US Cyber Challenge: Finding the people who canwin in cyberspace? Alan Paller Director of Research, SANS Institute

Size: px

Start display at page:

Download "US Cyber Challenge: Finding the people who canwin in cyberspace? Alan Paller Director of Research, SANS Institute apaller@sans.org"

Laurel Richardson
8 years ago
Views:

1 U Cyber Challenge: Finding the people who canwin in cyberspace? Alan Paller Director of Research, AN Institute

2 Gen. Alexander speaking at CI in June, 2010 One of our greatest challenges will be successfully recruiting, training and retaining our cyber cadre to ensure that we can sustain our ability to operate effectively in cyberspace for the long term

training and retaining our cyber cadre to ensure that we can

3 etting the tage ubcommittee on Emerging Threats, Cybersecurity, and cience and Technology April 17, 2007 Chairman: Jim Langevin "We don't know who's inside our networks. We don't know what information has been stolen. We need to get serious about this threat to our national security." tate Dept witness: Don Reid, enior Coordinator for ecurity Infrastructure Commerce Dept witness: Dave Jarrell, Manager, Critical Infrastructure Protection Program

We need to get serious about this threat to our national security.

4 A Tale of Two Departments Commerce Department 1. No idea when it got it in, how it got in, or where it spread 2. Took 8 days to filter (ineffective) 3. Unable to clean the systems; forced to replace them 4. Do not know whether they have found or gotten rid of the infections tate Department 1. Detected it immediately 2. Put effective filter in place within 24 hours; shared filter with other agencies 3. Found two zero-days 4. Helped Microsoft and AV companies create patches and signatures 5. Cleaned infected systems, confident all had been found

Do not know whether they have found or gotten rid of the infections tate Department 1. Detected it immediately 2.

5 What enabled tate to perform so much better than Commerce? Was it tools? No Almost the same commercial tools Commerce actually had more expensive and newer commercial IP/ID Was it skills? Yes Commerce staff s only experience was firewall operations not even firewall engineering. No training other than ecurity+ and CIP. Managers were policy and compliance people - no handson security skills. tate staff had experience and training in forensics, vulnerabilities and exploits, deep packet inspection, log analysis, script development, secure coding, wireless, Windows, Linux, and reverse software engineering. Plus counter intelligence. And managers with strong technical security skills. (Notice the MIX of skills remind you of anything?)

Yes Commerce staff s only experience was firewall operations not even firewall engineering. No training other than ecurity+ and CIP.

6 Mission focus -> -> -> Technology focus The Four Quadrants of ecurity kills

7 Mission focus -> -> -> Technology focus The Four Quadrants of ecurity kills III. Academic security researchers: 2,000 I. ecurity policy analysts, auditors, compliance specialists: 70,000 IV. Hunters and tool builders: 3,000 II. Operators: IP and firewall administrators, security ops center staff, penetration testers, forensics analysts, more: 45,000

ecurity policy analysts, auditors, compliance specialists: 70,000 IV.

8 Mission focus -> -> -> Technology focus The Four Quadrants of ecurity kills III. Academic security researchers: 2,000->2,000 I. ecurity policy analysts, auditors, compliance specialists: 70,000- >60,000 IV. Hunters and tool builders: 3,000->10,000 II. Operators: IP and firewall administrators, security ops center staff, penetration testers, forensics analysts, more: 45,000->50000

ecurity policy analysts, auditors, compliance specialists: 70,000- >60,000 IV.

9 Is Any Country Investing Heavily In Developing These kills? Wicked Rose Key weapons in future wars will be people with advanced, technical cyber security skills

Technical mastery (depth of understanding of the technologies and their security weaknesses) How will military services, contractors, Cyber Command and DH all fill the gaps? III.

10 Technical mastery (depth of understanding of the technologies and their security weaknesses) How will military services, contractors, Cyber Command and DH all fill the gaps? III. Academic security researchers: 2,000->2,000 I. ecurity policy analysts, auditors, compliance specialists: 70,000- >60,000 IV. Hunters and tool builders: 3,000->10,000 II. Operators: IP and firewall administrators, security ops center staff, penetration testers, forensics analysts, more: 45,000->50000

11 Can we expand the pipeline? What are colleges teaching? The sports pipeline model

12 Can the Cyber Challenge find highly talented young people?

others) Forensics Challenge (DoD DC3) NetWars (AN) Cyber Camps Courses and

13 U Cyber Challenge Activities TEP 1 TEP 2 TEP 3 TEP 4 Cyber Foundations (UCC and CKF.org) CyberPatriot (AFA) Cyber Quests (UCC) CCDC (UT an Antonio, DH and others) Forensics Challenge (DoD DC3) NetWars (AN) Cyber Camps Courses and exercises Tournaments Internships cholarships Connect with employers Talented Cyber ecurity People

14 The Bottom Line The shortage is uneven proven skills of operators, testers and hunters are the critical need alaries are shifting rapidly but the pipeline is still empty The sports model, as implemented by the U Cyber Challenge, may expand the pipeline quickly Making geeks as cool as sports stars

pipeline is still empty The sports model, as implemented by the U Cyber

Encouraging young people to develop the aptitude and skills to become the core of a strong cybersecurity community.

US Cyber Challenge To view the complete article, please go to http://csis.org/uscc Part of the: Technology and Public Policy Encouraging young people to develop the aptitude and skills to become the core