Presentation on theme: "1 Trained and Ready Cyber Teams Mr. Michael Hudson J72, Training & Readiness Division Chief U.S. Cyber Command 27 June 2013."— Presentation transcript:
1 Trained and Ready Cyber Teams Mr. Michael Hudson J72, Training & Readiness Division Chief U.S. Cyber Command 27 June 2013
2 Overview Issues/Challenges USCYBERCOM Missions and Operations Requirements to Operate in Cyberspace Cyberspace Operations J7 Vision/Mission Technical Workforce Challenges Joint Training System Joint Mission Essential Tasks Workforce Management Workforce Framework Training Spectrum Example of Individual Certification Example of Cyber Training Venues Summary Questions UNCLASSIFIED
3 THE CHALLENGE We are currently preparing students for jobs that don’t yet exist, using technologies that haven’t been invented in order to solve problems we don’t even know are problems yet The U.S. Department of Labor estimates that today’s learner will have jobs by the age of 38 THE COMPETITION China will soon become the #1 English speaking country in the world 25% of India's population with the highest IQs is greater than the total population of the U.S. The top 10 highest demand jobs in 2010 did not exist in 2004 THE CHALLENGE We are currently preparing students for jobs that don’t yet exist, using technologies that haven’t been invented in order to solve problems we don’t even know are problems yet The U.S. Department of Labor estimates that today’s learner will have jobs by the age of 38 THE COMPETITION China will soon become the #1 English speaking country in the world 25% of India's population with the highest IQs is greater than the total population of the U.S. The top 10 highest demand jobs in 2010 did not exist in 2004 THE FUTURE WORKFORCE – GENERATION Y Multitasking Optimistic outlook – self-confident High expectations – questioning Technical savvy Job hoppers – career progression less important than personal pursuits Huge potential for miscommunication, low morale, and poor productivity in generational workforce THE FUTURE WORKFORCE – GENERATION Y Multitasking Optimistic outlook – self-confident High expectations – questioning Technical savvy Job hoppers – career progression less important than personal pursuits Huge potential for miscommunication, low morale, and poor productivity in generational workforce UNCLASSIFIED
4 Defend the Nation Operate and Defend DoD Information Networks (DODIN) CCMD Support Cyber National Mission Force Cyber Protection Force Cyber Combat Mission Force 3 Lines of Operations - Running Throughout the Mission Areas 1.DODIN Operations 2.Defensive Cyber Operations (DCO) 3.Offensive Cyber Operations (OCO) UNCLASSIFIED
5 Defensible Architecture Trained & Ready Cyber Teams Global Situational Awareness Authority to Act in Defense of the Nation Operational Concept Operate & Defend Govern UNCLASSIFIED
Produce Intelligence Attack Targets Assess Effects Cyberspace Operations: Intelligence Community, Military, Foreign Partners, Industry Process & Store Data Defeat Encryption Identify Targets Target Net Warfare Planners Accesses Access Enablers Network Analysts Intelligence Analysts Linguists Capabilities Developers Network Operators Cryptanalysts Deploy Capabilities Develop Crypto Identify Attacks Harden US Networks Collect Data Develop Intelligence Defensive Response Attribute Attacks 6 UNCLASSIFIED
7 7 (U) Develop agile, flexible training to prepare world-class, fully capable cyber forces for the present and future, through focused common standards, training engagements, and career training management for individual through collective training and education to support the Command’s cyberspace operations missions. – (U ) Individual training (U) Advise recruiting and assessment qualification standards (U) Advise Service School and Branch Qualification Training (U) Develop certification for advancing roles and responsibilities – (U) Information Assurance Workforce Improvement Plan – (U) Joint Individual Training – (U) Joint Work Roles and Responsibilities (U) Advise and engage continuing education – (U) Joint Professional Military Education – (U) Public/Private University System (Defense Universities, Public/Private Institutions) – (U) Collective Training (U) Training and Certification Events (e.g., Cyber Flag) (U) Cyber-focused Exercises (e.g., Bulwark Defender) – (U) Retention
8 8 Future Workforce Population Trending Down What are the real drivers influencing the trend lines? What are some of the solutions? How can we leverage the brain trust looking at these problems? UNCLASSIFIED Future STEM Graduates Trending Down
9 Phase 2. PLANS Phase 1. REQUIREMENTS Joint Exercise Life Cycle Plan Evaluate Prepare Execute Joint Mission Essential Tasks Missions/Orders/Strategy/Policy Work Roles/Standards “It is important…to assign responsibility for the JTS across all disciplines within your staff. The processes of JMETL development, of determining training objectives, and of developing the Joint Training Plan all require the skill and corporate knowledge of many people.’” Joint Training System Primer “It is important…to assign responsibility for the JTS across all disciplines within your staff. The processes of JMETL development, of determining training objectives, and of developing the Joint Training Plan all require the skill and corporate knowledge of many people.’” Joint Training System Primer *CJCSM , Joint Training Manual Phase 3. EXECUTION Phase 4. ASSESSMENT Joint Training Plan Training and Readiness Manual Joint Cyberspace Training and Certification Standards Combatant Command Tier 1 Exercises Cyber Flag, Cyber Guard, Cyber Knight Cyber Wargame Joint Training Information Management System Defense Readiness Reporting System Lesson Learned UNCLASSIFIED
10 Joint Mission Essential Tasks JMET Development – A JMET describes the essential tasks for a joint commander and includes associated conditions and measurable standards – JMETs are identified by reviewing plans and OPORDS for executing a mission – JMETs are identified using the UJTL as a common language UNCLASSIFIED An essential task is defined as one where the mission has a high probability of failure if it is not accomplished successfully.
11 1.Conduct Mission Analysis to Determine Specified & Implied Tasks 2.Select Mission Tasks from Universal Joint Task List (UJTL) 3.Determine Essential Tasks from Mission Tasks 4.Identify Responsible Organizations 5.Describe Conditions 6.Establish Standards 7.Identify Supporting, Command and Linked Tasks 8.Commander Approves JMETL UNCLASSIFIED The methodology for constructing the JMETL, when properly conducted, ensures that joint training is requirements-based, trains the force the way they intend to operate and is focused on essential tasks that accomplish theater missions.
12 JMET Identify Mission Conditions Define Objectives (Capacity and Capability) Identify Intermediate Objectives Identify Output and Standards Identify Dependencies and Constraints TTP Identify Resource Conditions Identify Processes and Metrics Identify Process Dependencies Identify cross-linkages KSA Map workrole to process Verify appropriate KSAs Identify Individual Productivity Standards and Metrics PROCESS MAP CAPACITY RESOURCES ABILITY UNCLASSIFIED
13 (U) Workforce Management (U) Needs (U) Capability (U) Capacity (U) Integration? The right number of people with the right skills, experience, and competencies in the right places at the right time. (U) Demand Analysis (U) Projected Need (U) Workforce KSAs to Meet Projected Need (U) Staffing Patterns (U) Training Pipeline Requirements (U) Projected Need (U) Strategy/Mission Analysis (U) Evolving Workforce Mission Requirements (U) Current/Projected Force Readiness (U) Workforce KSAs to Meet Projected Need (U) New/modified KSAs required; delete non- essential work roles/functions (U) Consolidation of work roles/functions (U) Staffing Patterns (U) Number of personnel required to perform evolving mission (U) Organization functional review (U) Training Pipeline Requirements (U) Required training (U) Training throughput/billets (U) Training resources UNCLASSIFIED
14 UNCLASSIFIED CND Provision: Design & Build Systems Architect Systems Developer Software Engineer IA Compliance Agent Systems Requirements Planner Defend CND Analyst CND Infrastructure Support Specialist CND Incident Responder CND Auditor CND Forensics Analyst CND Manager Cyber security Analyst/Informa tion Security Professional Operate & Maintain Systems Security Analyst Network Infrastructure Specialist Knowledge / Content Manager Server Administrator Technical Support Specialist Network Operations Manager Data Administrator Framework Categories The Framework organizes cybersecurity into seven high- level categories, each comprised of several specialty areas.
15 UNCLASSIFIED Securely Provision o Specialty areas concerned with conceptualizing, designing, and building secure IT systems. Operate and Maintain o Specialty areas responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security. Protect and Defend o Specialty area responsible for the identification, analysis and mitigation of threats to IT systems and networks. Investigate o Specialty areas responsible for the investigation of cyber events or crimes which occur within IT Systems and networks. Operate and Collect o Specialty areas responsible for the highly specialized and largely classified collection of cybersecurity information that may be used to develop intelligence. Analyze o Specialty area responsible for highly specialized and largely classified review and evaluation of incoming cybersecurity information. Support o Specialty areas that provide critical support so that others may effectively conduct their cybersecurity work.
