# Advanced Cyber Training for the Utility Industry

CYRIN® is the online, always on, always available Cyber Training Platform. We've trained thousands of people how to monitor and keep their networks safe.

CYRIN is a next-generation cyber-range where you use real tools, real attacks, and real scenarios to hone your skills in a virtual environment. Secure a Linux server system, analyze the security of a web application, or respond to a denial of service attack in a controlled environment. Practice on your own schedule from within your web browser—no custom software or travel necessary!
Now with new programs, new virtual attacks, specifically designed for the Utility Industry.

We offer three levels of packages for the utility industry, ranging from labs to reinforce skills with specific software packages to full ranges consisting of IT/OT networks. Want to customize our ranges to mimic your organization's setup for increased fidelity?
Contact info@cyrintraining.com for a quote on custom development.

### Level 1: CYRIN Enterprise Instructional Labs

Level 1 includes access to the entire set of CYRIN cybersecurity labs. Currently over 30 labs are available, with more coming each quarter. Lab categories include Cyber Forensics, Secure Network Setup, and many others—see "Lab Categories" at the top of the page for a preview of each.

Want to see a lab in action? Watch our live walkthrough of Level 1!

Want to try out a lab? The Web Application Security Analysis with OWASP-ZAP lab is available FREE for 30 days.

#### Prerequisites

Prerequisites vary by lab, but are generally:

• Familiarity with the Unix/Linux command line
• Basic networking concepts (TCP/IP, DNS, etc.)
• Basic cyber-forensic concepts (for forensics labs)

#### Expected Duration

Each lab is approximately two hours long, self-paced. Labs can be paused, continued, or repeated at any time.

CPEs awarded on successful completion of each lab.

### Level 3: Utility Under Attack, War Gaming, & Instructional Labs

Experience and mitigate live cyber attacks on a virtual network representing a power generation/transmission/distribution company! Each utility gets a dedicated virtual network that includes representative enterprise (IT) and operational (OT) networks. Attacks can include Internet-originating malware such as spear-phishing, insider threats, and supply chain compromises. Users sign in via a web browser, or coming in Summer 2019, can "bring their own tools" with a direct VPN connection to their exercise network.

Level 3 includes all Level 2 war games and Level 1 labs, PLUS four IT/OT attack scenarios with a new scenario each quarter!

Want to see a scenario in action? Watch our live walkthrough of Level 3!

#### Example Scenarios

• Man-in-the-middle attack on the OT network due to a supply chain compromise.
• Phishing attack on the IT network that reaches the OT network.
• Application-level denial of service attack on the OT network.
• Network-level denial of service attack on the OT network.

#### Prerequisites

• Familiarity with SCADA system concepts (HMI clients, PLCs, Modbus, etc.)
• Basic networking concepts (TCP/IP, DNS, etc.)
• Basic network attack/defense and troubleshooting techniques

Each scenario comes with step-by-step instructions for finding the source of the attack, or for a greater challenge, have your team figure it out on their own!

#### Cost

\$5995 for an annual subscription, including existing labs/scenarios and all new scenarios during a 12 month period. Bulk discounts are available. Packages are invoiced annually.