Home / Blog / Cyber exercises taxonomy

Cyber exercises taxonomy

Posted on 03/11/2015, by INCIBE
Cyber exercises taxonomy

Since the 80’s, experiments simulation has gained importance as a means for training. It can be said that this learning mechanism constitutes a tool allowing to undertake practices equivalent to real world situations, but safely and within a controlled setting.

Applied to cybernetics, we can define a cyber exercise as a tool to assess the readiness of participants when facing cyber crisis, also facilitating learned lessons and recommendations for the future: areas for improvement against a cyber attack, for increasing cooperation and coordination within the involved sectors, for interdependencies identification, for awareness and training improvement, etc.

The aim of this study is to propose a taxonomy of cyber exercises that can become a useful tool for the national and international cybersecurity community, providing a better understanding of existing cyber exercises, as well as helping to plan future editions.

For this task, the first step has been to gather and analyse publicly available information about the different cyber exercises that have been hold until September 5th, 2014.

Once information has been gathered, a set of metrics and indicators have been defined. The results of applying these metrics have been analysed in order to establish a cyber exercises profiling, which shows different characteristics found in their execution, and facilitates the later taxonomy definition.

On the basis of the cyber exercises analysis and profiling, and taking as reference the studies related to cyber exercises classification carried out by organizations from different geographic scope a taxonomy proposal has been developed.

- Basic Taxonomy Elements -

Finally, the cyber exercises taxonomy has been applied to the relevant cyber exercises that have been identified after applying the metrics. in order to disclose the usefulness of the taxonomy. In turn, this has allowed to reach some conclusions which could lead to a deeper knowledge of the current state of cyber exercises and enhance the planning of future ones.

The study, available in English and Spanish can be downloaded at the following links: