable Botnet and Mission 2 for File Theft.

The programme concluded with a capstone project using the Project Ares Microsoft 365 Introduction Battle Room which features Microsoft Defender for Office365. The students collaborated and coached each other through task completion. The instructors watched the activity and only jumped in with helpful tips when needed.

Battle Room 22 with Microsoft 365 (aka Into the Breach) is a single threat cyber range scenario introducing learners to the power of Microsoft 365 Security stack. Learner’s step into the role of a Cyber Defense Analyst and investigate how an attacker acquired access to the network and executed lateral movement to obtain higher privileges and exfiltrate sensitive information

THE SOLUTION

cybersecurity expert, Michael Kaplan, mentored the students, bringing his expert insight to the virtual classroom. He clarified topics and expanded upon the lessons contained within Project Ares. As a result of this intensive learning experience, the learners found that Project Ares not only tested their technical skills but also challenged their soft skills such as communication, collaboration, and strategy in a team environment.

Michael I. Kaplan, Cybersecurity Instructor

“Soft skills are very important in a SOC environment, incredibly overlooked, and underestimated. cybersecurity is 80% people and 20% technology.”

THE  BENEFIT

Gamified learning provides an engaging and productive environment for professionals who strive to build competency and apply skills in their profession. Traditional lecture-based learning is not sustainable for long-term professional development. The ever-evolving cyber industry needs effective training methods to keep up with the workforce demand.

Gamification in the workplace significantly impacts employee engagement, motivation, and psychology -Source below. Project Ares provides professionals with a safe and simulated environment where new ideas can be tested, and teams or individuals can solve complex cyber problems.

Project Ares uses active, realistic emulations of cyber systems and devices, allowing students to practice against real-world threats. The QA MS Azure Cybersecurity Programme enabled learners to apply textbook learning to building skills in real-time. QA students accomplished the program and gained many new skills along the way. The students thoroughly enjoyed their experience with Project Ares and the course instructor. The students were actively engaged and supported each other throughout the program’s length and cited Battle Room 22 as their favorite activity during the programme.

The QA Cybersecurity Practice offers the UK’s broadest and deepest end-to-end curriculum of cyber training programmes through its global learning ecosystem of 50+ cyber industry partners, including cyber digital platform providers like Circadence.

• The learning solutions from QA are available across a range of delivery methods, including instructor-led virtual or in-person options.
• Throughout its rich collection of cyber focused Boot Camps, Training Programmes, and Apprenticeships, QA incorporates hands-on Project Ares labs for applied learning.
• These skilling services provide organisations of all sizes with a source of accredited, early-career, and specialised cyber talent.

The mission of the QA Cybersecurity Practice is aligned to the 2022 UK National Cyber Strategy: To strengthen the UK cyber ecosystem by enhancing and expanding the nation’s cyber skills at every level.

THE SITUATION

As the business world shifts to more remote work, there has been an influx of threats that exacerbates existing cybersecurity challenges. The frequency of malicious breaches is mind-blowing with the volume of sensitive personal and financial information costing $6 trillion USD globally in 2021.

There is some encouraging news. The global cybersecurity skills shortage has fallen for the second consecutive year. The cybersecurity Workforce Gap decreased to 2.72 million last year compared to 3.12 million in 2020. However, even though the decrease in the workforce gap is trending positively, the gap remains a prominent long-term challenge. The cybersecurity workforce size is still 65% below what it needs to be, according to the latest figures from ISC.

QA,a digital skills and cybersecurity workforce development company in the UK, is working diligently to tackle this challenge with training solutions that benefit the global cybersecurity posture.

QA’s Cybersecurity Apprentice Programs provide a foundational skill set that is marketable for learners to help build career growth in the workforce. QA’s philosophy is that everything starts with the cybersecurity learner. Transforming the lives and careers of these learners is what motivates all of QA’s programs. Through the Cyber Apprentice programs, QA succeeds where recruiters cannot, finding diverse and ambitious talent and arming them with the technology and cybersecurity skills businesses need to strengthen their cybersecurity posture.

THE SOLUTION

QA’s Apprentice Programs highlight developing and advancing skills of young professionals by providing foundational training and work experience that applies to today’s business world. To address the technology skills gap, the QA team leverages Project Ares as an educational tool to bring the practical hands-on keyboard and immersive learning into their workforce development cybersecurity courses. QA has taught over 150 learners using Project Ares and provided more opportunity and experience to the young workforce as a result. Project Ares’ game-inspired, web-based platform engages and empowers student learning. Hands-on training and active-learning models increase retention rates by up to 75% .

Gamified learning keeps participants engaged and excited about continuous training, helping them see the value of their capabilities.

THE  BENEFIT

Project Ares provides apprentices with real-world progressive technical ‘in-game’ assessments. The gamified learn-by-doing solution allows instructors to track ongoing assessments, achievements, and measure learners’ progress throughout the program.

With QA, apprentices can expect to gain qualifications valued by the world’s most profitable tech sector organizations. From apprentice to junior professional, QA graduates emerge into the technology industry with the skills needed for success.

The QA Cybersecurity Practice offers the UK’s broadest and deepest end-to-end curriculum of cyber training programmes through its global learning ecosystem of 50+ cyber industry partners, including cyber digital platform providers like Circadence.

• The learning solutions from QA are available across a range of delivery methods, including instructor-led virtual or in-person options.
• Throughout its rich collection of cyber focused Boot Camps, Training Programmes, and Apprenticeships, QA incorporates hands-on Project Ares labs for applied learning.
• These skilling services provide organisations of all sizes with a source of accredited, early-career, and specialised cyber talent.

The mission of the QA Cybersecurity Practice is aligned to the 2022 UK National Cyber Strategy: To strengthen the UK cyber ecosystem by enhancing and expanding the nation’s cyber skills at every level.

BUiD Cybersecurity Academy

The British University in Dubai (BUiD) was established in 2003 as the region’s first research-based postgraduate university. BUiD offers a unique not-for-profit high education brand focused on academic research designed to contribute to technological innovation and socioeconomic development. It offers programs in business, education, engineering, and informatics. As a research-based institution, BUiD prides itself on its dedication to nurturing learners while building skills and aptitudes that benefit governments, businesses, and communities globally.

The team at BUiD aims to advance cybersecurity innovation through world class research, teaching excellence, industrial expertise, and training capacity.

To improve cybersecurity talent in the UAE, the university seeks to increase the number of fully prepared graduates entering the cybersecurity workforce by providing hands-on education, simulated training, and certifications for students and professionals.

Education Partnership

Project Ares is proud to partner with BUiD and to work with their cyber workforce development team to provide cyber practice labs for students participating in a Certified Cyber Incident Response Manager (C-CIRM) course taught by our shared teaching partner, Phase 2 Advantage.The lab component for the C-CIRM course features Project Ares Battle Room 8- Network Traffic Analysis, Battle Room 9- Forensics , and Battle Room 11- System Security Analyst. The students in these initial courses come from several BUiD regional alliances including: Cyberani Solutions, Raytheon and CyberX.

The C-CIRM course supports the work defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework . Specifically, the C-CIRM training program teaches the skills and attributes needed for students to become cybersecurity first responders who are the first line of defense against cyber-attacks. The program’s goal is to help address a critical shortage of cybersecurity professionals with the skills required to defend against increasingly sophisticated cyber-attacks.

Incident responders fundamentally react to and mitigate incidents that can potentially impact a network, business, and operational processes in a negative way. However, incident response can also involve quite a bit more, like being preemptive, predictive, and having an intelligence-oriented mindset. The goal of incident response is to mitigate incidents but also to learn from incidents to strengthen and increase organizations’ security postures. Security professionals review strategic recommendations, playbooks, lessons learned to consider how they can incorporate those elements into future programs, policy, and training. By developing preemptive v. reactive stances, organizations become dynamic, integrated, and prepared for the future.

The C-CIRM course begins at a high level and addresses specific areas of the incident response process. This ensure that students holistically understand the discipline from a broad perspective, have a solid foundational knowledge, and understand the roles and processes involved in an incident response team.

This allows students to be prepared and confident when they walk into these job roles later while also maintaining the flexibility to understand that this is a highly fluid and dynamic discipline where innovation happens at the cross-sections of disciplines.

The Training Course

The C-CIRM course takes 40 hours to complete and BUiD uses high intensity immersion over 5 days to help students prepare to take their certificate examinations. This course teaches students critical technical skills, including networks, threat impacts, tools to help mitigate incidents and strengthen networks, malware analysis, remediation and eradication techniques, etc. Additionally, they learn how to communicate with ancillary team members, work shoulder to shoulder with others, communicate effectively in report writing and when offering recommendations to management.

BUiD’s partner instructors from Phase 2 Advantage are experienced cyber professionals who explain course content to students and answer their questions by bringing their real-world know-how into the conversation. The shared practical experiences and stories help students bridge the gap between cybersecurity theory and practice. The course focus is not only on the tools but also the tips, tricks, and deeper insights that these experts bring to the table.

For more information visit www.buid.ac.ae 

BUiD’s partnership with Project Ares has proven to be a valuable differentiator for this C-CIRM course.

When given the opportunity to work with real tools in safe virtual machine environments during the course, students become proficient, competent, and confident in using cybersecurity tools. They also begin to envision how they could fit into an Incident Responder role in the workplace which is directly aligned with BUiD’s goal of delivering graduates ready to work in the cybersecurity field.