Today, cybersecurity provider Cyberbit announced the launch of a new Cyber Readiness platform that will enable organizations to simulate cyberattacks and assess how prepared their cyber workforces are to combat the latest threats. 

Cyberbit is a software-as-a-service (SaaS) -based cyberattack simulation platform that can emulate ransomware and supply chain style attacks on a simulated network, while users will have an opportunity to mitigate these attacks with the security tools that they rely on daily. 

For enterprise and technical decision makers, the solution provides a scalable training solution for security teams that can educate them on how to manage immersive threats to remediate them in the shortest time possible. 

Fine-tuning incident response 

The announcement comes as incident response has remained a consistent challenge for organizations who’ve struggled to prevent and remediate intrusions promptly, with the average dwell time of an intrusion during a data breach being 287 days. 

One of the key reasons for this is that organizations don’t have the internal skills and resources needed to deal with increasingly complex threats, particularly amid the cybersecurity skills shortage where the size of the global cybersecurity workforce is 65% below what it needs to be. 

In the current threat landscape, a finely-tuned incident response is essential for mitigate cyberattacks and preventing prolonged downtime. 

“Cyber defense teams are not prepared to respond to cyberattacks, which is why we continue to see an increase in successful breaches, particularly ransomware attacks, that doubled last year. Organizations are investing disproportionate amounts in security tools when in fact, their cybersecurity teams don’t know how to operate these tools during an attack,” said CEO of Cyberbit Adi Dar. 

“Over the last few years organizations have realized that to reduce risk they must shift from investing in more tools, to investing in their cyber defense teams — their ‘first responders.’ The problem is that previous generation approaches do not help them prepare these teams. There is no real, scalable way to place teams in the attack scenarios they will encounter on the job,” he said. 

Cyberbit’s answer to this problem is to offer security professionals a cyber readiness platform they can use to run exercises and courses to experience ransomware, supply chain and cloud attacks in real-time so they can practice how to remediate and protect critical data assets in a live threat scenario. 

This helps them prepare to deal with malicious threat actors so that they’re ready to make intelligent decisions in a live threat scenario. 

The automated cyber simulation race 

Cyberbit’s launch comes amid a growing demand for automated cyber simulation solutions, with the automated breach and attack simulation market size anticipated to reach $3.5 billion revenue by 2026, as organizations seek to enable security teams to identify and remediate vulnerabilities in their environments.  

While Cyberbit is aiming to position itself as the definitive cyber training solution, the provider is not only competing with traditional training courses, and red team vs. blue time penetration testing exercises, but also cyber simulation platforms and cyber labs. 

One such provider is Immersive Labs, which offers a Cyber Workforce Optimization solution that can run role-specific cyber simulations to test employees knowledge, and recently raised $75 million in funding last year as part of a Series C funding round, bringing its total funding to $123 million. 

Another competitor is Cymulate, which offers enterprises a solution for simulating machine-driven attacks so they can assess how their security controls are performing, and identify vulnerabilities, which raised $45 million in funding last year.

Although Cyberbit’s leadership suggests that not only is its solution more scalable, but its use of hyper realistic simulation is what sets it apart.

“The idea is that to maximize cyber readiness you must place the teams in scenarios that mirror the real world, so we’ve built a virtual cloud-based “arena” that simulates complete cyberattacks and mirrors the corporate network,” Dar said. 

“You’ll see real phishing emails coming in, the simulated attacker will move laterally in the simulated network and try to steal sensitive data, computers will display a real ransomware screen, etc. And trainees will have the option to use the actual security tools that they will use on the job, so they can maximize their performance when the real attack happens,” he said.