War Games: Unisys Unveils Threat Simulation Service To Help Clients Manage Cyber Security Attacks

Unisys has launched a cyber resiliency practice that simulates real-world threats to help businesses and government entities identify pain points and create a crisis game plan.

The Blue Bell, Penn.-based company, No. 19 on the CRN Solution Provider 500, said it has adopted the U.S. Department of Defense's cyber war-gaming methodology for use by business and government clients. Under Unisys' supervision, clients will undertake a simulation where they'll attempt to keep their business up and running while dealing with operational and environmental condition changes.

"It's eye-opening for clients, especially that first day, but we leave clients in a much better position," Tom Patterson, Unisys' chief trust officer, told CRN. "We're 100 percent effective in demonstrating stuff they had no idea was possible."

[RELATED: Unisys Appoints New Chief Marketing Officer, Aims To Boost Its Security Marketing Message]

id
unit-1659132512259
type
Sponsored post

Unisys expects its cyber resiliency services will be most appealing to government agencies as well as industries dealing with critical infrastructure such as banking, energy and electric power distribution, Patterson said. For all clients, Unisys quickly identifies the most likely, most dangerous and out-of-the-box potential challenges to the clients' operations.

"The more critical the sector the business is in, the more we're seeing demand," Patterson said. "Critical infrastructure and government are becoming more intertwined going forward."

Savvy clients have increasingly shifted their focus from preventing attacks to being able to withstand an attack and keep vital systems going, Patterson said. Pretty much every vertical needs a system that's resilient to attacks and is capable of dealing with the fallout.

"It's really a fool's game to say you're going to be perfect at your security,'" Patterson said. "Everyone is interconnected."

After the gamification piece, Unisys and the client dissect the incident response process through tabletop exercises. These discussions will touch upon the role the legal and communications team play in the incident response, Patterson said.

"Responding to an incident is much more than technology," Patterson said.

Finally, Unisys will work with the client to create a bound playbook detailing who's responsible for what in the event of a cyberattack. Organizations should rehearse their game plan quarterly to ensure roles are reassigned in the event of employee turnover, Patterson said, with Unisys re-running the simulation annually to test out new threat vectors and make recommendations on updates to the playbook.

Unisys offers three resiliency services options, Patterson said. The base package includes the simulation and can be procured for a smaller one-time payment, while the mid-level package entails a larger payment for the time associated with creating a bound incident response playbook, Patterson said.

The highest-level package can be procured as a long-term subscription service offering, and ties the client into Unisys's cyberintelligence center in Augusta, Ga., where the solution provider will provide monitoring for changes in the client's threat or risk profile. Pricing for each service level will vary based on the complexity of the client's infrastructure, and isn't tied to the size of the client's workforce.

Some boutique security firms employ people that are good in the cyber resilience space, but Patterson said Unisys stands apart in its ability to deliver high-quality cyber resilience services across the globe. While many large systems integrators have cyber resilience elements in their portfolio, Patterson said putting it all together into a unified offering, and incorporating gamification, makes Unisys unique.

"We find ourselves ahead of the game in that space," Patterson said. "We like our position."