Commvault has entered a deal with SimSpace offering customers a way to learn how to react and respond to a cyberattack in a simulated environment with training exercises.
SimSpace produces such environments, called cyber ranges. These are hands-on virtual environments – “interactive and simulated platforms that replicate networks, systems, tools, and applications. They provide a safe and legal environment for acquiring hands-on cyber skills and offer a secure setting for product development and security posture testing.” A downloadable NIST document tells you more. The deal with SimSpace means Commvault is now offering the Commvault Recovery Range, powered by SimSpace, which models a customer’s environment and simulates a cyberattack.
Commvault CSO Bill O’Connell said: “Together with SimSpace, we are offering companies something that’s truly unique in the market – the physical, emotional, and psychological experience of a real-world cyberattack and the harrowing challenges often experienced in attempting to rapidly recover.”
By “combining SimSpace’s authentic cyberattack simulations with Commvault’s leading cyber recovery capabilities, we’re giving companies the ability to strengthen their security posture, cyber readiness, and business resilience.”
The main idea is to prepare cyber defenders to respond effectively when an attack happens. By going through cyber range training, they get:
- Hands-on attack simulations with defenders working in “hyper-realistic environment that mirrors their actual networks, infrastructure, and day-to-day operations – complete with simulated users logging in and out, sending emails, and interacting with applications.” The defenders face attacks, like Netwalker, that can be challenging to detect and “forced to make decisions and execute strategic responses under pressure as the clock is ticking.”
- Exercises with no-win recovery scenarios and learning “the hard way the importance of validating backups, cleaning infected data, and executing swift restorations.”
- Drills that bring disparate teams together with CSOs, CISOs, CIOs, IT Ops, and SecOps working together to emerge with a cohesive strategy for handling crises and restoring core services swiftly.
We should think in terms of training exercises almost akin to military war gaming, with attack scenarios, response drills, and ad hoc groups of people brought together in a reaction team so they can understand their minimum viability; the critical applications, assets, processes, and people required for an organization to recover following a cyberattack.
Recovery exercises include using Commvault Cloud for threat scanning, Air Gap Protect for immutable storage, Cleanroom Recovery for on-demand recovery testing, and Cloud Rewind to automatically rebuild cloud-native apps. Commvault says these components enable defenders to recover their business without reinfecting it.
Phil Goodwin, research VP at IDC, commented on the Commvault-SimSpace deal, saying: “This is a huge advancement in modern cyber preparedness training.”
Commvault and SimSpace will be showcasing Commvault Recovery Range during RSAC 2025 from April 28 to May 1 in San Francisco at the Alloy Collective. You can get a taste of that here.
