Exercise Army Cyber Spartan - Ben Helliwell

there we go right thank you welcome to the presentation and I'm going to talk to you about some go set of there exercise Army cyber Spartans so what is this I'm in short I'm in the military happy for a few years now 24 oh come on in come on in come on in come in so I've had an illustrious career of the last 24 years I'm just literally finishing you can probably just see on the bo there at the back that's me up until about October time uh I've just spent the last few years working in the Army cyber so up in so looking after the network operations center so do I go into as

much technical depth as probably everyone else in this room I'm going to say no um but I've got more kind of higher level look at I'm having a higher level look at everything there so as well as did a little bit on the old cyber security side yes bit of governance risk compliance and Tempest and Technical surveillance counter measures don't worry if you know don't know about Tempest um Google it that's the easiest way of talking about that one and electronic warfare and on top of that as well I've got SL down as being a technical advisor at cat UK combined Arms Tactical trainer largest virtual training facility in the world so actually has quite a varied

career and oh look yeah instructure as well Mass electronics telecoms and a simulation and modeling MC to boot so that's my day by night I code I've done plenty in the background around there uh anyone heard of project Aries no don't worry I've got a picture of that later so you can have a little look at it and army cyber Spartan I've been a green team member for the last three iterations um I'll go through all the different colors later the main after this presentation is to keep it nice and low level just so you can understand what's going on so it's a good introduction I'll go run through all the colors in the color

table and PCT assistant cyber training in enironment that's the American version of what I've been playing around with so you'll get to learn a little bit more about that I did mention I did a bit of coding so good news I do a bit power apps um I created probably it now cross defense one of the largest power apps created by an individual user outside of a team and has anyone seen that up at the top what what that on the top right yeah that's right I've got a network monion tool made in Excel everyone else know you can use ping in Excel you can do a whole host of crazy stuff in there so uh if you've not made

a Monch until in Excel I don't know what you're doing uh it's good fun and also play around with a bit of game maker unity and have ran gaming service in the past so that's me yet again very varied so why we're here it's all about protecting people's data protecting your data protecting your organization's data we don't want to lose it we want to keep it safe and keep hold of it so that's what this is all about which is why we like to do these exercises it's keeps us on our game doesn't it it brings new people in and I put a little bit of a side thing on here we're very reliant on how we

protect our data with cryptog Graphics does anyone agree with that seen a few nodding heads there when it comes to cryptog Graphics it's putting a time delay on when people are going to get access to to it so just bear that in mind obviously put a bit of a Debbie down on what should be quite an upbeat presentation but just keep that out the back of your [Music] mind right so agenta what we're going to do is just have a look at a few different types of exercises so let's have a look what we do here in as civilians and then compare it to what we do in the

military so some people might recognize as books at the Top This is how just how I've to differentiate things quite a few exercisers are sitting more towards the red side why do I have more red team stuff on the side there and a number of different elements there which don't even fit on that side there's a good reason for it it's more exciting everyone enjoys things which has a bit more danger a bit more going on with it so hack the Box try hack me root me and at the bottom there I've even put a couple of Steam games on hack hacket and gray hack and gray hack yes I've put command challenge there in the

middle just because it's it's a stepping stone which if anything once you've learned all that you then probably slide all the way across to one side one which is booking the trend uh I must admit the bsides uh capture the flag that is actually probably sits on the blue side I believe so which is good to see because not many do that and the mention of project Aries uh that's a picture of it so that's a great bit of software and it's all about being a blue team member it's a bit cheesy it's very American and I believe the software license for it is 900 a month if you're looking at signing up to it so

uh maybe not quite today unless you got bit of spare change and on the end there tabletop exercises has anyone ever conducted a tabletop exercise good n of head again good it's mostly in the world of business where you'll be doing that you'll be taking out that simulation world or should we say a gamified world of things and doing it for real it in a serious kind of sense right and looking at how we do things in the military you're going to see a lot of things there could of er towards the blue side not always strictly true but for the larger exercises this is where they sit we're looking at how to defend our networks with some irritation some

poking from the red teams uh Mo does sit on that red side over there with cross swords uh but admittedly most of them are the spilling types of capture the flags which the military in the background will probably just go to and attend anyway right out of those exercises there we have got defense cyber Marvel Army cyber Spartan lock Shields and cyber flag so there's lot of different nations which get involved with them and let's move into that so I thought a good way of looking at it is just to break them down by numbers how many teams there are uh how many kind of participants people advertises there I'm going to admit I do

get quite skeptical myself with the numbers so hence the asri I'll even break down the ones for Army cyber Spartan just for ease and the number of countries who get involved in it not it's a bit of weird reflection for example because you can have a heavy number of people from one country and then just a small number from others which we'll see and the pictures below they're from excise lock Shields so a lot of emphasis on the exercise lock Shields which we'll go into in moment's [Music] view so for all these different exercises they actually need a range to run on we're not just running them on the cloud in many cases there there's

some actual tin sat there in the background so on the where is it there Army cyber Spartan side we actually have the land cyber Training Center so that is tin we actually own and I think you've got the specifications for it a few SL stand the line here so it's only that exercise and uh how best to put it uh it's only the regiment which runs it which is running exercises on it at the moment so there's that exercise and a few others which I'll mention one briefly uh in a moment's view uh in the middle there ccdcoe NATO Cooperative cyber defense center of excellence over in tan Estonia uh quite an exciting location uh Up On the Border

there with Russia and it's NATO Le it's quite an exciting place to go to and see this in action uh having you've just seen a couple of photos of it all beforehand it runs the cross SS exercise red team event lock Shields and you'll see DCM defense cyber Marvel down there well hang on that's a British exercise what's that doing over there uh but that's what it's running from and good news that little picture at the bottom that's me who took that picture because it's so popular and everyone wants to see see inside it they've literally put glass in their networks in their Network room so you can actually look through take pictures off it showing off and then on the

follow right there you've got the persistent cyber training environment which is the American system I'm going to admit I don't know how big it is they won't talk about it I'm a qualified range engineer to use it so yes requested resources from it before but all I know is that it can go pretty big it probably is the biggest out of a lot and even though they only say they have 24 teams on it who knows how big it can actually get so on to Army cyber Spartan it's a 5day exercise where either Personnel will come in to the excise area itself or they can actually remote on in so that's quite important that we've got

everything set up in the background there that there's enough bandwidth and there's enough capabilities sometimes we'll even send laptops out to the teams themselves just to ensure that uh everyone can participate and connect uh the main a of it is to be realistic and challenging so we take real world offense and actually should we say trans transform them into something which looks like an exercise which I don't know in the world of capture the flags how well people might actually be able to do that dry ma uh I've not really mentioned this but there's a regiment which runs it 13 signal regiment uh anybody knows this is the single cyber regiment for the United Kingdom and they're the ones who've been

given the budget the authority to run [Music] it and here we go sorry and then there's pre exercise itself called Army cyber Centurion uh it's a really good idea of doing this in all those days is uh yeah with army serber Centurion it's a fantastic exercise where there's literally three months beforehand they get given the training material and it's self-paced where they'll open up different scenarios over those months it means that individuals can take part it means that people can do things in groups and therefore get prepared for doing the actual exercise uh there's also recommended courses to do in the background on top of this which means that come on Spartan they're all ready and prepared to go on the

day and that just says what it says up on there or says what it does what it says on the T should to say many words highlighted to attract assess advice and educate Personnel we want these people to be ready we want them to be able to go out there and recognize things when they go wrong and be able to react and respond to them noting that people actually come on this exercise not all them have a role within cyber so it means that anyone even from the Infantry can come along to this event never mind if they've got Communications or IT

background so looking at the actual history of it where has this excise even come from who developed it uh originally we had the Army cite of Spartan who got together and they went right uh uh right so we want to put something together uh so that we can actually send people uh on exercise lock Shields so how do we test people make sure we're sending the best best ones the best team and so for the first couple there they got kinetics involved on the main contractors and that that was just a small can test little teaser just to make sure it all did work uh come ACS 3 they're able to up the number of team members there from 5

to eight um as they gained a bit more confidence interestingly a lot of personnel from 13 signal regiments even though they hadn't quite been formed yet were part of this team here who helped build and put all this together in the background uh and they were actually absorbed into the army cyber Association uh it moved over from Kinetics delivering it supporting it to just literally supporting supporting role as green members took over and come acs4 we actually got to this point this is where I joined the team mind where it was actually on par with exercise lock shields in terms of capability so that's that's just showing you how far it came so you look at all

