For the defenders, the cyberbattle will not be divided into phases. Rather, throughout the cyber exercise, their main task will be to identify and investigate the attacks caused by the red teams.
For the defenders, the cyberbattle will adhere to the following schedule:
—May 22 from 10:00 a.m. to 8:00 p.m.
—May 23 from 10:00 a.m. to 8:00 p.m.
—May 24 from 10:00 a.m. to 8:00 p.m.
—May 25 from 10:00 a.m. to 8:00 p.m.
From May 22 to May 24, the defenders should
identify and investigate red team attacks and submit reports. Teams
participating in response mode should also try to stop the attackers.
On the last day of the cyberbattle, May 25—during the playoffs and play-in period for the red teams—the defenders will be have the chance to finish filling out their reports for the previous three days.