Information technology giant IBM has a novel approach to improving an organisation’s response to a cyberattack: a state-of-the-art cyber watch floor located in an 18-wheel truck.
Known as the Cyber Tactical Operations Center, or C-TOC, the facility is currently touring Europe to provide cybersecurity training and education for businesses and students.
The facility, inspired by tactical operations centres used by the military, can also be deployed at large-scale events to bolster cybersecurity defences.
“It’s highly mobile. When it gets on site it expands out to make this entire watch floor,” Caleb Barlow, vice president, IBM Security, XForce Threat Intelligence, told Verdict.
“It’s 23 tonnes of cybersecurity preparedness.”
The C-TOC is also self-powered and connects via its own sterile internet.
Take a look inside the C-TOC and hear Barlow talk more about it in our video below.
The main objective of IBM’s C-TOC is to provide organisations with realistic cyberattack simulations.
The idea is for businesses to take part in a high-pressure simulation so that if it suffers a real breach muscle memory will kick in and the damage can be controlled.
IBM invited Verdict to experience the simulation at its London office. During the two hour experience – around half the length of the full version – participants are tasked with handling an emerging breach for fictitious Fortune 100 financial services company Bane & Ox.
As the breach unfolds, phones ring simultaneously, with actors convincingly playing reporters and concerned employees, among others.
On screens stretching across the wall of the C-TOC, social media explodes with negative reactions to the breach.
Out of the chaos emerges IBM’s takeaway point – that being unprepared for a situation causes paralysis. And for businesses suffering a breach, that paralysis can be costly.
“This is one of the largest societal issues of our time,” Barlow told Verdict. “The reality is, the response to the breach often causes more damage than the breach itself.
According to research conducted by the Ponemon Institute and sponsored by IBM, the average cost of a data breach globally is $3.86m. For some of the biggest breaches, the cost to companies has been as high as $350m.
There are other simulations available, including a cyber war game and an exercise that puts the participant inside the mind of a cybercriminal.
On-demand response at major events
Perhaps the most interesting use case for the C-TOC is deploying it as a mobile, on-demand security operations centre at major events, such as a political rally or sports match.
Although it is yet to be deployed in this way, it shows how cybersecurity is now considered worthy of an emergency response alongside traditional services.
“If we think about a large-scale incident of any type, what do you normally have in the field? Fire, police, EMS [emergency services], other types of first responders. Well, cyber is now part of that environment as well,” explained Barlow.
With an anticipated shortfall of nearly 2 million cybersecurity professionals by 2022, IBM is also using the Cyber Tactical Operations Center to raise awareness among school children and university students about careers in the cybersecurity industry.
For example, last November the C-TOC travelled to Rochester Institute of Technology in the US and it recently travelled to Oxford University.
Speaking at the launch of the London stop, Ed Vaizey MP said:
“What is really impressive about this is that it brings to life what it is like to live through a cyberattack. No one who experiences this simulation will leave without realising what a threat a cyberattack could be to their business.
“Like all great ideas, I’m amazed nobody had thought of it four or five years ago, but I’m glad that IBM is now leading the way in building a state-of-the-art Mobile Command Center to help deal with the real cybersecurity threats that can easily bring down very big businesses.”
Following a US tour, the C-TOC will travel across Europe throughout 2019. At present, the tour includes stops in Ireland, the Netherlands, Switzerland and France.