FS-ISAC and Cyberbit announce winner of the first Cyber League

Sharon Rosenman, Chief Marketing Officer at Cyberbit

FS-ISAC, the member-driven, not-for-profit organization that advances cybersecurity and resilience in the financial system, and Cyberbit, provider of cybersecurity skill development and readiness platform, announced that team “IsNotTheEDR” from Banco de Crédito Cooperativo (BCC) is the winner of the first International Cyber League (ICL) Financial Cup, 2022 – the first hyper-realistic cybersecurity tournament for the financial industry.

The first runner-up is team “Suboptimal” from a Fortune 500 financial institution, the second runner-up is Team “AskITTeam” from BCC and the third runner up is team “TIAA” from TIAA. Other teams who reached the top 10 in ICL finals include Loan Depot and Somerset Trust.

Why is the purpose of the tournament?

The tournament ran from 6-26 October 2022 and challenged cybersecurity teams from the financial sector to respond to live-fire cyberattack simulations replicating attacks they may encounter in real life. Teams were scored based on typical incident response KPIs including investigation, eradication, and remediation goals, as well as their response times.

The BCC team outperformed 55 cyber defense teams from leading financial organizations around the world and scored a perfect 100 in the live-fire challenge. The Cyberbit platform, normally used by enterprises to train and upskill information security teams, as well as for FS-ISAC’s monthly cyber range workshops, was repurposed to power the ICL competition.

The platform provided a virtual arena that emulated a virtual security operations center (SOC) that simulated the live attacks and automatically scored the teams based on their achievements. The ICL reinvents cybersecurity competition formats by assessing cyber defense skills in real-world scenarios, allowing teams to predict performance during an attack.

Traditional Capture-the-Flag (CTF) events test offensive skills, but these do not reflect the capabilities that cyber defenders will be required to demonstrate during an attack. The ICL leverages cyber range live-fire scenarios to simulate real threat vectors and malware that assess essential “blue team” skills, including technical skills like malware analysis and SIEM investigation, as well as soft skills like teamwork, critical thinking, and communications.

What were the executives’ thoughts on the tournament?

“We in the financial sector believe that exercising builds muscle memory to ensure smooth and efficient incident response. We run a wide variety of exercises to ensure preparedness throughout all different organizational levels and functions, and we chose this competition format during Cybersecurity Awareness Month to bring a little fun into this critical tool for operational resilience,” said Cameron Dicker, Global Head of Business Resilience at FS-ISAC.

“CISA and the NCA aptly named this year’s cyber awareness month theme as ‘See Yourself in Cyber,’ demonstrating that  cybersecurity is ultimately, about people. The feedback from the ICL teams was overwhelmingly positive and we are proud to collaborate with FS-ISAC in helping the financial industry become better prepared for real-world attacks by assessing and maximizing human performance” said Sharon Rosenman, Chief Marketing Officer at Cyberbit.

“A Cyber Range is a strategic capability that enables stakeholders to effectively train their professionals, and to experiment, test and validate new cybersecurity and cyber defense concepts, technologies, techniques, and tactics. Cyber range competitions such as the ICL Financial Cup help in providing a comparison with the rest of the peers in the sector”, said Francisco Navarro García, Chief Information Security Officer, Banco de Crédito Cooperativo.

“The International Cyber League has been an excellent experience for our teams and a fantastic opportunity for them to test their skills with other elite teams across the financial services sector,” commented Harold Rivas, Chief Information Officer, Loan Depot.

“We are incredibly proud of their work in keeping our company safe. Their strong performance in this competition is celebrated across Technology and the entire company.”

“Somerset Trust takes the security of our information very seriously, and I have always known that we assembled a good team of security professionals.  It’s always nice to see a competition like this that hones their skills and proves our dedication to security,” commented John Ash, Senior Vice President and Chief Information Officer, Somerset Trust.