building cyber warriors - itea · cyber warriors . need to share whose got your data? 2011 gtri...
TRANSCRIPT
![Page 1: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/1.jpg)
Building
Cyber
Warriors
Jeff Moulton, CISSP, PMP Director, Information Operations
and Program Development
![Page 2: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/2.jpg)
Pentagon Cyber Strategy
![Page 3: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/3.jpg)
Building Cyber Warriors
2011 GTRI Overview - 3
![Page 4: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/4.jpg)
• Historical context
• What’s worked
• What hasn’t worked
• How do we get where we want to be
Overview
![Page 5: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/5.jpg)
PAST
Additional duty
Compliance-based (IA controls)
“Platform IT” -- bolt it on
Understaffed
Marginally trained
Underfunded
Not on PM’s critical path
Patch & Pray
NTK/NTA
PRESENT
Defined career paths
Compliance-based (IA controls)
Bolt it on
Understaffed
Somewhat trained
LOTS of $’s -- (CNCI)
On PM’s critical path
Patch & Pray
NTK/NTA/NTS
Objective assessment
![Page 6: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/6.jpg)
• It’s cool to be a cyber person!
• Cyber is in every sentence – getting the word out!
• Cyber is the 5th dimension of warfare
• Cyber is getting funding
What’s worked?
![Page 7: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/7.jpg)
• Throwing $’s at the problems
• Status quo
• Senior management attention
• Compliance mentality
• Cyber recruiting
Definition of Insanity: doing the same thing over and over and expecting a different outcome!
What hasn’t worked
![Page 8: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/8.jpg)
Senior Management Attention
![Page 9: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/9.jpg)
“Exciting Cyber Careers” Would this attract you?
2011 GTRI Overview - 9
![Page 10: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/10.jpg)
• Thinking too small
• One size does not fit all
• Jack of all trades, master of none
• Need to Know, Need to Access, Need to Share
SHARE TO WIN!
So What’s the Problem?
![Page 11: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/11.jpg)
• Service-Specific Cyber Workforce
• Social Engineering Research & Development (SERD)
• CAP-Model
• Innocentive Model
Thinking too small
![Page 12: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/12.jpg)
Stereotypical Cyber Warrior?
2011 GTRI Overview - 12
“I can run CENTCOM from here and still
participate in simultaneous Tetris
tournaments.”
Penelope Garcia from "Criminal Minds" the Behavioral Analysis Unit at Quantico:
Sunshine,
![Page 13: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/13.jpg)
One size doesn’t fit all
Discrete Math & Algorithms
Programming
Computer Hardware Architecture
Risk Management
Operating Systems
Compiler Design
OCO DFT CAT CND
![Page 14: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/14.jpg)
Jack of All Trades - Master of None
OCO DFT CAT CND
Offensive Cyber Operations (OCO): - PYSOPS/HUMINT/SOINT - Operations, weapons platforms - SCADA, Electrical Engineering - Title 10/50/18
Computer Network Defense (CND): - Scanning, patching, Prin of Lease Priv - Audit Logs - IDS, IPS, FW, back up & recovery - Cyber exercises - Title 10
Crisis Action Team (CAT): - Incident Response & Disaster Recovery - Hot site/Alternative - Certification & Accreditation - Risk Management
Digital Forensics Team (DFT): - Rules/Preservation of Evidence - Incident Response - Consequence Management - Title 18
![Page 15: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/15.jpg)
• Fight like they fight
• SERD
• 1 + 1 = 3
• Share (collaborate & graduate)
• This is a “linked-in” generation – EXPLOIT IT!
• NTK, NTA, NTS
SERD the NERDS
SHARE TO WIN
![Page 16: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/16.jpg)
• Gaming Industry
• Banks
• Military Medical /Legal Community
Benchmark Best Practices
![Page 17: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/17.jpg)
Please contact us at anytime
www.gtri.gatech.edu
Jeff Moulton Director of Information Operations & Program Development Georgia Tech Research Institute [email protected]
![Page 18: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/18.jpg)
Cyber Warriors
![Page 19: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/19.jpg)
Need to Share Whose got your data?
2011 GTRI Overview - 19
Accountability is a MUST
![Page 20: Building Cyber Warriors - ITEA · Cyber Warriors . Need to Share Whose got your data? 2011 GTRI Overview - 19 Accountability is a MUST . Test & Evaluation’s Role • Give Feedback](https://reader034.vdocuments.site/reader034/viewer/2022052101/603aa7a5493caa58c8466dc2/html5/thumbnails/20.jpg)
Test & Evaluation’s Role
• Give Feedback to the Functional Managers • Work with the Program Managers • Migrate to a Risk-based Approach • Eliminate Duplication