Building Cyber Warriors

Jeff Moulton, CISSP, PMP Director, Information Operations and Program Development Pentagon Cyber Strategy Building Cyber Warriors

2011 GTRI Overview - 3 Overview

• Historical context • What’s worked • What hasn’t worked • How do we get where we want to be Objective assessment

. PAST . PRESENT . Additional duty . Defined career paths . Compliance-based (IA . Compliance-based (IA controls) controls) . “Platform IT” -- bolt it on . Bolt it on . Understaffed . Understaffed . Marginally trained . Somewhat trained . Underfunded . LOTS of $’s -- (CNCI) . Not on PM’s critical path . On PM’s critical path . Patch & Pray . Patch & Pray . NTK/NTA . NTK/NTA/NTS

What’s worked?

• It’s cool to be a cyber person! • Cyber is in every sentence – getting the word out! • Cyber is the 5th dimension of warfare • Cyber is getting funding What hasn’t worked

• Throwing $’s at the problems • Status quo • Senior management attention • Compliance mentality • Cyber recruiting

Definition of Insanity: doing the same thing over and over and expecting a different outcome! Senior Management Attention “Exciting Cyber Careers” Would this attract you?

2011 GTRI Overview - 9 So What’s the Problem?

• Thinking too small • One size does not fit all • Jack of all trades, master of none • Need to Know, Need to Access, Need to Share

SHARE TO WIN! Thinking too small

• Service-Specific Cyber Workforce • Social Engineering Research & Development (SERD) • CAP-Model • Innocentive Model Stereotypical Cyber Warrior?

“I can run CENTCOM from here and still

participate in simultaneous Tetris

Penelope Garcia from "Criminal Minds" the Behavioral Analysis Unit at Quantico: tournaments.” Sunshine,

2011 GTRI Overview - 12 One size doesn’t fit all

OCO CND CAT DFT Risk Management Operating Systems Compiler Design Programming Computer Hardware Architecture Discrete Math & Algorithms Jack of All Trades - Master of None

Offensive Cyber Operations (OCO): - PYSOPS/HUMINT/SOINT - Operations, weapons platforms - SCADA, Electrical Engineering - Title 10/50/18 Computer Network Defense (CND): - Scanning, patching, Prin of Lease Priv - Audit Logs - IDS, IPS, FW, back up & recovery - Cyber exercises - Title 10 OCO CND CAT DFT Crisis Action Team (CAT): - Incident Response & Disaster Recovery - Hot site/Alternative - Certification & Accreditation - Risk Management Digital Forensics Team (DFT): - Rules/Preservation of Evidence - Incident Response - Consequence Management - Title 18 SERD the NERDS

• Fight like they fight • SERD • 1 + 1 = 3 • Share (collaborate & graduate) • This is a “linked-in” generation – EXPLOIT IT! • NTK, NTA, NTS

SHARE TO WIN Benchmark Best Practices

• Gaming Industry • Banks • Military Medical /Legal Community

Please contact us at anytime

Jeff Moulton Director of Information Operations & Program Development Georgia Tech Research Institute [email protected]

www.gtri.gatech.edu

Cyber Warriors Need to Share Whose got your data?

Accountability is a MUST

2011 GTRI Overview - 19 Test & Evaluation’s Role

• Give Feedback to the Functional Managers • Work with the Program Managers • Migrate to a Risk-based Approach • Eliminate Duplication