SlideShare une entreprise Scribd logo

Cyber Training: Developing the Next Generation of Cyber Analysts

Booz Allen Hamilton
Booz Allen Hamilton

Part of the solution involves identifying and recruiting top thinkers into the field of cybersecurity, but the more immediate challenge is ensuring that cyber professionals have access to the training and information they need to keep their cyber intelligence analysis skills relevant and effective. Due to the rapidly evolving nature of the threat, education and training must be continuous, and this document focuses on strategies and best practices for developing a cyber force that maintains America’s position as a global leader in the information age.

BusinessTechnologie
1  sur  12
Cyber Training Developing the Next Generation of Cyber Analysts Ready for what’s next.
Table of Contents The Crisis Moment .............................................................1 The Cyber Skills Gap ..........................................................1 Developing a World-Class Cyber Workforce .........................2 Emulating the Medical Model........................................2 Aligning Training with Mission Goals ..............................2 Keeping Pace in the Tech Race ......................................5 Connecting the Dots in Cyber Space..............................6 Conclusion.........................................................................8 About Booz Allen ................................................................9 Principal Offices ................................................ Back Cover
Cyber Training: Developing the Next Generation of Cyber Analysts The Crisis Moment More sophisticated, complex, and powerful than any piece of malware to date, Stuxnet is essentially a “cyber You’re a government technology leader responsible for missile” and a chilling reminder of the digital threats protecting the systems that power critical infrastructure that nations face in the information age. Our enemies across your entire jurisdiction—but you’ve never seen are less hindered by borders, cost, and availability anything like this. of weapons than at any point in our history. Previous methods of attack—like bombs or missiles—could only A piece of malware has infected a power plant that be executed by a select few. By contrast, cyber attacks delivers electricity to millions of citizens, and it’s not only require a certain amount of expertise and access to interested in stealing information or spying—it’s built a computer, and the anonymity of the cyber environment to inflict physical damage. This super worm has taken lowers the risk of retaliation. Our national security control of the plant’s automated factory control system experts used to worry about rogue individual hackers, and is now calling the shots. Service interruptions have but now they are facing threats from malware developers already begun, but you’re more worried about the safety who are supported by governments and other political of your citizens. If it’s capable of crossing the digital organizations capable of devoting significant resources divide and manipulating actual plant processes, what to the creation of more intricate cyber weaponry. else is it capable of? The bad news is that as the threat evolves, the stakes The malware has infected the plant’s IT infrastructure get higher. The world’s citizens are increasingly reliant without any action by internal personnel—nobody on IT systems to deliver essential services like energy, downloaded a rogue link. You’ve got your best communications, and healthcare. Critical infrastructure cybersecurity experts conducting analysis, but time is networks are more connected than ever before, and we running short. Do they possess the necessary cyber share vast amounts of information online. As our society skills required for an effective response? becomes more dependent on information technology, cybersecurity becomes absolutely essential, and the The Cyber Skills Gap United States needs more cybersecurity professionals It would be comforting if the example above was with the skills required to defend our citizens against hypothetical, but the description mirrors the Stuxnet these emerging threats. computer super worm that was discovered in 2010. Part of the solution involves identifying and recruiting Stuxnet marks a transformative leap in cyber warfare, top thinkers into the field of cybersecurity, but the as a weapon capable of destroying physical assets. It is more immediate challenge is ensuring that cyber known to have infected tens of thousands of computers professionals have access to the training and across the globe, seeking out targeted industrial information they need to keep their cyber intelligence systems. In November of that same year, Iran’s analysis skills relevant and effective. Due to the rapidly president confirmed that the worm halted activities evolving nature of the threat, education and training critical to the country’s uranium enrichment program.1 must be continuous, and this document focuses on 1 Ashford, Warwick, “Iran confirms Stuxnet hit uranium enrichment centrifuges.” ComputerWeekly.com, November 30, 2010, www.computerweekly.com/Articles/2010/11/30/244264/Iran-confirms- Stuxnet-hit-uranium-enrichment-centrifuges.htm (accessed 11 Feb. 2011) 1
