Enhancing Cybersecurity Readiness Through the Red and Blue Team Competition-Reference-Cited by-同舟云学术

Enhancing Cybersecurity Readiness Through the Red and Blue Team Competition

Published:2023-06-01 Issue:2 Volume:69 Page:35-56
ISSN:2537-2726
Container-title:Bulletin of the Polytechnic Institute of Iași. Electrical Engineering, Power Engineering, Electronics Section
language:en
Short-container-title:

Author:

Chindruş Cristian¹,Căruntu Constantin-Florin¹

Affiliation:

1. “Gheorghe Asachi” Technical University of Iași , Romania , Faculty of Automatic Control and Computer Engineering

Abstract

Abstract Cybersecurity threats are evolving rapidly, necessitating effective strategies to combat them. Red and Blue team training is a valuable approach to address this challenge. It simulates real-world attack scenarios, with the Red team acting as attackers and the Blue team as defenders. This training helps organizations identify vulnerabilities and trains employees to respond effectively to security incidents. Introducing competition further enhances this training by motivating participants to excel and stay updated with evolving threats. This paper proposes a combined Red and Blue team approach to improve communication and understanding between teams. The findings indicate that this approach enhances capabilities in reacting to real attacks. By fostering better team understanding, participants effectively identify and mitigate vulnerabilities. These results highlight the potential value of a combined Red and Blue team approach for enhancing cybersecurity readiness. Further research is needed to fully explore its benefits and limitations.

Publisher

Walter de Gruyter GmbH

Link

https://www.sciendo.com/pdf/10.2478/bipie-2023-0008

Reference22 articles.

1. Andreolini M., Colacino V.G., Colajanni M., Marchetti M., A framework for the evaluation of trainee performance in cyber range exercises, Mobile Networks and Applications, vol. 25, pp. 236–247, 2020.

2. Attiah A., Chatterjee M., Zou C.C., A game theoretic approach to model cyber attack and defense strategies, in International Conference on Communications, Kansas City, MO, USA, 2018, pp. 1–7.

3. Bock K., Hughey G., Levin D., King of the hill: A novel cybersecurity competition for teaching penetration testing, in USENIX Workshop on Advances in Security Education, Baltimore, MD, 2018.

4. Brilingaitė A., Bukauskas L., Juozapavičius A., A framework for competence development and assessment in hybrid cybersecurity exercises, Computers Security, vol. 88, p. 101607, 2020.

5. Chindruș C., Căruntu C.F., Development and Testing of a Core System for Red and Blue Scenario in Cyber Security Incidents, 2022 15th International Conference on Security of Information and Networks (SIN), Sousse, Tunisia, 2022, pp. 1-7.