that uh SCAR H everything else they had involved we're actually up there with them we actually had this at this point uh noce of course come number four we had a slight change of in who was managing it we took out kinetics and Deo offered at the best contract and also with another small firm known as C beer doing most the actual heavy lifting uh because of the success of Asis 4 it actually became an army output it actually got signed off fully budgeted which meant new hardware was actually brought in for it and the Army cyber Association was actually pushed out to one side and the test was given to 13 C regiment to actually host

and run it from here uh and this is actually where DCM was born from because these people from the Army cyber Association strangely enough they wanted to keep doing cyber so they set up defense cyber Marvel they have a different funded stream different people running it and it's actually quite a good successful exercise to this day you might now ask yourself okay so we've got these two different exercises run by the British army what's the point in that well actually is that not a good thing that we can look across from army sers spon and go yeah DCM uh they've done this well we can do that but better and then they can look across when we

run our exercise and go Spartan actually we can do that better so it keeps almost in constant competition off a bit of friendly kind of banage should we say which means that we've got two exercises and we're holding each other to account and we're seeing who can we're trying to elevate things rather than actually compete I think that's probably the best way of wording that moving on to acs5 that was the first exercise done after the Handover so that was us finding our feet as regiment it was a new regiment at the time so it needed time to actually soak in should we say uh come ACS 23 we changed the number in same thing should we say uh and yeah

you've noticed there we've kind of hovered around that 23 24 Mark of a number of teams uh we've actually then since had a bit a hardware uplift actually being able to house the hardware properly beforeand it was actually sat on the garage floor in racks so not good for the equipment and I said part of that formalization process actually housing it and we actually then got rid of the other contracts in the background and just got one in so CeX are running it uh in short it means that just one company taking bit a slice of the pie should we say uh we've actually instead of paying two people it actually leaves us money for

doing more things so as a taxpayer you get more value for

money I did say just for those here uh I'm just going to keep it nice and low level uh is anyone not familiar with the different colors on the circle this quite a few little knots that's good this is why it's here just we can actually explain it and there's probably a few differences here to how you might look at the color circle as to how those in the backgrounds have actually looked and implemented it uh starting down towards bottom there we've got the blue team blue team everyone's probably happy with blue and red teams in that your blue team here you're the heroes you're the Defenders of what's happening and the red team are

there to actually uh try and get into the network try and infiltrate it or at least try and poke holes which then helps out the blue team in learning how to actually do things uh going back up a bit there was the purple team uh purple team is almost like a mix of blue and red and depending on your view on it is probably down to the description so yeah we've got down as integrate defensive with offensive results but uh I'm going toit we've had purple teams on the exercise before in where we actually set up honey pots so an interesting thing to set up and that was where before we automated red teams and actually had attacking red teams the

main point of that was to trick the red teams into thinking or at least seeing how long it took them to realize they weren't attacking an actual blue team they' actually got themselves trapped against an AI SL a bit of ml so something a bit different bit interesting so I don't know if anyone's worked with any kind of Honey pots before uh that's something a little bit different now Green Team I don't think everyone lumps everything into the green team which we do so the green team we consider the Architects uh they're the ones who to build the exercise so a lot of design building and a lot of integration with the other teams and

bringing everyone together so that might not normally be done by a lot of green teams but that's just how we run it uh followed by the yellow team these are enablers and let's be honest they're almost the red team aren't they what what do they do they're the ones who let all these nasty red teamers in they're the ones who answer all these emails and ring up with all the problems so admitt the other team don't seem to get as much uh I I don't know a lot of people on these exercises I don't think they realize what the role of the Y team is sometimes they see them as being involved in the scenario but in

reality they're there to let the red team in and to help them cause a bit of chaos and orange team we've actually we class that as training but we've absorbed that underneath the white white team Banner so I have put next governance risk compliance in reality think of the white team as referees they're the ones who are going to adjudicate and do all the marking scoring and make sure everything's run [Music] fairly so if you just have a look down there I did say earlier that I was going to do a quick little breakdown of numbers so if everyone notices there green red and white those are very low numbers considering the scale and size

of it they're actually a lot lower than all the other different exercises mentioned earlier but when it comes to Yellow team that's probably on par that's the reality of it it takes a lot of people to make things happen to replicate actual users in the background you have a lot of teams a lot of participants you need a big yellow team to make that happen and blue teams that's that's where our numbers actually come from so even though I put 400 at the start that's in reality what's happening and The Observers additional roles yeah there's a lot of people who end up coming in especially I'd say more on the Observer side than anything else CU

