innovative cyber talent spotting in an uncertain world @ uk mod
TRANSCRIPT
1 © 2016 IBM Corporation
Innovative Cyber Talent spotting in an uncertain
world @ UK MoD
Commander Stuart Royston Royal NavyTrevor Pons Senior Manging Consultant IBM
2 © 2016 IBM Corporation
Scope
1. Cyber: The Problem 2. Cyber: The Solution Unique challenges How DCAT being used
3. Cyber: The Way Forward Commercialisation Validation Report Simulation (Gamified Attraction Assessment)
“An effective cyber capability is dependent on the quality of its people”.
4 © 2016 IBM Corporation
Nature of Cyberspace (Highlights)
• Virtual & Created by Humans
• Continuum of National Functions− Blurring Military, Criminal & Espionage− Crossover with National Security
• Global / Pervasive− Not Just Internet− Asymmetry
1. State-prohibited. The national government will help stop the third-
party attack
2. State-prohibited-but-
inadequate.
The national government is cooperative but unable to
stop the third-party attack
3. State-ignored. The national government knows about the third-party
attacks but is unwilling to take any official action
4. State-encouraged. Third parties control and conduct the attack, but the
national government encourages them as a matter of
policy
5. State-shaped. Third parties control and conduct the attack, but the
state provides some support
6. State-coordinated. The national government coordinates third-party
attackers such as by “suggesting” operational details
7. State-ordered. The national government directs third-party proxies
to conduct the attack on its behalf
8. State-rogue-conducted. Out-of-control elements of cyber forces of the
national government conduct the attack
9. State-executed. The national government conducts the attack using
cyber forces under their direct control
10. State-integrated. The national government attacks using integrated
third-party proxies and government cyber forces
J. Healey, “Beyond Attribution: Seeking National Responsibility for Cyber Attacks,” Atlantic Council, 2012
6 © 2016 IBM Corporation
Threat
TIME
Number of Threats
Capa
bilit
y
Script Kiddie
Hacker
Hacktivist
Crime Sponsored
State Sponsored
TIME
TIM
ENowNow
FutureFuture
11 © 2016 IBM Corporation
“The People Problem”
• Higher voluntary outflow (VO) rate from technical roles
• Conventional military posting mechanisms presents challenges
• Very high level of technical competence requires significant training – need individuals to be capable ‘right off the bat’
12 © 2016 IBM Corporation
The Requirement• To Seek ‘latent’ ability not pre-existing knowledge
• Recruitment− Select the very best from a wide pool across Defence− Objective standard for employment in a Joint Cyber Unit− Support existing selection processes− Manage talent in our workforce better
• Training− Find higher quality individuals with greater learning capacity
• Retention− Long term workforce management strategy; recruiting the most
passionate encourages excellence
14 © 2016 IBM Corporation
Defence Cyber Aptitude Test (“DCAT”)
• AIM:− Identify the best personnel with the right aptitude, skills and
competencies to succeed in Cyber roles.
• OUTPUT:− Overall percentile score.
• CONTENT:− Test consists of several sections: Realistic Job Preview Cognitive Ability (Numerical & Verbal) Fault Finding Bridges Checking Behavioural
15 © 2016 IBM Corporation
Social People
The Environment we ‘Live’ and ‘Work’ in is changing rapidlyThe ‘3 Layers of Cyber Space’
Cognitive
Virtual
Personality
Information
Physical
Network
Real
17 © 2016 IBM Corporation
The Importance of Defence in the Cyberspace domainhas never been more important
18 © 2016 IBM Corporation
Defence Cyber Aptitude Test (“DCAT”) Overview
• AIM:− Identify the best personnel with the right aptitude, skills and
competencies to succeed in Cyber roles. ‘Selector’ Format
Section ObjectiveRealistic Job Preview
Give a realistic expectation of role
Numerical Measures how well candidate reasons with numbersVerbal Measures how well candidate reasons with words and sentences
Error Identification Ability to Identify Errors quickly
Attention to Detail Measures ability to identify errors quickly and correctly
Behavioural Measures personal characteristics and preferences
20 © 2016 IBM Corporation
Cognitive Skills CAT ( Computer Adaptive Test)Numerical Reasoning with numbers
21 © 2016 IBM Corporation
Cognitive Skills CAT ( Computer Adaptive Test)Verbal Reasoning with words and sentence's
23 © 2016 IBM Corporation
Error Identification - ability to identify errors quickly and correctly - identifying the wrong code in a sequence
24 © 2016 IBM Corporation
Attention to detail - ability to identify errors quickly and correctly - identify number of errors between numbers in circles and lines
27 © 2016 IBM Corporation
Test Creation ProcessInterviews, focus
groups and mini test trial to determine “what good looks
like”
Analysis of results and
recommendation of trial test content
Creation of test content
Build of online trial test
Trial of all content wth Army, RAF,
Navy
Analysis of results and
recommendation of final test content
Build of online DCATTraining and launch of DCAT
Data collection period & analysis
Situational Judgement Test content created
Build of three new versions of DCAT
Roll out of new versions of DCAT
1
8
9
5
10 12
2 3 4
68
11
29 © 2016 IBM Corporation
DCAT Administration• DCAT administered as a SaaS through the Assess
Platform• JPA Competence
• DCAT Pass threshold• Continually monitored normative sample
32 © 2016 IBM Corporation
DCAT Evolution
• FY15/16− Set up costs for test build only and use with individual licence quota.− Additional spend for:
Enhanced Cyber Intelligence Analysis Test (replaces RJP) Develop Individual Report Selectable Behavioural Test (removal allows DCAT to screen existing workforces)
• FY16/17− Develop ‘non-fail’ test for recruiting use at public awareness events
• Future: − Licenced sales through MOD Crown Commercial
MOD owns the bulk of the DCAT IPR Potential sales to allies at our discretion Commercial opportunity