Enhancing Cyber Security Team Development Strategies

Slide Note
Embed
Share

Explore key aspects of cyber security team development, including team structuring, core capabilities, operator development, and utilization of cyber ranges for hands-on training. Learn about the importance of operationalizing security focuses, assessing operator skills, and leveraging managed cyber ranges for skill development and assessment.


Uploaded on Sep 28, 2024 | 0 Views


Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript


  1. Red, Blue, Purple Team Development Discussion Panel If you experience any accessibility issues with this presentation, please contact the NNSA Section 508 Program. 06/12/2023 NNSA Section 508 Program

  2. Introductions Mark Sweet mark.sweet@nnsa.doe.gov Brian Healy - briheal@sandia.gov Douglas Stemper - douglas.stemper@nnsa.doe.gov Darrius Williams - darrius.williams@nnsa.doe.gov Dillon Tauscher - dillon.tauscher@srnl.doe.gov Matthew Williams - matt@rebelliondefense.com 2

  3. Panel Flow 1. Present Background and Concept 2. Audience Discussion and Feedback 3. Post Panel Discussion (Optional) 3

  4. RBP Teams, so what? Operationalize Security Adversary and Defensive Focuses Compliments Compliance Provides Greater Security Insight Guides Architecture Design Chessboard Topology Battle Damage Assessment Remaining Capability Post Adversary Engagement 4

  5. The Capability Core Core Component Operators (not Technology) Different Levels of Expertise Novice, Apprentice, Journeyman, Master Different Specialties Windows, Linux, Networking, Wi-Fi, Forensics, Social Engineering, Physical Infiltration, etc. Objective Based Skill Determination How do you know who can do what based on measurable standards? 5

  6. Two Pillars of Development Regimented Operator Development and Assessment Program Managed Cyber Range 6

  7. Operator Development and Assessment Demonstratable Skills and Knowledge Based Criteria -Not Certification, Degree, or Subjective SME Based Skill Level and Specialty Specific Checklists Recommended Training for Skills Mentor Driven and Supervised 7

  8. Cyber Range Customizable Electronic Environment Windows, Linux, Operational Technology, etc. Professionally Managed and Scheduled Dedicated Team (not RBP Operators) Use Cases: Hands On Skills Demonstrations scanning, exploitation, vulnerability discovery, etc. Capture the Flag Challenges Red Vs Blue Competitions Annual Exercises 8

  9. The Concept NA-IM-11 will lead creation of the development program and cyber range in cooperation with volunteers from NNSA, DOE, and contracted educational institutions and technology companies. Development program can accommodate any aspirant skill level e.g., high school graduate, journeyman Windows admin, etc. street to seat. Cyber Range will be scheduled, created, and maintained by a group external to the RBP Teams. 9

  10. End State A development program, cyber range, and RBP Capability available to NNSA. HQ will establish a team of operators available to conduct mission on HQ networks and assist anywhere in NNSA e.g., Blue Team Assessments, Incident Response, Red Teaming, etc. Plants/Labs/Sites can utilize the program and cyber range to develop their own capabilities or request support from HQ. Potentially establish a Community of Interest across NNSA. 10

  11. Panel Member Comments 11

  12. Discussion 12

  13. Contact Panel Members Mark Sweet mark.sweet@nnsa.doe.gov Brian Healy - briheal@sandia.gov Douglas Stemper - douglas.stemper@nnsa.doe.gov Darrius Williams - darrius.williams@nnsa.doe.gov Dillon Tauscher - dillon.tauscher@srnl.doe.gov Matthew Williams - matt@rebelliondefense.com 13

More Related Content