Several IT experts in small offices at Masaryk University, an old coffee machine, and a passion for cybersecurity. This is how the beginnings of our CSIRT-MU team looked like in 2009.
Over the next few years, our team gradually grew to more than 20 members, we solved hundreds of incidents, drank hectolitres of coffee, and we were constantly learning.
Still more people were getting to realize that dependence on IT makes our society vulnerable.
Our team felt the same way, and our practice was confirming this feeling. Various organisations were contacting us for professional help.
We were able to help them solve short-term problems, but there was one emerging long-term problem: the lack of cybersecurity experts.
We wanted to help solve this problem, so we contacted the National Security Agency, which dealt with cybersecurity at that time.
The result of our dialogue was an idea to create a cyber range. The rationale was simple: we will have more experienced professionals if we give them the opportunity to learn cybersecurity in practice.
Our idea transformed into the “KYPO I” research project – funded by the Ministry of the Interior of the Czech Republic in 2013.
The project team had more than 20 expert members. Of course, it sounds easy, but not everything went smoothly. We had to abandon tons of smart ideas and come with even smarter ones.
During our work on the KYPO I project, there was another important initiative – the new building of the Faculty of Informatics was under construction. Part of the new building was a large space, which should have served as a helicopter simulator.
However, this plan was abandoned, and the faculty wanted to find a new purpose for this place. This is how the KYPO Lab Training Facility was created – the future venue for many cyber exercises.
We tested our results in 2015. We organized the first Czech technical exercise Cyber Czech in cooperation with the National Security Office.
The purpose was to prepare security personnel for work under the pressure of an ongoing massive cyber-attack. We created the whole exercise in our new cyber range called KYPO.
We also received the award of the Minister of the Interior of the Czech Republic for security research for our work on the first KYPO project.
We started to work on the follow-up research project called "KYPO II" in 2016.
In addition to research, we continued organizing cybersecurity exercises. In the following years, we organized 11 exercises, which were attended by teams from the private and public sector from the Czech Republic and abroad.
Finally, we started to apply our experience from exercises in our university classes.
We have trained more than 270 participants and hundreds of students using the KYPO platform since 2015.
While these results show us that we are going in the right direction, they do not solve the problem of missing cybersecurity experts.
Although we cannot reverse this trend alone, we are convinced that it is essential to face it.
That's why we decided to make our platform available to everyone. We released KYPO CRP as open-source software in 2020.
This means that any organization can download it and start using it to create training for their employees or students.
We consider the release of the KYPO platform as our contribution to the cybersecurity community to increase the availability of hands-on cybersecurity education.
NOW and FUTURE
Currently, we engage in activities at the European level. We also continue in our research, which is focused on improving the educational experience, and we also develop our technologies.
The mission of Masaryk University is to help educate future cybersecurity experts and thus to contribute to building the cyber-secure Czech Republic and Europe.