people are interested in what's going on and they're looking for the metrics themselves uh probably another of the big takeaways of this slide here is that we've automated an incredible amount of things we've automated a lot of the scoring uh number of times I've seen on other exercises the people doing the white team how much time do you hear them sucking air through their teeth going I'm not happy with that I'm going to dock them points I don't know if has anyone ever seen that just just me then fine uh but that's something I've I've seen in action with the red team we've also had someone who for example went right I'm looking after three blue teams I'm going

to annihilate them and then they went up and put on some custom code on the server and actually took out the server that's not an exercise what is that so we've made it fair the red team events are all synchronized to take place at the same point the point of the red team is to facilitate the blue teams and their actions and if the blue teams do shall we say some defense which is a little bit oh they've changed an IP or a port address instead like that's stopped that stopped the red team the people are on the red team are they looking going no that's not going to stop us we'll just adapt the attack so that it does get

round it you've delayed us by a minute that is all so the red team is still active butto said it's a more consistent approach and because of a lot of this automation it reduces the numbers quite heavily I'm going to Adit blue teams already mentioned quite a bit about these uh the key thing here is actually the number of enclaves they're looking after we've got government military and education so we've simulated these and the effects within them so what kind of servers they're looking after uh so for example in the government area they're looking after drones uh in the government area they might be looking after a power plant or large um large set servers with some

Scara uh or what's it some airon systems as well which they're trying to protect and the education it's going to be like a Wi-Fi network um just small scale servers so the idea is that as you move through these here the levels of protection are going to be slightly different as well as to what's already set in place and therefore they need to decide how they're going to best defend them from [Music] there and at the bottom there there's a bit more a repeat with they identify Talent upscale at scale and the key thing here which is probably a bit new is we don't want to be elitist we want to train people in what they're doing we

want them to be good at this we don't want to scare them off so that is the main point of that now the yellow team they actually have a little bit more to do than just actually conduct the scenario it he's writing in the first place so we've got to develop a little pack for them and we refer to it as a road to war it's very similar to what we actually do in the military we go off and build people up we give them the background as to what's going on we prepare them for it if we send people out in operations they need to know what they're actually going to see and hear

and do when get there so that's what a road to war does it brings them up to the right kind of place where they need to be uh next on this there ion so nothing you have heard of before in short we use a bit of software which repli replicates and represents the internet yeah that's right the internet so it's Just sh a terabyte in size and think of it as people still need to look at things like social media uh say Facebook Twitter that kind of [Music] likes I'm not doing well with this coughing in his throat am I they'll teach me for talking all day and if people can actually represent what's going on on social media that's another

angle the blue teams actually have to look at in how they and when they're defending the network there's some breadcrumbs there which allows them to see and give them a hint as to what's coming so if a threat actor which they know about says they're going to do something say and actually post uh say that they've defaced a website they can actually go in and check so that's what the real world does bit soft like mandant draws your attention to areas you need to get [Music] to uh just to round it off we actually have a daily intelligence brief so at the start of the day they will actually get briefed and I did mention the

different enclaves so with that brief they'll actually get told what is the priority of the day to protect and that ties in with the score in two if they're told that the government's Network needs protecting at all costs that's what they will have to do that day and that's if anything a hint as to where to concentrate their efforts and just what it says on the tin there uh yes we use volunteers everyone happy that a volun definition of a volunteer is someone who misunderstood the question so make make sure you're all aware that uh if they're not volunteers then obviously volunt told so here's what some of that rot to war looks like the idea is just to give them

enough detail as to what they're doing where this is based where they're going to in the theoretically theoretical area uh just the main buildup uh don't concern yourselves too much with the detail but as you can see here offers them a nice little timeline and builds a little bit of a story up to it so the white team I think we've actually covered quite a bit of this already so they're looking at what what we actually getting out of this exercise so they're dictating right this is what we're actually going to do for it and I'll then delegate that to the yellow team to right up the scenario from there already mentioned track the score and management

of events good news I'm going to show you some of that in moments few and I've got mention there for Defense League load a league Anderson we refer to them guess what if we do things on here we need to make sure that you're legally allowed to do it if it isn't then guess what that's that's a problem that's a problem even within the military as it should be for anyone so that's a good thing to track if anything right let's have a look at some the scoring system so that's just a typical print out from one the phases of an exercise and if you look along the bond there it's actually got readout as to what

