Enabling Next-Generation Cyber Ranges with Mobile Security Components

摘要

The number of security incidents involving mobile devices has risen in the past years. This means that organizations must seriously consider such devices within their threat landscape and prepare their cybersecurity operators to prevent, identify, and manage security issues involving them. Nowadays, cyber ranges represent the most effective and versatile systems for training skills in the cybersecurity domain as they provide hands-on experiences in large, sophisticated infrastructures. Nevertheless, cyber ranges are capable of emulating components and interactions of the Information and Operational Technology domains, but they lack the support of mobile devices with the same effectiveness and realism. In this paper, we propose an enhancement of the architecture and the training environments of an existing cyber range, which properly integrates mobile security components. The effectiveness of such an integration is due to a thorough review of the mobile threat landscape and the functional components of a cyber range.