A return to normalcy
The year 2022 marked a return to more normalcy, and we were grateful to experience fewer disruptions than in the previous two years. The year delivered stability, with more in-person interactions with our customers as well as the team. Here is a recap of what we accomplished in 2022 and our plans for this year.
Highlights
Gauntlet powered hundreds of exercises
Gauntlet, our cyber security exercise platform, continued to mature with new features added incrementally throughout the year. Our incredibly smart and insightful team has been working hard designing and building Gauntlet towards its full potential. We are proud of their hard work and dedication. In 2022, we saw their efforts result in hundreds of exercises being conducted effortlessly through Gauntlet.
One feature that continues to be heavily used in Gauntlet is Personas. 2022 was no exception with the majority of functional (hands-on) cyber exercises having this unique feature enabled. Personas represent entities that would be involved in a real cyber incident, such as government agencies or regulators, but are not actually participating in the exercise. Participants can interact with a persona through their uniquely generated email address and practice communication in a more realistic setting. This has improved the outcomes of functional exercises by enabling participants to identify areas for improvement in their communication plans. Exercise facilitators can also respond as the persona to further enhance the realism of the exercise. Personas are a great example of how we think about cyber security exercises and what we believe needs to exist to make them more meaningful and worthwhile to do.
In 2022, we were pleased to welcome several new organisations as subscribers to Gauntlet through our Early Adopter Program. This program is designed as a mutually beneficial partnership, in which we provide subscribers with access to Gauntlet and support to get them started in running their own exercises inhouse, and they provide us with valuable feedback to help improve the product. Let us know if you are keen for your organisation to become an early adopter!
Delivery of services increased
In 2022, we experienced our busiest year yet for our cyber security exercise offerings. We conducted a variety of exercises, including both functional and tabletop (discussion-based) types, and enjoyed collaborating with our customers to develop and deliver interesting and challenging scenarios. For our repeat customers, it was great to see the increased complexity of the exercises they were requesting, really testing their incident response capabilities against more sophisticated adversary tradecraft.
We recently introduced a new type of hybrid exercise for organisations that are ready to move beyond tabletop exercises but not quite ready for functional exercises. Before we run these hybrid exercises, we work closely with the organisation to understand what the outcome would be if they took a specific action, and we push unique injects to them if we observe them discussing these actions (for example, providing them with specific information about impacted hosts, if they discuss searching for malicious IP addresses via their tooling). This significantly helps to boost the realism and effectiveness of discussion-based exercises by giving the participants more context and information, but only if the participants discuss taking the appropriate actions. Because we live and breathe exercises, we are fortunate to have the opportunity to experiment with exercises and come up with new ways to deliver them, such as this hybrid approach.
Expanded into Thailand
In 2020 and 2021, we had the opportunity to collaborate with the National Cyber Security Agency of Thailand to deliver a comprehensive cyber security exercise program for Thai critical infrastructure providers through a program funded by the Australian Department of Foreign Affairs and Trade. In 2022, we decided to continue this work and establish a team in Thailand to bring our Retrospect Labs product and service offerings to the Thai market. We are excited to see what we can accomplish in the Thai market in 2023. Stay tuned!
Our team grew
In 2022 our team continued to grow! We welcomed Kate as a Cyber Security Consultant and Shamila as our Quality Assurance Test Analyst. We are kicking 2023 off with another new face - we are extremely excited that from early January, Dr Rory Coulter will be joining us as Lead Researcher. The team consistently impresses us and makes coming to work a joy every day.
Last year we were finally able to bring everyone who was in the team at the time together in one location for the first time! We travelled to the Margaret River region in Western Australia and spent a few days relaxing and enjoying each others company while taking in the stunning beauty of the area. It was a wonderful opportunity to bond as a team and unwind.
Giving back
Many people give so much, sharing their knowledge and experience with the broader cyber security community. In 2022, we were proud to have contributed to some important initiatives. Some of the events we enabled, delivered, and supported included:
- Delivering the Australian Women in Security Network's Incident Response competition for 250 women
- Delivering the TAFEcyber Incident Response Challenge for 150 TAFE students across Australia
- Sponsoring a challenge in the PeCan+2022 Capture the Flag competition
- Co-hosting a WA AustCyber Students of Cyber Industry Connect event
- Sponsoring prizes for the UWA Information Security Society’s 2022 Capture the Flag competition
- Supporting WACTF, a Capture the Flag competition in Western Australia, as a sponsor and technical contributor
Bring on 2023
We are grateful to be enjoying what we do, building something we believe should exist in this world and working with amazing organisations to help improve their cyber resilience. While there may be challenges ahead in 2023 given the current economic climate, we are optimistic and enthusiastic about the year ahead. Game on.