those bits what those different colors mean so good news there's actually different ways to score it's not all about just defending the network in some cases it's how you report on it so if you then notice some tax going on but you can't do anything about it you can actually put in a tack report and say right I know something has happened this is the results I'm seeing I don't know how to stop it but this is the process I would go through to try and do something about it or the chain I'd go through they get points for that if they can actually solve the problem as well and stop the attack great that's

brilliant they get more points and you'll notice there there's a bit of yellow there restore from back up uh normally that's associated with the firewalls so the number of times people lock themselves out of their own firewalls is is rather embarrassing uh typical exercise on day one will probably see about four admittedly the new way we Nar in our exercise I think we saw one on the last exercise so it's actually getting a lot better so we think we've actually improve the training to a good yeah to a reasonable standard to stop that happening which i' say is pretty good it's funny but it's good that they don't do it uh notice as well in there you've got

the availability of the system so that's with uh just how it's monitored in the background if there's access to a system it literally just ticks up with points that's another thing the team can manage by sometimes keeping track of their own scores and if they if their score starts dropping they know that uhoh we've done something or there's something which has gotten through so in some ways they almost get a little bit of a hint just from that

alone so we're not just concerned with looking at the different teams we're looking at actually breaking it down by actual users that's quite handy to see isn't it we're looking at how we're going to attract talents we want to know how well people have done does this do that 100% though uh this is the problem it depends on the role that person is playing as to how well we can see that they're doing in some cases you can look in the middle there blue team 12 we can see that chances are they're looking after the firewall and they've had to do a reset on that firewall so that poor person they might have never done firewalls before but

they've been put on it and it could be that blue team using 12 at the end also had to quit go on that or had to restore a backup from somewhere else uh I've seen it before where um it's not just military take part in this exercise we actually had uh we've actually had the police force take part and they decided to put uh a team leader in charge they didn't touch the system at all they were literally just managing the team managing the roles and managing the decisions so they didn't score any points but it didn't matter their team did really well because of how was Project managed so this is it how do we how do

we Mark that how do we actually quantify that in I said it's more qualitative than qu it's difficult so even with this scoring system here we can tell overall how well a team is done but it's still difficult to work out how well an individual has done it's yes answers on a postcard if you do know and from the from the S lines this is how we can actually watch what's going on uh each and every different system is broken down so we can watch it as it goes green Amber red and we can watch it all over time so we can see during those phases how well people are tackling all these different systems it also means especially on that

green team side if something breaks as well we can actually go well hang on a second we we need to fix that if it's our fault we'll put hands and go oops sorry uh for those got the end of the screen there for those didn't know for what ha track WS hating ventilation and aircom scarda supervisory control and data acquisition uh that's where you've got say a computer system which controls something else so for example in a power station you might have a bit of Scar there monitoring temperatures and making sure something stays within ranges if it gets too high it might then trigger something else to actually help it cool down if it's getting a bit too cold it

might then trigger a heater so that's what you scarer does in case anyone wasn't wear and just a slightly Nic of view this is a little bit easier to see it and you'll notice the slider right at the top there so we can slide it along and go back and see how people scores varied at the same time it's just nice to seeing it side by side so it's quite nice to have it it's good it's visual it's a good visual tool as to how we track what's going on

oh oh good news I've covered most of this probably new information there is at 1 to three ratio so each rting member is going to Mentor three blue teams does that sound wrong to people Mentor red team an attack and mentoring a blue team three blue teams that's almost what they're doing yes they're conducting the attacks but come the end of the day they're actually going to sit in with each of's blue teams and go right let's go through what we did today they're not going to give them all the ansers because some of those attacks might still been used the day after but they'll tell them what they did right and what they did wrong and

this is part of that development phase within it and the red team they're of course going to walk over to the white team and go by the way we've just done this oh this blue team's doing this do you want to check in with them and they'll also help in determining what the scores are going to be in case there is any kind of fudge factor in there but that's in kind of extreme cases [Music] and at the end of the week uh they do give them a full breakdown everything which went right what they actually did what went wrong and even better the end the exercise the range gets reset the blue team still have access to the range

and can go back complete the scenarios again without an active red team actually even fighting them which I can't think of any of the Rangers which do that so they can then see their own scores so they can actually then see their score from before and they score afterwards and see if they actually improved and these rting members actually keep in touch to tell them what they've done well on or they can ask them questions if they struggled on something as well phenomenal now Green Team this is as I've mentioned previously this is where I've been involved and most job is actually once the architecture is built or as it's been built we actually need to keep

