City of Newcastle enhances operational performance with HTB

Their story

Located off the coast of Australia, the City of Newcastle is the second largest city in New South Wales, home to more than 174,000 people. Known as a hub of culture and creativity, the city is driven by a mission to cultivate a secure, sustainable, and liveable community.

Central to this vision is a commitment to safeguarding the city’s expanding digital landscape, ensuring Newcastle remains secure and innovative in the face of rapidly evolving challenges. For government organizations like the City of Newcastle, these challenges are growing both in frequency and complexity.

Unfortunately, as digital technology becomes increasingly integral to daily life, cyber attackers continue to exploit vulnerabilities to disrupt critical operations, steal sensitive data, and threaten public safety. To address these risks, Newcastle has assembled a skilled team of Information Technology and Cybersecurity professionals, dedicated to protecting essential services, critical infrastructure, and the city’s thriving economy.

Their goal

Nathan Taylor, Cybersecurity Manager for the City of Newcastle, leads a skilled team that plays a crucial role in safeguarding the city’s digital landscape. Together, they oversee the implementation and maintenance of internal security measures, manage daily cybersecurity operations, and provide essential support and guidance to ensure a cohesive and effective defense strategy.

Under Nathan’s leadership, the team focuses on two key priorities: fostering a cyber-resilient community to minimize security incidents and strengthening readiness to address potential threats while reducing downtime. Recognizing the importance of alignment with the city’s broader security goals, Nathan worked with his team to create annual professional development plans, ensuring that their growth directly supports the city’s evolving cybersecurity objectives.

“Investing in learning allows us to achieve better results, make smarter decisions, and improve our performance, helping us reach our shared goal of excellence in cyber security,” Nathan said. “For myself and my team, staying up-to-date helps us develop our skills, encourages innovation, and creates a positive, supportive culture at the City of Newcastle.”

When he began his search for educational resources his team could use to support their professional development plans, Nathan discovered the number and variety of platforms available were not just overwhelming, but often outdated and unrealistic.

“We wanted a solution that offered real value - not just in cost but in practical, real-world impact,” he said.

Initially, his team used multiple platforms, but after a close evaluation of each provider, Nathan realized HTB offered the most complete and effective solution. 

“Hack The Box fits the bill by offering focused training that matches our team’s goals,” he said. “The hands-on approach and how well it fit our team's needs made it the better choice to help us build a skilled and proactive cybersecurity team.”

Their solution

After making the switch to a single learning resource, the City of Newcastle cybersecurity team quickly integrated HTB into their individual development plans, empowering each team member to concentrate on their career goals and interests while maintaining alignment with the organization’s goals and mission. 

HTB's controlled environment provides a safe space for team members to experiment and sharpen their skills without the risks posed by live systems. Given their frequent work with technologies like Linux and Windows, the team prioritizes hands-on practice with vulnerabilities such as SQL injection, cross-site scripting, and remote code execution. They also emphasize content focused on web application security, network security, Active Directory, privilege escalation, and exploit development.

“The platform gives us the tools to handle issues like securing critical infrastructure, protecting sensitive data, and meeting compliance requirements,” Nathan said. “By offering real-world scenarios that reflect public sector complexities, HTB keeps us prepared to adapt to new threats and improve cyber security within our organization and the wider government industry.”

In addition to prioritizing content relevant to the team’s day-to-day responsibilities, Nathan noted that Hack The Box played a crucial role in identifying where previously unnoticed skill gaps existed in advanced exploit development and cloud security knowledge, which has allowed his team to address the gaps with targeted training.

“HTB has helped us tackle the unique challenges in the government sector by providing up-to-date content that's relevant to our needs,” he said. “They regularly update their content with new exploits and real-world scenarios that reflect the latest vulnerabilities, allowing our team practice with the newest exploits and gain experience in spotting and responding to emerging cyber threats.”

Their success

Before adopting Hack The Box, the City of Newcastle's cybersecurity team relied on limited and fragmented resources, which primarily focused on theoretical knowledge. The introduction of HTB has since transformed their training approach, enabling the team to consistently practice and refine skills in real-time scenarios. According to Nathan, this shift has significantly improved incident response times and enhanced offensive cybersecurity capabilities.

“HTB's practical Labs have further accelerated the team's ability to evaluate and implement new proof-of-concept vulnerabilities and exploits, saving valuable hours and advancing their overall knowledge and capabilities,” he said.

This emphasis on real-world applicability has not only improved the team’s technical skills but also enhanced their ability to apply newly acquired knowledge in practical settings. By bridging skill gaps through hands-on learning, HTB has enabled the team to set clear performance benchmarks, boosting operational efficiency and ensuring training initiatives stay relevant and impactful.

“HTB has greatly improved our team's ability to create clear, professional threat reports. Their focus on practical exercises has enhanced communication skills, allowing the team to make precise recommendations that connect with both internal and external parties,” Nathan said. Adding to this, he mentioned “This makes our reports more impactful and helps bridge the gap between technical insights and actionable steps, leading to stronger collaboration with IT teams and a more secure environment.”

Additionally, the alignment with key industry frameworks has been strengthened, streamlining compliance efforts and ensuring training meets the specific requirements for specialised roles.

“HTB has given the team the tools and experience to make informed decisions, improving our day-to-day threat detection and response capabilities,” Nathan said. “When conducting security assessments, the team now provides more robust recommendations aligned with industry frameworks like OWASP and NIST. 

As the team continues to work through Labs, Machines, and other content on a nearly daily basis, Nathan frequently checks the engagement and industry framework reporting within the HTB platform to see his team’s professional development in real-time. He says these reports have encouraged the team to meet their goals and set clear performance expectations, which is valuable in building professional ethics and meeting government expectations.

“HTB has become a key tool for developing skills and fostering a high-performance culture in our team,” Nathan said. “We appreciate the commitment to continuous improvement by listening to our feedback and enhancing our experience, making them a key part of our training strategy.”

LET’S TALK

At Hack The Box, we love our global hacking community and we strive to support other communities all over the world as we continue working toward our mission to make cybersecurity training accessible to everyone - and we’d love to do the same for you. Get in touch today to see how we can help.

Products Used

HTB Capture The Flag Competitions

• Customizable, fun-fueled tabletop exercises for hands-on skill development

• Realistic challenges to improve identification and mitigation of security issues

• Assess performance, skills, and effectiveness of teams against industry standards

• Enhance problem-solving skills and ability to think creatively

HTB Dedicated Labs

• Private cyber range replicating real-world threats to reduce detection and response times

• 24/7 access availability allowing teams to upskill and test anytime without disruptions

• Weekly content updates to maintain alignment with current cyber trends

• Detailed insights into team performance, skill gaps, and individual progress metrics

HTB Professional Labs

• Assess the performance, skills, and effectiveness of cyber teams against industry standards or best practices

• Improve workforce skills with advanced enterprise infrastructure activities inspired by the latest TTPs and technologies

• Conduct risk-free real-world exercises and practice penetration testing techniques to improve response to emerging threats