Cyber Academy creates World-leading Cyber Security Infastructure for Big Data

The world is moving towards Big Data, and Cyber Security is one of leading applications of this, where events are tracked across a network infrastructure. In collaboration with HP and ISACA, The Cyber Academy are now advancing the virtualised Cyber Security training infrastructure created within the EU-funded DFET project to create a completely integrated real-world environment using market leading tools such as HP ArcSight and Splunk.

The infrastructure went live in August 2015 with a training course for Law Enforcement on the investigation of Distributed Denial of Service, and for students on BEng and MSc programmes in September 2015. There were already plans for training courses in the investigation of fraud, malware, and many more areas. Increasing the technology behind the Big Data integration – known as SIEM (Secure Incident and Event Management) – is being used by industry for 24×7 monitoring of corporate infrastructures and by law enforcement for the investigation of cyber security incidents.

The Cyber Academy are currently formally working with HP for the integration of ArcSight into the virtualised Cloud-based infrastructures, and which will complement the existing training environment. This continues the work to create a virtualised SoC (Special Operations Centre) infrastructure which allows students, Cyber Security professionals, and Law Enforcement to understand how to monitor and response to security events on a networked infrastructure. There are a number of key partners helping to support the development of the infrastructure including F5 and RSA.

The DFET infrastructure has developed over five years and has been used in advanced teaching of topics such as penetration testing, SIEM, malware analysis and network architecture. Over the previous months the team are integrating a massive investment in the Cloud infrastructure, and which should support thousands of trainees, in many subject areas, all of which can be done remotely.

Along with the integration of the SIEM tools, the virtual infrastructure allows the integration of new tools created for Cyber Security and which can be showcased to professionals.

 

 

siem

 

Anyone interested in the training should contact Prof Bill Buchanan (w.buchanan@napier.ac.uk).