Developing the Next Generation Cyber Army VINCENT NESTLER, PH. D., CALIFORNIA STATE UNIVERSITY, SAN BERNARDINO

Transcription

1 Developing the Next Generation Cyber Army VINCENT NESTLER, PH. D., CALIFORNIA STATE UNIVERSITY, SAN BERNARDINO

2 Bio Assistant Director, Cybersecurity Center California State University, San Bernardino Professor, Cybersecurity Ethical hacking, forensics, drones Principal Investigator NICE Challenge Project

3

4 Discussions The crisis in cybersecurity and cybersecurity education Why this crisis exists Some solutions

5 The Disconnect Between the Workforce and Academia What the workforce needs How academics interpret those needs How academia delivers Outcomes

6 Educating Frankenstein

7 Educating Frankenstein - Computer Skills - Networking Skills - Operating Systems - Network Devices - Windows - Linux - Coding and Scripting - etc

8 Computer Skills Networking Devices Networking Skills Operating Systems Windows Linux Python Policy Sys Design

9

10

11 From ISACA - State of Cyber Security 2017 Part 1: Current Trends in Workforce Development The Skills Gap Stats 64%of respondents say that half, or less, of their applicants are qualified for an open security position. Most important attribute of a qualified applicant Hands-on experience Biggest skills gap Technical Skills: 25%, not understanding the business of cyber: 45% You might ask, how is this possible?

12 National Cybersecurity Workforce Framework 7 Categories

13 33 Specialty Areas Risk Management (RSK) Software Development (DEV) Systems Architecture (ARC) Technology R&D (TRD) Systems Requirements Planning (SRP) Test and Evaluation (TST) Systems Development (SYS) Data Administration (DTA) Knowledge Management (KMG) Customer Service and Technical Support (STS) Network Services (NET) Systems Administration (ADM) Systems Analysis (ANA) Legal Advice and Advocacy (LGA) Training, Education, and Awareness (TEA) Cybersecurity Management (MGT) Strategic Planning and Policy (SPP) Executive Cyber Leadership (EXL) Program/Project Management (PMA) and Acquisition Cybersecurity Defense Analysis (CDA) Cybersecurity Defense Infrastructure Support (INF) Incident Response (CIR) Vulnerability Assessment and Management (VAM) Threat Analysis (TWA) Exploitation Analysis (EXP) All-Source Analysis (ASA) Targets (TGT) Language Analysis (LNG) Collection Operations (CLO) Cyber Operational Planning (OPL) Cyber Operations (OPS) Cyber Investigation (INV) Digital Forensics (FOR)

14 52 Job Roles Authorizing Official/Designating Representative Security Control Assessor Software Developer Secure Software Assessor Enterprise Architect Security Architect Research & Development Specialist Systems Requirements Planner System Testing and Evaluation Specialist Information Systems Security Developer Systems Developer Database Administrator Data Analyst Knowledge Manager Technical Support Specialist Network Operations Specialist System Administrator Systems Security Analyst Cyber Legal Advisor Privacy Officer/Privacy Compliance Manager Cyber Instructional Curriculum Developer Cyber Instructor Information Systems Security Manager Communications Security (COMSEC) Manager Cyber Workforce Developer and Manager Cyber Policy and Strategy Planner Executive Cyber Leadership Program Manager IT Project Manager Product Support Manager IT Investment/Portfolio Manager IT Program Auditor Cyber Defense Analyst Cyber Defense Infrastructure Support Specialist Cyber Defense Incident Responder Vulnerability Assessment Analyst Threat/Warning Analyst Exploitation Analyst All-Source Analyst Mission Assessment Specialist Target Developer Target Network Analyst Multi-Disciplined Language Analyst All Source-Collection Manager All Source-Collection Requirements Manager Cyber Intel Planner Cyber Ops Planner Partner Integration Planner Cyber Operator Cyber Crime Investigator Law Enforcement /CounterIntelligence Forensics Analyst Cyber Defense Forensics Analyst

15 Reasons for this disconnect It is difficult to impossible for a single class or instructor to provide a contextual experience both in terms of a realistic environment as a realistic job role and tasks to be accomplished. Students graduate with component skills but are not given the opportunity to interact with an environment that will be akin to the one they might experience in the workforce. Because many skills are taught in isolation of other skills (Linux, Windows, networking devices, coding, etc) those skills may be lost and forgotten by the time of graduation.

16 Reasons for this disconnect There are 52 identified job roles in the workforce. All of them require similar foundational skills yet all of them have a different focus or additional set of skills, interest and aptitude. We start too late. Cybersecurity is new, used to be. Lack of hands-on experience opportunities Many don t know what is possible, or if they would even like it

17

18

19

20

21

22

23 Learn From Military and Medical Education Asvab for cyber? Foundational knowledge Internship Into specialty Most needed characteristics - comfortable being uncomfortable Learn on the fly. Problem solving good abstract thought see what you can not see Hacker to catch a hacker How to catch a hacker know what a hacker wants, set it up, lure in.

24 Develop a Specialized Corps CSUSB Cyber Corps SFS CSUSB IASP

25

26 NICE Challenge Project Quick Stats 150 Educational Institutions 200+ Curators (Professors) Players (Students) 65 Challenges with more being added each month Challenge Attempts so far All in just a little over a year!

27

28 Scoring Engine

29 Ticketing System

30 Documentation

31 Results

32 Comments, Questions?