strategies and best practices for developing a cyber enemy, and understand the cyber tactics that an enemy force that maintains America’s position as a global may employ to achieve its ends. leader in the information age. Emulating the Medical Model The medical profession can serve as a helpful guide Developing a World-Class Cyber Workforce in building a comprehensive, well-rounded cyber force. The United States must begin developing a different Medicine, like cybersecurity, is a rapidly changing, kind of cyber analyst. Current cyber training is typically complex field. Every day, new viruses are discovered, focused on the technical skills required to identify new treatments are developed, and practitioners must and respond to cyber threats. While those skills are consistently incorporate the latest thinking into patient essential, they are only effective when implemented care. The medical profession also strives to be proactive within the broader context of intelligence analysis. It’s rather than reactive, focusing research on prevention as not enough to know how to take down a network, or well as prescription. prevent an intrusion. Today’s cyber analyst must be able The world of cyber is very similar, as analysts are to “connect the dots”—anticipating where threats could constantly challenged by new technology, (e.g., potentially originate from and understanding the broader, worms), new vulnerabilities, and emerging enemies. strategic implications of a cyber response. While It’s unreasonable to expect a single cyber analyst necessary, technical skills alone are insufficient without to be trained to respond to the incredible variety of the analytical skills required to develop a holistic threat threats that exist, but at the same time, there are picture and a proactive cyber strategy. some foundational skills that all cyber pros should It really comes down to understanding what our enemies possess. The goal is a cyber force comprised of general want, and how they think. The United States needs practitioners, specialists, and emergency responders. cyber professionals capable of anticipating attacks The medical model shows that creating an effective based on the attacker’s motivation and culture. So force in a constantly evolving field requires continuous what do our enemies want? Ideas are a highly sought training. Doctors, surgeons, and nurses are required after commodity in the digital age. Some attackers to stay up to date on current treatment methods, and are attempting to steal trade secrets for economic much of this is done through rigorous qualifications, gain. Others want to gain access to national security accreditations, and certifications that have been information. Still others are looking to bring down established within the profession. The cyber community networks and halt critical infrastructure processes can achieve the same results using a similar model, but as a show of intimidation or terrorism. Defending our the challenge lies in identifying the skills analysts must country’s most critical assets requires a force of possess to ensure training initiatives align with current all-source intelligence analysts that also possess the mission goals. skills and competencies to operate within modern cyber warfare. We need professionals who can recognize why Aligning Training with Mission Goals an agency, network, or data set would be a target to an Too often, our top cyber certifications focus solely on technical competencies, and don’t incorporate the 2 Center for Strategic and International Studies, CSIS Commission on Cybersecurity for the 44th Presidency, A Human Capital Crisis in Cybersecurity, November 2010, http://csis.org/files/publication/101111_Evans_ HumanCapital_Web.pdf 2
“There are about 1,000 security people in the US who have the specialized security skills to operate effectively in cyberspace. We need 10,000 to 30,000.” – Jim Gosler, Sandia Fellow, NSA Visiting Scientist5 3
4
structured analytical training techniques that produce structured analytical techniques designed to develop cyber analysts capable of “big picture” thinking. We necessary critical thinking skills. We understand that need to reexamine the processes we use to teach our government needs a new type of cyber analyst—one cyber professionals how to think. capable of taking technical intelligence and merging it with traditional intelligence to produce a holistic threat There have been many independent attempts by picture. Booz Allen is currently guiding several federal well-meaning organizations within the government to agencies through this process—building critical thinking establish training standards, position descriptions, and skills through 23 distinct analytical techniques that certifications around cyber, but these disparate attempts incorporate immersive, active learning exercises. During lack uniformity and have led to confusion. In fact, the the process of building both technical and analytical Center for Strategic and International Studies (CSIS) general practitioner skills, we also offer specialist Commission on Cybersecurity for the 44th Presidency courses focused on developing regional expertise. found that not only is the current system inadequate, it’s Analysts use these courses to develop an understanding also dangerous.3 Organizations are spending resources of the historical, cultural, and religious influences that on training initiatives that aren’t improving analysts’ impact the way our enemies think, what they value, and abilities to address threats, and these credentials are how they might engage in cyber warfare. creating a false sense of security within the industry. In support of these efforts, Booz Allen is using its These are extremely distressing findings for the cyber Cyber University to increase the cyber talent pool community and a clear indication that analysts need for government agencies. The Cyber University has access to more effective training methods that leverage evolved into boot camps, advanced training and best practices based on current industry research. mentoring programs, and technical certifications where That’s where Booz Allen Hamilton comes in. cyber professionals can acquire new competencies. Booz Allen’s own consultants have the opportunity to For decades, Booz Allen has engaged in defining cyber learn about new tools and strategies, allowing them roles and competencies with government agencies to stay ahead of emerging cyber trends, threats, and like the Office of Personnel Management (OPM), Office innovations and to better serve clients. Our training, of the Director of National Intelligence (ODNI), and education and performance support (TEPS) community Department of Homeland Security (DHS). We know the of practice includes over 1,400 learning professionals, challenges that our cyber clients are facing, we know the providing learning and education support services competency gaps, and we know how to conduct cyber worldwide. We leverage their knowledge of the latest training that gets results. tools, technologies, and skills to meet current and future To guide organizations through the process of government mission requirements. becoming “cyber ready” we’ve developed the Cyber Keeping Pace in the Tech Race People Readiness Suite, which is a modular approach The cybersecurity landscape has changed rapidly for building a next-generation cyber workforce. Our over the past decade, and the obsolescence curve is methodology combines the latest technical training with 3 Center for Strategic and International Studies, CSIS Commission on Cybersecurity for the 44th Presidency, A Human Capital Crisis in Cybersecurity, November 2010, http://csis.org/files/publication/101111_ Evans_HumanCapital_Web.pdf 5
unrelenting. Threats have evolved through technology assurance roles within the defense industry. Today’s innovation, and cyber professionals are being challenged COTS solutions are scalable, customizable, focused on to keep pace. Security experts used to worry about cutting-edge cyber topics, and offer great value when viruses taking down systems or monitoring networks to training large teams. They are particularly effective for obtain valuable information. Now cyber analysts must developing those foundational, general practitioner prepare for the next generation of super worms like technical skills that all analysts need to have. COTS Stuxnet, capable of controlling and manipulating physical solutions work on the technical front because technical technology processes. skills are more cut and dry, and easier to test. The real challenge lies in developing highly-complex problem When new threats like Stuxnet emerge, the cyber solving abilities and threat detection techniques, community will be forced to act quickly. “Just-in-time” because the United States needs cyber analysts, not training will be replaced by “just-invented” training just technical security experts. created in response to a specific emerging threat. To go back to our medical analogy, teams of emergency Connecting the Dots in Cyber Space responders will need to be created to quickly Our clients are finding that their analysts need a richer understand these increasingly complex attacks. But, skill set. They need professionals with advanced there are still general practitioner technical skills and networking skills who can also conduct an all-source previously identified threat detection techniques in intelligence analysis. They need people capable of which all analysts will need to be proficient in. building contextual connections within highly complex Regardless of functional area, mission or title, information environments and making timely, informed competencies in network architecture, network security, decisions based on that data. They need analysts information assurance, and Web technology will serve with critical thinking skills who understand the way as foundational knowledge across cyber roles. our enemies are attacking systems and possess the Specialists in digital forensics, cloud computing, ability to write credible reports based on those findings. hacking methodology, and secure coding will also They need people capable of leading interagency continue to be in high demand. For updating, refreshing, collaboration efforts and facilitating information sharing and building these technical security skills, existing best practices. We’ve reached a tipping point within the commercial-off-the-shelf (COTS) training offerings can be cyber community—we need a different kind of analyst. extremely effective. So how do we create the twenty-first century cyber pro? The SysAdmin, Audit, Network, Security (SANS) Institute, It all starts with learning how to think, and establishing a a leading provider of information security training, culture that values analytical reasoning and the ability to certification, and research provides high quality, off-the- see things from alternative perspectives. shelf technical certification solutions that have proven It sounds so fundamental, but thinking analytically successful in the past. And for technical training, why is a skill that can be taught, learned, and improved reinvent the wheel? Some of these courses are currently with practice.4 In the world of intelligence, the key to being used to satisfy requirements within DoD Directive success is processing information as accurately as 8570, which identifies key training for information 4 Heuer Jr., Richards, J., The Psychology of Intelligence Analysis, Center for the Study of Intelligence, Pherson Associates, 1999. 6
