By Tina Meketa, University Communications and Marketing
The Rapid7 Cyber Threat Intelligence Lab at Թϱhas secured its largest federal investment since its launch earlier this year. The Office of Naval Research and the National Science Foundation awarded Թϱand , a leader in cloud risk and threat detection, a $1.5 million grant to conduct research into effective ways for training cyber operators.
Թϱresearchers will work with Rapid7 cyber analysts to create mock-up scenarios that reflect challenges found in real-world security operations centers, and Թϱresearchers will gauge how trainings based on these scenarios improve decision-making capabilities in the face of agile adversaries.
“Replicating realistic attack scenarios an analyst may face in operations is a critical aspect of this research, as it allows us to uncover effective training methods that eventually will matter in the trench,” said principal investigator Xinming Ou, USF professor of computer science and engineering. “Our partnership with Rapid7 is instrumental in making this research vision possible.”
Ou is closely working with co-principal investigator, Professor Daniel Lende from the ԹϱDepartment of Anthropology. Ou noted, “Cyber operation is essentially a human activity and I am extremely fortunate to have Professor Lende on the team so we can adopt rigorous human study research methodologies. It also highlights the multidisciplinary nature of the USF-Rapid7 partnership.”
In February, Թϱannounced its partnership with Boston-based Rapid7, which provided a to establish the Rapid7 Cyber Threat Intelligence Lab. In addition to catalyzing collaborative research efforts, it also provides Թϱstudents the opportunity to receive hands-on cybersecurity training.
“The best way to learn in a security operations center environment is to get first-hand experience with threat actors’ tactics, techniques and procedures,” said Raj Samani, senior vice president and chief scientist for Rapid7. “By partnering with Թϱand sharing our threat data and expertise, we intend to help this initiative’s stakeholders and the greater cyber community make significant strides in this area.”
The Office of Naval Research is a branch agency within the U.S. Department of Defense. The National Science Foundation is an independent federal agency that supports science and engineering in all 50 states and U.S. territories. Its mission is to promote the progress of science, advance the national health, prosperity and welfare, and secure the national defense.
"The USF/Rapid7 project is unique in that it uses real-world cyber threat data as the basis to derive scenarios to drive cyber training research,” said Victor Piotrowski, lead program director at the NSF. "This type of experiential learning holds great promise to expedite the workforce development urgently needed to secure the nation's cyber infrastructure."