We are innovating the current practice of tabletop exercises (TTX) by researching and developing new methods and software tools to enhance skills in both technical and non-technical fields of cybersecurity.
What is a TTX in cybersecurity?
It is a simulated scenario-based training activity where individuals or teams gather to practice responding to various cyber threats and incidents.
It focuses on discussing and strategizing how to handle crises caused by cyberattacks.
Improved Preparedness
TTX help organizations and professionals prepare for real cyber threats by testing their response plans and identifying weaknesses.
Stronger Organizations
Through practice, organizations can become more resilient and mitigate potential damage to their infrastructure, reputation, or finances.
Better Coordination
Effective coordination among stakeholders, such as IT experts, executives, and the state, ensures a more effective response.
What is the INJECT project about?
We research and develop specialized tools and methods that transform the TTX format, focusing on repeatability, scalability, and realism.
-
We're creating software tools to execute exercises based on predefined scenarios and facilitate participant interaction with simulated incident actors.
-
Our work will make life easier for exercise organizers, instructors, and participants by simplifying crucial interactions.
-
It will also bring sophistication by implementing modern technologies, including AI.
Enhanced Efficiency: Our tools streamline exercise preparation, execution, and evaluation, reducing the workload for organizers.
Improved Education Quality: With automated tasks, organizers can focus on facilitating exercises, leading to better learning outcomes.
Advanced Data Analysis: We leverage cutting-edge data processing and machine learning techniques, offering a more objective assessment of participants' performance.
Early-stage Applicability: Our methods can be applied even with small data sets, allowing for early prototype development.
Original Research: Our project pioneers an original approach to exercise evaluation, contributing to advancing cybersecurity education knowledge through real-world case studies and conference articles.
Do you want to know more?
Project Information
- Project Identification: VK01030007
- Project Period: 1/2023 - 12/2026
- Sponsor: Ministry of the Interior of the CR
- Program: Open Calls for Security Research 2023-2029 (OPSEC)
Who is this relevant for?
- The target users are all organizations that strive to prepare for a cybersecurity crisis.
- The project outcomes are specifically relevant for organizations of critical infrastructure and organizations directly responsible for ensuring security, such as armed security forces, rescue teams, selected state authorities, or intelligence services.
- The exercises are intended for both technical and non-technical personnel involved in cyber security and interested in increasing their skills in cyber incident management.
What are the project outcomes?
We will deliver:
- Software tools for planning and executing tabletop exercises.
- Software tool for evaluating tabletop exercises.
- Articles in proceedings published at international conferences.
Will the software be available?
- Yes, the created software will be made available to other organizations for conducting tabletop exercises under an open-source license.
- The software is accessible to early adopters upon request.
Who is responsible for the project?
- The project is led by experts from Masaryk University, specifically the Cybersecurity Laboratory at the Faculty of Informatics.
- The application garant of the project is the National Cyber and Information Security Agency (NÚKIB). Its experts also participate in the design process and help to create realistic exercise scenarios.
How to cite the Inject Exercise Platform?
When referencing the INJECT Exercise Platform, please cite our paper titled:
This paper provides insights and practical experiences derived from a cybersecurity course where tabletop exercises were introduced utilizing the innovative technology of the INJECT Exercise Platform (IXP).
For a comprehensive overview of tabletop exercises, we recommend our Systematic Literature Review: "Research and Practice of Delivering Tabletop Exercises."