FEMP Cybersecurity Training Game - Airlock  

Education Type: 
On-Demand
Duration: 
1 Hour
Level: 
Intermediate
Prerequisites: 

None

FEMP IACET: 
0.2 CEU

Federal agency staff are facing increasing pressures to defend operational technologies against cyber intrusion. This training game challenges cybersecurity teams on their ability to mitigate cyber threats based on real-world scenarios. This interactive tool will help staff improve their understanding of how to apply cybersecurity frameworks and best practices in the facility context. At points throughout a scenario, your "team" will be prompted to make decisions on what should be implemented in the facility in an effort to contain the breach.

Attendees must earn a passing score on the game to earn continuing education units. In the "Airlock" scenario, the user will be playing as a federal employee at a U.S. Department of Energy Operations Office, whose organization serves the community by overseeing worker safety and environmental protection. The user's primary job duties as the lead cybersecurity engineer are to manage the implementation of security policies and to keep the facility up to current standards.

The "Airlock"' scenario also introduces users to key cybersecurity terms, organizations, and tools such as beacon, web shells, and command and control (C2) servers. The scenario touches on how threat actors can utilize communication protocols such as BACnet to transmit information across compromised devices and the different cyber-attack tactic techniques that can be used, focusing on data exfiltration and data destruction.

This course is optimally viewed in modern and supported browsers; please use Edge, Chrome, Firefox, etc.

Instructors

Sri Gourisetti, Pacific Northwest National Laboratory (PNNL)   

Sri Nikhil Gupta Gourisetti is the Energy Systems Cybersecurity Researcher at Pacific Northwest National Laboratory (PNNL) with specialized knowledge and interests in Operational Technology (OT) cyber security, blockchain technology, software engineering, power systems modeling & simulation, and growing capability in physics-driven machine learning systems. Sri Nikhil's research domains include smart grid systems and connected smart buildings focused on ICS/OT/IoT cybersecurity. At PNNL, he works on several smart grid and connected buildings cyber-physical security projects addressing the resiliency, reliability, and interoperability challenges and needs of critical infrastructure facilities. He is the Principal Investigator for DOE Cybersecurity projects such as a blockchain-based cybersecurity system for critical infrastructure and transactive energy; Mitigation of External-exposure for Energy Delivery Systems; non-intrusive Cybersecurity tools to enumerate vulnerabilities and threats. Sri Nikhil received his Ph.D. in Engineering Science and Systems specializing in Electrical Engineering. Sri Nikhil is a certified information systems security professional (CISSP) and SANS's certified global industrial cyber security professional (GICSP).

Julia Rotondo, Pacific Northwest National Laboratory (PNNL)   

Julia Rotondo is a program manager at Pacific Northwest National Laboratory (PNNL) with more than eight years of experience working on energy, cybersecurity, climate change, and buildings efficiency issues. This experience includes leading cybersecurity strategy development, research on connected technologies, miscellaneous loads, and operational technologies cybersecurity. At PNNL, Julia works on energy systems resilience and cybersecurity issues, including developing resources to enhance the resilience planning capabilities of federal facilities. She holds bachelor's degrees from the University of Chicago and a master's degree from American University.

Travis Ashley, Pacific Northwest National Laboratory (PNNL)   

Travis Ashley joined the Electricity Infrastructure and Buildings division at Pacific Northwest National Laboratory in 2017 as a computer scientist, primarily researching in residential energy efficiency applications and cybersecurity. His research in cybersecurity focuses on critical infrastructure protection, focusing on improving the maturity of the cybersecurity posture of the facilities that supply critical services. He has contributed to the development of the Mitigations of Exposed Energy Delivery System (MEEDS) attack surface management tool was primarily through identifying exposed devices using Python. He also contributed to the development of the Facility Cybersecurity Framework (FCF) training tools through designing cyberattack scenarios and mapping cybersecurity policy controls to the various stages of the attack. He is currently pursuing his Master's degree in Cybersecurity and is a member of the IEEE Computer Society.

Roger Kwan, Pacific Northwest National Laboratory (PNNL)   

Roger Kwon is a Cyber Security Engineer on Network Cyber Security team in the Pacific Northwest National Laboratory. His research interests are in malwares, application security, Intrusion Detection System, and security assessment. Roger's work has focused on enterprise network assessment such as Cyber.gov, The Impediments, ITC Capstone, Facility Cybersecurity Framework, and others. Before coming to the PNNL Roger worked at Samsung Life Insurance as a Software Engineer on Web Service team and improved upon an existing sensitive monetary data traffic system by securing APIs and web-based infrastructure with industry-standard best practices.

Learning Objectives

Upon completion of this training, attendees will be able to:

  • Enhance the understanding and applicability of the Facilities Cybersecurity Framework, based on the NIST Cybersecurity Framework;
  • Experience and respond to simulated cybersecurity attacks;
  • Identify threats, protect systems, and detect, respond, and recover from incoming attacks; and
  • Understand how to manage cybersecurity risks in a resource-constrained setting.
  • Federal Agencies and Facility Criteria: