Building Cyber Warriors Jeff Moulton, CISSP, PMP Director, Information Operations and Program Development Pentagon Cyber Strategy Building Cyber Warriors 2011 GTRI Overview - 3 Overview • Historical context • What’s worked • What hasn’t worked • How do we get where we want to be Objective assessment . PAST . PRESENT . Additional duty . Defined career paths . Compliance-based (IA . Compliance-based (IA controls) controls) . “Platform IT” -- bolt it on . Bolt it on . Understaffed . Understaffed . Marginally trained . Somewhat trained . Underfunded . LOTS of $’s -- (CNCI) . Not on PM’s critical path . On PM’s critical path . Patch & Pray . Patch & Pray . NTK/NTA . NTK/NTA/NTS What’s worked? • It’s cool to be a cyber person! • Cyber is in every sentence – getting the word out! • Cyber is the 5th dimension of warfare • Cyber is getting funding What hasn’t worked • Throwing $’s at the problems • Status quo • Senior management attention • Compliance mentality • Cyber recruiting Definition of Insanity: doing the same thing over and over and expecting a different outcome! Senior Management Attention “Exciting Cyber Careers” Would this attract you? 2011 GTRI Overview - 9 So What’s the Problem? • Thinking too small • One size does not fit all • Jack of all trades, master of none • Need to Know, Need to Access, Need to Share SHARE TO WIN! Thinking too small • Service-Specific Cyber Workforce • Social Engineering Research & Development (SERD) • CAP-Model • Innocentive Model Stereotypical Cyber Warrior? “I can run CENTCOM from here and still participate in simultaneous Tetris Penelope Garcia from "Criminal Minds" the Behavioral Analysis Unit at Quantico: tournaments.” Sunshine, 2011 GTRI Overview - 12 One size doesn’t fit all OCO CND CAT DFT Risk Management Operating Systems Compiler Design Programming Computer Hardware Architecture Discrete Math & Algorithms Jack of All Trades - Master of None Offensive Cyber Operations (OCO): - PYSOPS/HUMINT/SOINT - Operations, weapons platforms - SCADA, Electrical Engineering - Title 10/50/18 Computer Network Defense (CND): - Scanning, patching, Prin of Lease Priv - Audit Logs - IDS, IPS, FW, back up & recovery - Cyber exercises - Title 10 OCO CND CAT DFT Crisis Action Team (CAT): - Incident Response & Disaster Recovery - Hot site/Alternative - Certification & Accreditation - Risk Management Digital Forensics Team (DFT): - Rules/Preservation of Evidence - Incident Response - Consequence Management - Title 18 SERD the NERDS • Fight like they fight • SERD • 1 + 1 = 3 • Share (collaborate & graduate) • This is a “linked-in” generation – EXPLOIT IT! • NTK, NTA, NTS SHARE TO WIN Benchmark Best Practices • Gaming Industry • Banks • Military Medical /Legal Community Please contact us at anytime Jeff Moulton Director of Information Operations & Program Development Georgia Tech Research Institute [email protected] www.gtri.gatech.edu Cyber Warriors Need to Share Whose got your data? Accountability is a MUST 2011 GTRI Overview - 19 Test & Evaluation’s Role • Give Feedback to the Functional Managers • Work with the Program Managers • Migrate to a Risk-based Approach • Eliminate Duplication .