possible in order to make informed strategic decisions. Exhibit 1 | Analytical Techniques for Improved To do this, cyber analysts must understand the science The Science of Decision-Making Analysis of analysis, while recognizing the limitations of the Group Exercises human mind.5 Between past experiences, education, Key Devil’s Advocacy Assumptions Check and cultural values, we all bring certain biases and List and review the key working Challenging a single strongly held view or mental constructs to the process of evaluating complex assumptions on which fundamental judgments rest consensus by building the best possible case for an alternative explanation problems. This becomes a challenge for intelligence Quality of analysts when these existing biases lead to premature Information Check Team A/Team B or incorrect assumptions. We tend to perceive what we Evaluates the completeness and Use of separate analytic teams that soundness of information sources expect to perceive, which can hinder our ability to get at contrast two or more strongly held views the truth. For analysts, this process is made even more Deception Detection Red Team Analysis complicated by the fact that there is often organizational Systemic use of checklists to determine Models the behavior of an individual pressure to be “consistent” with interpretations. So when deception actually may be present or group by trying to replicate how an and how to avoid being deceived adversary would think about an issue analysts are encouraged, both internally and externally, to maintain original analyses, even in the face of new evidence. We know these things about the way the Anticipate Potential Actions human mind works, and it’s important to teach Source: Booz Allen Hamilton analytical techniques that counterbalance these inherent weaknesses.6 truly understand motivation, analysts must thoroughly understand the cultures that shape enemy thinking. Unfortunately, this is where COTS offerings fall short. Analytical skills are best developed through interactive, To help build regional cyber specialists, Booz Allen has immersive training experiences. In other words, you created customized training courses that examine the can’t learn this stuff from a book. At Booz Allen, we’ve history, government, education, geography, religion, and found success in a number of group exercises and “war existing military theories that shape thinking in strategic games” that force analysts to question the fundamental regions across the globe. To understand Pakistan, basis of their interpretations. Some examples are listed analysts need more than information on Pakistan, they in Exhibit 1. need to understand the mental models, mind-sets, biases, and analytical assumptions that Pakistani The Red Team Analysis and Deception Detection citizens bring to complex global issues. An analyst can exercises bring up another key challenge that cyber only anticipate potential actions when he or she is able analysts face—understanding the motivations of our to view the world as a potential enemy does. enemies. It’s common for all people to project their own cultural values onto other societies in order to These complex analytical skills can’t be measured make sense of them. Unfortunately, in the intelligence through a multiple choice test. Critical thinking is gathering world, this can result in misperceptions and enhanced by placing analysts in real-world scenarios misunderstandings. Foreign behaviors can often appear involving rapidly changing threat data that demands a irrational through an American lens, and in order to 5,6 Heuer Jr., Richards, J., The Psychology of Intelligence Analysis, Center for the Study of Intelligence, Pherson Associates, 1999. 7
nuanced response. There are many emerging tactics All training tactics must be constantly evaluated for that have been proven to achieve significant results, effectiveness and their ability to demonstrably improve including simulations, war games, social media skills that support mission goals, but it’s clear that tools, collaboration, case study reenactments, and the cyber community must place more emphasis on board games. But, threat analysis is only one part analytical skills such as critical thinking, problem of the process. These exercises must also simulate solving, stakeholder management, and communications. the management and strategic implementation As analytical training evolves and matures, meaningful of communications strategies between relevant certifications and more relevant university degree stakeholders. Today’s cyber leaders not only have to programs must be developed to reinforce best practices. be