16 Training Spectrum Joint Individual Training Assessment and Recruiting Cyber Flag Training Cyberspace Exercise Staff/Unit Certification Service Career Training IAWIPIAWIP Sustain Cyber Warrior Career Collective Training OCOOCO DCODCO DoDINOpsDoDINOps Professional and Continuing Education Service School and Qualification Training Retention and Career Feedback Process JMETs Collective Training Create Cyber Warrior UNCLASSIFIED Individual Training Gap/Refresher Training Joint Cyberspace Training and Certification Standards Certification Levels UNCLASSIFIED
17 Example of Individual Certification Additional Information Annual re-certification requirement to ensure / verify perishable skills Paper-Based and Interview / Panel Leadership Documentation and Compliance Oversight Evaluation Objective Practical Exam Subjective/Objective Review Board Subjective Review Board Subjective 12 3 Standardized, High-Stakes, Scored Knowledge Based Remediation Requirements Identified Task Based Scenario Based Tailorable Virtual / Live Persistent Training Environment UNCLASSIFIED
18 Build on individual joint training Rehearsal of concept Role familiarization Integrate and synchronize shared capability responsibilities UNCLASSIFIED OPERATING AS A TEAM
19 UNCLASSIFIED Service Hosted Training Venues for Cyberspace Operations USA Signal Center of Excellence, Fort Gordon, GA Information Assurance Training Center – FT Gordon, GA Computer Network Defense Course – FT McCoy, WI Basic Computer Network Operations Planners Course (BCNOPC) – FT Belvoir, VA USN Center for Information Dominance, Corry Station, FL Joint Network Attack Course (JNAC) Naval Postgraduate School, Monterey, CA USAF Air Force Institute of Technology, Wright-Patterson AFB, Dayton, OH Center for Cyberspace Research USMC Marine Air Ground Task Force Training Command, 29 Palms, CA Other Training Venues for Cyberspace Operations NSA/ADET College of Cryptology Center for Computer Network Operations, Cyber Security and Information Assurance Department of Defense DoD Cyber Crime Training Academy, Linthicum, MD Technology Track Responders Track Network Investigations Track Intrusions Track Forensics Track The Information Assurance Training Center, Fort Detrick, MD The Information Assurance Training Center, Lewis-McCord, WA The Information Security Center, Fort Bragg, NC Universities/Colleges University of Maryland University College Various cyber certifications and undergraduate/graduate level degrees University of Dayton Post Graduate program in Cyber Security Management University of Maryland Baltimore County Various cyber certifications and undergraduate/graduate level degrees Private Sector NG Cyber Warrior Course Security Awareness and Certification Accreditation Courses Example Cyber Training Venues
20 The integrated USCYBERCOM strategy for training includes: Individual training through the development of a cradle-to-grave training and career progression model that ensures individuals are professionally developed to assume greater roles and responsibilities to meet the demands of the command’s three Lines of Operation Collective training through the development of crew, staff, and unit level training that encompasses tactical, operational, and strategic levels of cyberspace warfare while supporting and ensuring relevant collective training events are realistic, instrumented, and agile Development of a Common Training Standards Program that develop requirements, provide guidance for individual and collective training, and track and assess the nation’s cyberspace force readiness 20 UNCLASSIFIED Summary
21 UNCLASSIFIED Questions?
22 UNCLASSIFIED Back-ups
23 Unclassified Establish interoperable cyber training standards (common, core Knowledge, Skills, & Abilities) Validate training requirements (1) Align, synchronize, improve, and evaluate the integration and interoperability of cyber forces through exercises and collective training (1) Advocate for combatant command training requirements to include DOTMLPF, materiel, and enabling capabilities (2) Examine DoD exercises, wargames, and experiments related to cyber operations to determine potential efficiencies, establish guidelines, and incorporate lessons learned. (2) Ensuring Interoperability Integrate command training requirements into DoD training and education programs (1) Certify, monitor, and assess DoD cyber training programs (1) Standardize core cyber training across DoD (1) Design and conduct strategic & national level exercises, wargames, and table top exercises (1) Enable CCDR to focus training on capability shortfalls to address current and future threats (2) Manage academic and community outreach programs to private and public institutions (3) Training & Instruction of Assigned Forces Monitor the health of the DoD cyber force (2) Identify, coordinate, maintain cyber-related JMETL/UJTL to ensure readiness (incl non-asg’d forces) (3) Develop training and evaluation activities to determine readiness (1) Monitor DRRS and provide assistance in mitigating readiness issues (2) Workforce Readiness (incl. non-assigned) Develop and maintain joint cyber doctrine and concepts (3) Ensure training and training strategies are consistent with current and emerging cyber doctrine (1) Act as lead agent for joint cyber publications as designated by Joint Staff J7 (1) Ensure Service cyber doctrine is consistent with joint doctrine (3) Promotes a common definition of “cyber force” and descriptions of cyber tasks (2) Develop Doctrine Inform the Service process of promotions (3) Identify cyber career milestones recommended for promotion (2) Identify, advocate, and develop cyber PME required for promotion (2) Advocate the investment of cyber human capital (1) Monitor Promotions, PME, etc Training / Workforce Development