Announcements |   placeholder

OZON, a gap bridging exercise

In October 2016 SURFnet organised a two-day cybersecurity exercise under the name Ozon. 28 constituents participate in this exercise which had a challenging and realistic scenario for both technicians and board members. The exercise simulated a complicated, multi stage attack form a hacker group with strategic dilemmas for ICT management and board members. In this paper we will discuss how we designed and prepared this exercise, we will discuss different kind of exercises and the benefits of each for an NREN and an university and we will present the outcome of the exercise in terms of recommendations for both the way you can organise crisis exercises and for improving your crisis organisation, processes and tooling. The exercise was an initiative of SURFcert who had a leading role in preparation and execution. Ozon was a very high appreciated exercise with a lot of lessons learned both for the art of doing crisis exercises and for all participating organisations. Ozon bridged gaps between tactical, strategic and operational levels and between constituents.


Part of session

Securing the Infrastructure

Related documents