capable of identifying threats, but also leading and orchestrating coordinated responses to cyber events. Exhibit 2 | Developing a Next Generation Cyber Analyst Our clients are looking for customized analytical training Cyber Technical IMPROVED SKILLS Training exercises that prepare cyber personnel to deal with Support Mission Goals Regional Expertise practical, current, real-world situations. Booz Allen works Training/Studies closely with agency training departments to create All Source Analytic and Critical Thinking Training exercises that prepare analysts for today’s security threats, but academia plays a strong role here, as well. University Education One example comes from the Center for Information Systems Security Studies and Research (CISR) at the TRAINING Naval Postgraduate School (NPS). NPS has developed Tactics “CyberCIEGE,”7 a cutting-edge 3D video game in which players construct a networked computing system and Source: Booz Allen Hamilton defend it against a variety of attacks. Simulations like CyberCIEGE are part of the next wave Conclusion of learning solutions in the cyber community, and the The information age has redefined the way we think emergence of social media has a role to play, as well. about warfare. In this new cyber environment, the Analysts need to communicate with other analysts that United States requires leaders that possess both the have experienced complex cyber threat situations and analytical skills of a traditional intelligence analyst, and exchange valuable intelligence on best practices. Chat the technical skills of a cybersecurity expert. Building rooms, forums, and Wikis are all tools that can rapidly a cyber force with this unique skill set will require an expand the collective knowledge base of the entire cyber evolution in training methodology, and the creation of community. There is no replacement for experience, a culture that values critical thinking. The challenge is which is why Booz Allen training consultants base great and the stakes have never been higher, so let us exercises on real-world events and map decisions to work with you to build your team of next-generation actual consequences. cyber analysts. 8
About Booz Allen Hamilton Booz Allen Hamilton has been at the forefront of Booz Allen is headquartered in McLean, Virginia, strategy and technology consulting for nearly a century. employs more than 25,000 people, and has annual Today, the firm is a major provider of professional revenues of over $5 billion. Fortune has named services primarily to US government agencies in Booz Allen one of its “100 Best Companies to Work For” the defense, intelligence, and civil sectors, as well for six consecutive years. Working Mother has ranked as to corporations, institutions, and not-for-profit the firm among its “100 Best Companies for Working organizations. Booz Allen offers clients deep Mothers” annually since 1999. More information is functional knowledge spanning strategy and available at www.boozallen.com. organization, technology, engineering and operations, To see how Booz Allen can help your cybersecurity and analytics—which it combines with specialized workforce effort, please contact one of our consultants: expertise in clients’ mission and domain areas to help solve their toughest problems. Michael Parmentier Principal The firm’s management consulting heritage is the parmentier_michael@bah.com basis for its unique collaborative culture and operating 703/984-0081 model, enabling Booz Allen to anticipate needs and opportunities, rapidly deploy talent and resources, and Lee Ann Timreck deliver enduring results. By combining a consultant’s Principal problem-solving orientation with deep technical timreck_lee_ann@bah.com knowledge and strong execution, Booz Allen helps 703/984-0096 clients achieve success in their most critical missions— Grey Burkhart as evidenced by the firm’s many client relationships that Senior Associate span decades. Booz Allen helps shape thinking and burkhart_grey@bah.com prepare for future developments in areas of national 703/377-6822 importance, including cybersecurity, homeland security, healthcare, and information technology. 9
Principal Offices ALABAMA HAWAII NEBRASKA San Antonio Huntsville Honolulu Omaha 210/244-4200 256/922-2760 808/545-6800 402/522-2800 VIRGINIA CALIFORNIA ILLINOIS NEW JERSEY Alexandria Los Angeles O’Fallon Eatontown 703/822-8920 310/297-2100 618/622-2330 732/935-5100 Arlington San Diego 703/526-2400 KANSAS NEW YORK 619/725-6500 Leavenworth Rome Chantilly San Francisco 913/682-5300 315/338-7750 703/633-3100 415/391-1900 Charlottesville MARYLAND OHIO 434/973-2722 COLORADO Aberdeen Dayton Colorado Springs 410/297-2500 937/781-2800 Falls Church 719/387-2000 703/845-3900 Annapolis Junction OKLAHOMA Denver 301/543-4400 Herndon Oklahoma City 303/694-4159 703/984-1000 Lexington Park 405/610-6523 301/862-3110 McLean FLORIDA PENNSYLVANIA 703/902-5000 Pensacola Linthicum Philadelphia 850/469-8898 410/684-6500 Norfolk 267/330-7900 757/893-6100 Sarasota Rockville 941/309-5390 301/838-3600 SOUTH CAROLINA Stafford Charleston 540/288-5000 Tampa MICHIGAN 843/529-4800 813/281-4900 Troy WASHINGTON, DC 248/680-3500 TEXAS 202/548-3061 GEORGIA Houston Atlanta 713/650-4100 404/659-3600 The most complete, recent list of offices and their addresses and telephone numbers can be found on www.boozallen.com. ©2011 Booz Allen Hamilton Inc.

