Traditionally, network defenders review only fragments of information to help understand what is actually happening on their network. It can be extremely difficult and manpower intensive to simulate the entire network in order to look at potential courses of action, defensive maneuvers, and force on force scenarios. Current cybersecurity exercises allow defenders to play against each other, but the exercises do not cover all of the possible scenarios that could occur on the network. Each day, the number and complexity of new threats grow, and it becomes harder and harder for network defenders to keep up with current cyber operational systems.
Generally, companies and organizations work cybersecurity related issues independently. When they do share information, it is usually through industry or government policies and frameworks for facilitating the sharing of cybersecurity related data. The traditional practices for sharing information are not sufficient to handle the volume or the speed of the attacks. It does not allow companies to fully leverage the manpower available to actively defend within a network, nor among networks fighting to defend a sector, multiple sectors, or a nation.