Enhancing Cyber Security Team Development Strategies

Explore key aspects of cyber security team development, including team structuring, core capabilities, operator development, and utilization of cyber ranges for hands-on training. Learn about the importance of operationalizing security focuses, assessing operator skills, and leveraging managed cyber ranges for skill development and assessment.

• Cyber security
• Team development
• Operator skills
• Cyber range
• Security strategy

friedri Follow

Uploaded on Sep 28, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Red, Blue, Purple Team Development Discussion Panel If you experience any accessibility issues with this presentation, please contact the NNSA Section 508 Program. 06/12/2023 NNSA Section 508 Program

2. Introductions Mark Sweet mark.sweet@nnsa.doe.gov Brian Healy - briheal@sandia.gov Douglas Stemper - douglas.stemper@nnsa.doe.gov Darrius Williams - darrius.williams@nnsa.doe.gov Dillon Tauscher - dillon.tauscher@srnl.doe.gov Matthew Williams - matt@rebelliondefense.com 2

3. Panel Flow 1. Present Background and Concept 2. Audience Discussion and Feedback 3. Post Panel Discussion (Optional) 3

4. RBP Teams, so what? Operationalize Security Adversary and Defensive Focuses Compliments Compliance Provides Greater Security Insight Guides Architecture Design Chessboard Topology Battle Damage Assessment Remaining Capability Post Adversary Engagement 4

5. The Capability Core Core Component Operators (not Technology) Different Levels of Expertise Novice, Apprentice, Journeyman, Master Different Specialties Windows, Linux, Networking, Wi-Fi, Forensics, Social Engineering, Physical Infiltration, etc. Objective Based Skill Determination How do you know who can do what based on measurable standards? 5

6. Two Pillars of Development Regimented Operator Development and Assessment Program Managed Cyber Range 6

7. Operator Development and Assessment Demonstratable Skills and Knowledge Based Criteria -Not Certification, Degree, or Subjective SME Based Skill Level and Specialty Specific Checklists Recommended Training for Skills Mentor Driven and Supervised 7

8. Cyber Range Customizable Electronic Environment Windows, Linux, Operational Technology, etc. Professionally Managed and Scheduled Dedicated Team (not RBP Operators) Use Cases: Hands On Skills Demonstrations scanning, exploitation, vulnerability discovery, etc. Capture the Flag Challenges Red Vs Blue Competitions Annual Exercises 8

9. The Concept NA-IM-11 will lead creation of the development program and cyber range in cooperation with volunteers from NNSA, DOE, and contracted educational institutions and technology companies. Development program can accommodate any aspirant skill level e.g., high school graduate, journeyman Windows admin, etc. street to seat. Cyber Range will be scheduled, created, and maintained by a group external to the RBP Teams. 9

10. End State A development program, cyber range, and RBP Capability available to NNSA. HQ will establish a team of operators available to conduct mission on HQ networks and assist anywhere in NNSA e.g., Blue Team Assessments, Incident Response, Red Teaming, etc. Plants/Labs/Sites can utilize the program and cyber range to develop their own capabilities or request support from HQ. Potentially establish a Community of Interest across NNSA. 10

11. Panel Member Comments 11

12. Discussion 12

13. Contact Panel Members Mark Sweet mark.sweet@nnsa.doe.gov Brian Healy - briheal@sandia.gov Douglas Stemper - douglas.stemper@nnsa.doe.gov Darrius Williams - darrius.williams@nnsa.doe.gov Dillon Tauscher - dillon.tauscher@srnl.doe.gov Matthew Williams - matt@rebelliondefense.com 13