LECMgt has signed an agreement with Black Lantern Security of Charleston, South Carolina to design their cyber exercises and wargames. Black Lantern Security develops information technology solutions for their customers. Prior to forming Black Lantern team members were part of a Red Cell for the Department of Defense. They helped to protect our nation’s secrets. Dr. Philip Hartlieb leads the Black Lantern team. Dr. Harlieb has many years’ experience leading IT Red Teaming for the Department of Defense.
In June LECMgt and Black Lantern conducted their first joint tabletop exercise for a Fortune 500 company in Georgia. The client hosted a security summit for its worldwide IT security team. The exercise involved three IT security teams each evaluating distinct threats and developing an incident action plan. The exercise also involved an executive management team dealing with the related fallout from publicity related to the simulated data breaches. Exercise participants were drawn from the US, Europe, Canada, the Asia Pacific region, and Mexico.
The two-day conference included presentations by IT security experts and the FBI. The evening of the first day team members received a simulated email regarding a possible anomaly in their networks. The teams were encouraged to begin communicating and problem-solving.
The exercise was the conference’s capstone event on the afternoon of Day Two. By the start of the exercise people were actively collaborating just as they would in a corporation wide cyber crisis. Besides the technical issues, the executive crisis management team was dealing with social media problems, incorrect information released by the news media, and a possible ongoing FBI investigation of other victim companies.
The exercise concluded with a “hotwash” debrief led by Roger Mason and Phil Hartlieb. Team members discussed their challenges and possible improvements to their response protocols. This exercise was the first live fire test of a joint LECMgt/Black Lantern exercise. The feedback from the participants was very encouraging. One administrator remarked their tabletops usually involve a person leading a discussion in front of a PowerPoint. “This exercise was much more interactive. People felt like they were working on a real problem. Everyone was involved. You could see the stress they felt as the scenario played out.”
We are excited about taking LECMgt’s exercise and wargame experience and combining it with Black Lantern’s knowledge of IT security. Our goal is to set the industry standard for cyber tabletop exercises and wargames.