Spring Games KIPS. Or master the budget for information security in $ 300.000

Recently, the next cyber information security exercises from Kaspersky Lab have been completed. And although it didn’t work again to win a prize, the sea received impressions and emotions. Well, do not forget about a good shake-up: “do you know the profession well, do you think?”.

What is KIPS ?

Kaspersky Interactive Protection Simulation (KIPS) is a game-based training that raises the awareness of managers and decision makers about threats to information security. In a realistic attack, teams need to find a balance between the priorities of the process, business and security.

Carry it out as in offline format using paper cards and fields, and online on the site. Actually, I participated in the latter. So let's go.

After authorization on the site, the playing field appears in front of us:
')


This is the structure of the bank that we will protect. The bank already has an anti-virus protection system, a backup server and SIEM. The bank has also been certified by PCI DSS. The rest of the system we will purchase during the game. The game itself consists of 5 moves.



Those. At the beginning of each move, we receive introductory information (news of newspapers, SIEM reports, IPS / IDS reports, etc.), on the basis of which we assess risks and apply protective measures. The protective measures in the game are presented in the form of cards:



Each card has a cost in $ and in man-hours.



At the end of each move, the system automatically calculates how well you were able to defend against threats, and how much profit the bank received for the move. Whose team in 5 moves will get the greatest profit, he won.

So, we figured out the rules, it 's time to play ! Introductory information of the first move:



The automated trading system falls under suspicion (does it really happen that the system will also crash in our bank?) And ATMs (of course, this is an isolated case, but it will be great if it remains single).

First, let's follow the manufacturer's recommendation to reinstall the ATM system, and check the hard drives:



About the automated system: we will order its comprehensive audit.



There are 30 man hours left (100-30-20-20 = 30) for generally useful activities, for example:



Total for the course spent:

• 100 time units
• 50.000 $

Press the "End of turn" button and wait for the results with a sinking heart:



After reading the report, we get a new introductory information on the second turn. And so on until complete victory / defeat.

I don’t want to tell the whole course of the game and the twists and turns of the plot to those who want to take part in the next game from Kaspersky Lab.

It remains only to add that until the last move our team held in the top ten leaders, but we did not stand the final attack of hackers on our network and rolled back to 30 places (110 teams took part in the event).

Many thanks to the organizers for a great event. I am sure that this experience will be useful, both in the next information security competition and in professional activities.