US Cyber Challenge: Finding the people who canwin in cyberspace? Alan Paller Director of Research, SANS Institute apaller@sans.org



Similar documents
Encouraging young people to develop the aptitude and skills to become the core of a strong cybersecurity community.

The CAG An Earthquake in Security Compliance and How Security Is Measured ALAN PALLER DIRECTOR OF RESEARCH SANS INSTITUTE

Cyber Watch. Written by Peter Buxbaum

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

Network Management and Defense Telos offers a full range of managed services for:

Hackers are here. Where are you?

Ty Miller. Director, Threat Intelligence Pty Ltd

Solving the CIO s Cybersecurity Dilemma: 20 Critical Controls for Effective Cyber Defense

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

Security Camp Conference Fine Art of Balancing Security & Privacy

Cybersecurity and internal audit. August 15, 2014

Cyber Security Operations: Building or Outsourcing

Technical Testing. Application, Network and Red Team Testing DATA SHEET. Test your security defenses. Expert Testing, Analysis and Assessments

AppGuard. Defeats Malware

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

GAO CYBERSECURITY HUMAN CAPITAL. Initiatives Need Better Planning and Coordination

Increase insight. Reduce risk. Feel confident.

WRITTEN TESTIMONY OF

Cybersecurity High School and Beyond

SANS CyberTalent VetSuccess Immersion Academy. VetSuccess

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Situational Awareness A Discussion

Defending Against Data Beaches: Internal Controls for Cybersecurity

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Enterprise Cybersecurity: Building an Effective Defense

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cybersecurity: An Innovative Approach to Advanced Persistent Threats

Operationally Focused CYBER Training Framework

Emergency Response Service IBM Corporation

Information Security Engineering

Practical Threat Intelligence. with Bromium LAVA

IBM Security Strategy

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)

How to use the National Cybersecurity Workforce Framework. Your Implementation Guide

Cybersecurity: The Defense Perspective

The Hillstone and Trend Micro Joint Solution

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

SCADA Security Training

Concierge SIEM Reporting Overview

Deep Security/Intrusion Defense Firewall - IDS/IPS Coverage Statistics and Comparison

Reliable, Repeatable, Measurable, Affordable

EC-Council Certified Security Analyst (ECSA)

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

Hackers are here. Where are you?

Middle Class Economics: Cybersecurity Updated August 7, 2015

Program Drill-Downs National

Defending Against Cyber Attacks with SessionLevel Network Security

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Advanced Threat Protection with Dell SecureWorks Security Services

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

Cybersecurity the Old Fashioned Way: Pass Known Good

Someone s sitting in the shade today because someone planted a tree a long time ago. Warren Buffett. Ed Skoudis Mike Qaissaunee.

Deep Security Intrusion Detection & Prevention (IDS/IPS) Coverage Statistics and Comparison

Cybersecurity Governance Update on New FFIEC Requirements

Statement of Gil Vega. Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer. U.S. Department of Energy

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia

NICE and Framework Overview

The Comprehensive National Cybersecurity Initiative

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Course Descriptions November 2014

Fighting Advanced Threats

Cybersecurity Strategic Talent Management. March, 2012

Access FedVTE online at: fedvte.usalearning.gov

A Human Capital Crisis in Cybersecurity

How We're Getting Creamed

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

Joint Information Environment Single Security Architecture (JIE SSA)

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.


A Human Capital Crisis in Cybersecurity

ASL IT SECURITY XTREME XPLOIT DEVELOPMENT

Prepare Yourself for the Digital Battlefield. Christopher May. 27 Feb 2014

OVERVIEW DEGREES & CERTIFICATES

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

Analyze. Secure. Defend. Do you hold ECSA credential?

Agenda , Palo Alto Networks. Confidential and Proprietary.

Bridging the Cybersecurity Talent Gap Cybersecurity Employment and Opportunities for Engagement

White. Paper. Rethinking Endpoint Security. February 2015

Improvements Needed With Host-Based Intrusion Detection Systems

Bad Romance: Three Reasons Hackers <3 Your Web Apps & How to Break Them Up

Networking for Caribbean Development

A Modern Framework for Network Security in Government

GOING BEYOND BLOCKING AN ATTACK

Wasting Money on the Tools? Automating the Most Critical Security Controls. Mason Brown Director, The SANS Institute

Bridging the gap between COTS tool alerting and raw data analysis

Technical Testing. Network Testing DATA SHEET

Enterprise Security Platform for Government

SELECTING THE RIGHT HOST INTRUSION PREVENTION SYSTEM:

Define & Assess Skills - Smart Grid Security Specialists

Evolution Of Cyber Threats & Defense Approaches

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Trends

The monsters under the bed are real World Tour

Company Profile S Flores #205 San Antonio, TX

First Line of Defense to Protect Critical Infrastructure

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst

21/12/2015 CLOUD ADOPTION TRENDS. Agenda. Cloud Adoption. Cloud Deployment Model. Public Cloud Usage

SO YOU WANT TO BE IN CYBER SECURITY?

Microsoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support

Rapid Cyber Remediation Response Management. Using the Game-Changing Capabilities from Project Remedies Inc.

Transcription:

U Cyber Challenge: Finding the people who canwin in cyberspace? Alan Paller Director of Research, AN Institute apaller@sans.org

Gen. Alexander speaking at CI in June, 2010 One of our greatest challenges will be successfully recruiting, training and retaining our cyber cadre to ensure that we can sustain our ability to operate effectively in cyberspace for the long term

etting the tage ubcommittee on Emerging Threats, Cybersecurity, and cience and Technology April 17, 2007 Chairman: Jim Langevin "We don't know who's inside our networks. We don't know what information has been stolen. We need to get serious about this threat to our national security." tate Dept witness: Don Reid, enior Coordinator for ecurity Infrastructure Commerce Dept witness: Dave Jarrell, Manager, Critical Infrastructure Protection Program

A Tale of Two Departments Commerce Department 1. No idea when it got it in, how it got in, or where it spread 2. Took 8 days to filter (ineffective) 3. Unable to clean the systems; forced to replace them 4. Do not know whether they have found or gotten rid of the infections tate Department 1. Detected it immediately 2. Put effective filter in place within 24 hours; shared filter with other agencies 3. Found two zero-days 4. Helped Microsoft and AV companies create patches and signatures 5. Cleaned infected systems, confident all had been found

What enabled tate to perform so much better than Commerce? Was it tools? No Almost the same commercial tools Commerce actually had more expensive and newer commercial IP/ID Was it skills? Yes Commerce staff s only experience was firewall operations not even firewall engineering. No training other than ecurity+ and CIP. Managers were policy and compliance people - no handson security skills. tate staff had experience and training in forensics, vulnerabilities and exploits, deep packet inspection, log analysis, script development, secure coding, wireless, Windows, Linux, and reverse software engineering. Plus counter intelligence. And managers with strong technical security skills. (Notice the MIX of skills remind you of anything?)

Mission focus -> -> -> Technology focus The Four Quadrants of ecurity kills

Mission focus -> -> -> Technology focus The Four Quadrants of ecurity kills III. Academic security researchers: 2,000 I. ecurity policy analysts, auditors, compliance specialists: 70,000 IV. Hunters and tool builders: 3,000 II. Operators: IP and firewall administrators, security ops center staff, penetration testers, forensics analysts, more: 45,000

Mission focus -> -> -> Technology focus The Four Quadrants of ecurity kills III. Academic security researchers: 2,000->2,000 I. ecurity policy analysts, auditors, compliance specialists: 70,000- >60,000 IV. Hunters and tool builders: 3,000->10,000 II. Operators: IP and firewall administrators, security ops center staff, penetration testers, forensics analysts, more: 45,000->50000

Is Any Country Investing Heavily In Developing These kills? Wicked Rose Key weapons in future wars will be people with advanced, technical cyber security skills

Technical mastery (depth of understanding of the technologies and their security weaknesses) How will military services, contractors, Cyber Command and DH all fill the gaps? III. Academic security researchers: 2,000->2,000 I. ecurity policy analysts, auditors, compliance specialists: 70,000- >60,000 IV. Hunters and tool builders: 3,000->10,000 II. Operators: IP and firewall administrators, security ops center staff, penetration testers, forensics analysts, more: 45,000->50000

Can we expand the pipeline? What are colleges teaching? The sports pipeline model

Can the Cyber Challenge find highly talented young people?

U Cyber Challenge Activities TEP 1 TEP 2 TEP 3 TEP 4 Cyber Foundations (UCC and CKF.org) CyberPatriot (AFA) Cyber Quests (UCC) CCDC (UT an Antonio, DH and others) Forensics Challenge (DoD DC3) NetWars (AN) Cyber Camps Courses and exercises Tournaments Internships cholarships Connect with employers Talented Cyber ecurity People

The Bottom Line The shortage is uneven proven skills of operators, testers and hunters are the critical need alaries are shifting rapidly but the pipeline is still empty The sports model, as implemented by the U Cyber Challenge, may expand the pipeline quickly Making geeks as cool as sports stars

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information