Cybersecurity Strategic Talent Management. March, 2012

Transcription

1 Cybersecurity Strategic Talent Management March, 2012

2 Cyber Operations - Starts with People Exploit Intel Attack Cyber Operations Defend Enablers 2

3 Talent Management Challenge Mission: Attract, Develop, Engage and Retain What are Cyber missions today and in the future? What talent do we need? How do we develop interest for the profession and grow a pipeline? How do we attract and develop talent? How do we create a cyber aware and cyber safe workforce? How do we develop Cyber thinking and talent in all of our mission areas? How do we meet generalized and specific Cybersecurity training needs? How do we foster innovation in our Cyber workforce? What do we need to do for retention and career development? How do we get our customers, partners and suppliers engaged? 3 Cyber needs to be institutionalized for the future

4 Threat Evolution High Intruder Knowledge Packet Spoofing Sniffers Denial of Service Tools Cross - site Scripting Stealth Advanced Scanning Techniques SQL Injection Conficker 2009 Staged Estonia DDoS Distributed Attack Tools Stuxnet 2010 Google v. China Disabling Audits Backdoors Sweepers GUI Network Management Diagnostics WWW Attacks Automated Probes / Scans Attack Sophistication Burglaries Hijacking Sessions 4 Low Exploiting Known Vulnerabilities Password Cracking Self - Replicating Code Password Guessing Intruders Source : www. cert. org

5 C A P A B I L I T I E S Northrop Grumman Cybersecurity Mergers & Acquisitions Technology Development & Operations UK Cyber Range Sterling Software Incorporated SILENTWIRE DARPA National Cyber Range IM&S JTF-GNO Research Consortium DOJ Cyber Tactical Data Systems Westinghouse Defense Electronics Logicon Essex Active Defense BACN NETCENTS Einstein III CAWS HSDN NYC WiN Control system for USPS Message text handling 4 th Gen Software languages Xetron Army 1 st IO TRW XonTech CSOC 3001 Sentinel XD Virginia IT Agency Sentinel XD Cyber- Mission Planning Tool for all U.S. Military Teledyne Ryan Aeronautical Marine Corps NOSC TODAY Year History of Cybersecurity Expertise & Proven Solutions

6 Northrop Grumman Cybersecurity A Premier Cybersecurity Provider for: Department of Defense National Security Agency US CYBER Command Defense Information Systems Agency Defense Advanced Research Projects Agency National Reconnaissance Office Defense Intelligence Agency Department of Homeland Security Department of Justice Department of the Treasury Veterans Administration Department of State Federal Bureau of Investigation New York City State of Virginia Defensive Cyber: Offensive Cyber: Research & Education 6 Defense Industrial Base Pilot Buckshot Yankee mitigation 150+ strategic industry partners cutting edge small companies Network Operation Security Centers Industry leading internal network security center Classified Capabilities Classified Customers Leading Integrator of Full-Spectrum Cybersecurity for Federal Government NGC Cybersecurity Research Consortium R&D Partners 100+ Universities 51 Laboratories Small Business Incubator Programs NGC Cyber Academy Cyber Patriot Sponsor NGC Cyberspace Solutions Center STEM

7 Cyber Academy Training Framework Partnerships UMUC: Natl policy and Law UMBC: Secure S/W Eng GMU: Ethical Hacking/Analysis CMU: Operational Security Specialization Specialty training to address Advanced Threat challenges Advanced Specialty Training Pen Testing/Ethical hacking Incident Handling/ Intrusion Detection Digital Forensics Skills Skill development focused on delivery of secure capabilities/solutions Secure Architecture Design & Engineering Secure Software Engineering Secure Architecture Design Secure Coding Methods and Practices Certifications Certifications based on business/skills needs aligned with DoD 8570 reqts Cyber Certification Program DoD 8570 related CERTs Security + CISSP, etc. Awareness/ Basic Trng 7 Awareness education and training for all levels Basic Awareness Education / Training * External offering available Skill(s) Mapping/Competency Modeling, Partnerships, Technology/Research Note: Yellow text indicates completed activities Cyber 001 Cyber 002 Cyber 101

8 Panel s Goals - Share our Experience, Successes and Challenges Growing and Developing a Talent Pipeline Structuring a comprehensive approach to training Professional Development Working with our partners - universities and technology Delivering results through our people 8 Successful Cyber Operations - Starts with People

9