touch with a lot of different people and that might seem a bit strange in there I've put Academia I keep in touch with Academia they're actually quite interested in how we do things not in terms of just a big style exercise but in how the military actually work as a team so how does a military blue team work what are those social dynamics in there so that was just one of the Master's projects which was done by a certain University and they're actually looking at see if can do more mass projects from that it's quite interesting and it's actually you've seen some of the metrics already there's metrics available and there's people to talk to and the military so we can just

tell them what to do we can tell them to stay there and answer the questions it's [Music] great now contractors can be controversial mentioned contractors mentioned some at the start there uh let's be honest in the military the idea is that we actually go off redeploy and do something it's always cheaper to have a contractor doing a day job than it is for a military person and in some cases you almost need two to three military person Personnel to do the job of form contract because of the other things which a military person has to do they actually spend 50% of the time going away doing physical education or phys physical training there's other courses

and everything else on top so we actually have a bit of continuity by using these contractors which helps so you again that's actually value for yourselves again as a tax fa another point of what the green team gets up to we've got a technical service desk I've actually put some of the stats on the bottom there for those interested not going to talk through them but this is it we also look after those technical issues which take place uh say if it's not a scenario based sometimes we do get phone calls is this part of the scenario or not and uh we've got to be very careful as to how we answer the questions might sometimes

have to engage with the red team just to make sure we're not giving anything away right I'm going to admit this was my main job as part of the green team so I did a lot of the engagement piece because guess what the blue team need to know what's going on they need to know how to connect to the network we've actually got to train them how to connect to the network because there's a few little special things they need to do to get on there we don't make it easy for ourselves of course and so that that engagement with the white team means that we can send out the training material along with all

the used credentials for them to log on we need to make sure they have got the right equipment to be able to do that in the first

place so I'm going to run through some of these Green Team tasks not all of them yep I will indeed so I I did mention i' put the stats there you go oh oops in fact hang on uh sorry we had an upgrade Let's uh let's move let's up those stats so notice there it's a bit of a beast of sof it's a bit of a beast of a system it's not really a server it is a software defined data center it's pretty big there and we can have this is why we can have up to 32 teams on it now just so you got an idea what when to talking about enclaves what was going on

about so in short we set up almost like a mini internet on there and that gray net service at the top that is more or less what I'm talking about there as being that internet kind of piece so I did mention three early but of course there's a sock Enclave as well which they do things from gamet Services that's I'll get the Automation gamet Services right when you put together a system of any sort just like here you need to make sure you're protected from what you're doing you wouldn't start running red team stuff on your own laptop would you you just like in here if you've got shark you put it in a shark tank but you then don't out sit

there in your scuba gear having dinner with the shark so that causes problems so we put it in a separate tank don't we we like to keep it separate we sit outside there and we divide divide and if not Define it as out of game and ing game areas so how do we do that actually use something known as a jump server so any commands given from the outside uh get transferred to the inside without any repercussions back into the real world that Shark Tank if you want a lights gone in there you control it from outside you don't put the light switch in the tank and on and off from in there do you you want to do it separately and

so that's how we actually run all those commands separately from outside without impacting what's going on in the real world we don't want the malicious stuff getting out and there's a list of some of the software which is used [Music] throughout right one thing I've not mentioned is how do you run this five day exercise I will give and I'm going to do this in 60 seconds right that day one the red team's attack him but they're told to literally stand back and just observe they're there to learn and decide how they're going to best protect the network before then everything starts iterating and getting a little bit harder and then come day five that's

when they actually get a bit of a chance to attack back within a legal framework now that's ACS 23 what did previous exercises look like we were horrible to them very first exercise I saw this going on it's like how are people supposed to learn from this how is this helping them develop I don't think it was so over the years we've actually iterated and if anything would say we now have a better product because of it and if anything that then fits in with a attract assess advise and educate so R say not there talk a little bit about Army cyber Spartan uh my question to you to think about and take home with you homework how are you going

to conduct cyber security training within your team so hopefully some of what we do you're either already doing or that might actually help you decide how you might want to run an exercise in the future or train your team so right other than my very dry throat uh that's going to be me now stopping talking so very much appreciated for your time thank you very much much