IBM Corp. today announced the official opening of a new IBM X-Force Cyber Range in Washington, D.C., that has been specifically designed to help federal agencies, their suppliers and critical infrastructure organizations more effectively respond to persistent and disruptive cyberattacks and threats posed by artificial intelligence.

The new range seeks to assist in combating the ever-increasing number of data breaches, with IBM’s 2023 Cost of a Data Breach report estimating that the global average cost of a data breach reached $4.45 million. The report also found that the U.S. faces the highest breach costs across all regions.

IBM argues that organizations that have an incident response team and tested their IR plan experienced faster incident response times and lower costs than organizations that did neither. The 2023 report found that high levels of IR planning and testing saved industry and government nearly $1.5 million in breach costs and 54 days from the data breach lifecycle.

The new X-Force Cyber Range provides training to participants on how to handle full-scale breach scenarios, such as AI code poisoning, destructive attacks, deepfakes and zero-day or previously unknown attacks. The training experience is immersive and helps participants from companies and agencies work through challenges they would face in real time, such as cross-team communication breakdowns, resource issues and navigating the new U.S. Securities and Exchange Commission incident reporting requirements announced in December.

In addition to government agencies and critical infrastructure providers, businesses across all sectors can also participate in cyber response training.

The types of simulations available through the new X-Force Cyber Range include Mission: Crisis Response, a challenge tailored specifically for federal government agencies. The challenge involves IBM facilitators testing and guiding teams through a series of cyberattack scenarios to expose gaps in response plans within a safe environment.

The challenge allows federal agency stakeholders to learn best practices based on industry standards and real-world case studies. The federally focused scenario uses the Cybersecurity and Infrastructure Security Agency Cybersecurity Incident and Vulnerability Response Playbook to guide decision-making in a realistic cyber crisis scenario. Private sector organizations can take part in a similar scenario, called the Business Response Challenge, tailored to their industries and unique security challenges.

A second challenge, called Cyber Wargame, allows participants to uncover and investigate a cyberattack led by a cybercriminal organization against a fictitious corporation. Cyber Wargame tests an organization’s incident response process, communication and problem solving by positioning teams in the middle of a realistic cybersecurity incident to see how they would work together to resolve it.

Another training session, Inside the Mind of a Hacker, takes an interesting twist. It helps participants understand the viewpoint of an attacker by demonstrating the types of tools adversaries are using and the scope of modern attacks. The session includes relevant insights from X-Force threat intelligence to help participants stay informed and adapt to the latest cyberthreats.

“From national security threats to supply chain disruptions impacting the goods and services we rely on every day, cyberattacks on government and critical infrastructure can have ramifications that go far beyond the balance sheet,” Alice Fakir, an IBM Consulting partner and lead of cybersecurity services for U.S. federal market, said ahead of the announcement. “The elite and highly customizable cyber response training we provide at our new D.C. range helps organizations and federal agencies better defend against existing and emerging threats and also addresses federal mandates like those in the Biden Administration’s Executive Order 14028 focused on improving the nation’s cybersecurity.”

The first event at the new center, scheduled to take place in spring 2024, will host organizations within the chemical, energy and water industries. The scenario will be customized to cater to specific issues facing these industries.

The new D.C. facility is not IBM’s first. The company’s existing cyber range facilities have hosted more than 17,000 visitors, including major banks, healthcare systems, and oil and gas producers across the globe since 2016.

Photo: IBM