Over the last week, Paul and Larry from Pauldotcom.com joined forces with White Wolf Security to provide a 'unique, fun, and educational exercise' at SANS in Vegas.Specifically, Paul led up the 'bad guys' and Larry led the 'good guys' in an all out cyber war. The results? Lot's of getting owned, getting locked out, but the most valuable lesson had nothing to do with computers.
Paul wrote up some of the details of the event on his blog. To sum it up, "He had a blast at this event, and learned a lot about penetration testing strategy and techniques." While this is no doubt the truth, the attendees learned something even more valuable.
As a member of White Wolf Security (they provide cyber exercise training), I know what goes into these exercises and believe in them. There is simply no better method to solidify theories or security techniques than to see them and experience them in real life. While this was a somewhat controlled environment, the feedback indicates that cyber exercises are valuable for all involved. Not only did red-cell members get to put their newly learned attack knowledge to good use, but the defenders got to experience a real live penetration in an environment where getting owned matters - something you won't find in a classroom environment.
However, the truly valuable lessons are those related to the human element - and this is stuff no book or instructor can provide. Crisis management, team building, how to keep a group of people focused on a problem, how to communicate effectively. Throughout the event, Paul and Larry had to guide people through some exciting and stressful situations. During those moments that the bad guys have you by the throat, it isn't just what you do technically that makes the difference, it is also how quickly and cohesively a defending team can collaborate their efforts that will make the difference.