RangeForce, a cybersecurity upskilling company, has introduced the Defense Readiness Index (DRI) to help organizations assess and enhance their cybersecurity capabilities. The DRI is integrated into RangeForce’s Threat Centric platform and aligned with the MITRE ATT&CK and D3FEND frameworks. It measures an organization’s readiness to respond to cyberattacks and provides cybersecurity upskilling based on training from the United States Department of Defense and NATO.
Maintaining strong and effective cyber readiness can be a challenge for many organizations. The latest Cisco Cybersecurity Readiness Index revealed that over half of organizations fall into the beginner or formative category, with only 15% considered mature in terms of cybersecurity readiness. The report also highlighted identity management as the most critical area of concern, with 58% of organizations falling into the formative or beginner category. Additionally, 56% of organizations ranked low on the readiness spectrum for network protection.
The DRI is designed to pinpoint weaknesses in an organization’s cybersecurity capabilities, allowing them to identify skills gaps and implement strategic recommendations to address them. It also provides objective metrics to senior management, offering visibility into the strength of their cybersecurity teams.
Organizations are ranked on a scale of 1 to 5, with each ranking having its own set of controls and practices to assess defensive teams’ competency against cyberattacks. The DRI provides insights into demonstrated skills, the ability to detect and disrupt threats, collaboration on investigations, skill gaps, and associated costs.
A roadmap within the DRI helps organizations focus on acquiring the necessary skills to move up to the next level or maintain their current level as the threat landscape evolves. Assessment and reporting mechanisms are enhanced to enable businesses to measure their progress.
The DRI builds on collaborative work with the US Department of Defense (DoD) and NATO. RangeForce worked closely with NATO, which conducts the largest international cybersecurity exercises globally and defends against nation-state level attacks. However, even NATO teams required practice using real tools in real-time and under stressful conditions. RangeForce developed customized training to reveal skills gaps and areas for improvement, and then scaled their platform to provide the same benefits to all organizations with the launch of the DRI.
Based on the results from the DRI, teams are provided with a tailored training plan from RangeForce’s library of over 1000 on-demand training modules. For example, if an organization aims to achieve a DRI level of 4 but struggles to appropriately deconstruct malware to mitigate threats during a team exercise, they will receive a curated training plan that focuses on different malware deconstruction techniques.
Overall, RangeForce’s Defense Readiness Index aims to help organizations measure and improve their cybersecurity capabilities by identifying skills gaps and providing targeted training. By aligning with industry frameworks and drawing on collaboration with the US DoD and NATO, the DRI offers a comprehensive approach to enhancing cybersecurity readiness.