Recommandé

The Vigilant Enterprise
The Vigilant EnterpriseThe Vigilant Enterprise
The Vigilant Enterprise
Booz Allen Hamilton
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
Booz Allen Hamilton
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
Booz Allen Hamilton
 
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Booz Allen Hamilton
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
CMR WORLD TECH
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
at MicroFocus Italy ❖✔
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
Svetlana Belyaeva
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sd
Susan Darby
 

Recommandé

The Vigilant Enterprise
The Vigilant EnterpriseThe Vigilant Enterprise
The Vigilant Enterprise
Booz Allen Hamilton
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
Booz Allen Hamilton
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
Booz Allen Hamilton
 
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Booz Allen Hamilton
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
CMR WORLD TECH
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
at MicroFocus Italy ❖✔
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
Svetlana Belyaeva
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sd
Susan Darby
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_final
Jerome Chapolard
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_final
CMR WORLD TECH
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
Intronis MSP Solutions by Barracuda
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
Christopher Bennett
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
Shallu Behar-Sheehan FCIM
 
Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010
thaiantivirus
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
Frederic Roy-Gobeil, CPA, CGA, M.Tax.
 
CISO Survey Report 2010
CISO Survey Report 2010CISO Survey Report 2010
CISO Survey Report 2010
Scientia Groups
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
Symantec
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
Ulf Mattsson
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
Santiago Cavanna
 
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Troy Marshall
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint Security
Mighty Guides, Inc.
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity Predictions
Matthew Rosenquist
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
Jonny Nässlander
 
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Mighty Guides, Inc.
 
Icit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-deadIcit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-dead
Rocco Magnotta
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's Enterprise
ReadWrite
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
IJNSA Journal
 
Sais.34.1
Sais.34.1Sais.34.1
Sais.34.1
Booz Allen Hamilton
 
The Business of Change
The Business of ChangeThe Business of Change
The Business of Change
Booz Allen Hamilton
 

Contenu connexe

Tendances

Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_final
Jerome Chapolard
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
Christopher Bennett
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
Shallu Behar-Sheehan FCIM
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
Frederic Roy-Gobeil, CPA, CGA, M.Tax.
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
IJNSA Journal
 

Tendances (20)

Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_final
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_final
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
 
Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
 
CISO Survey Report 2010
CISO Survey Report 2010CISO Survey Report 2010
CISO Survey Report 2010
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint Security
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity Predictions
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
 
Icit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-deadIcit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-dead
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's Enterprise
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
 

En vedette

En vedette (20)

Sais.34.1
Sais.34.1Sais.34.1
Sais.34.1
 
The Business of Change
The Business of ChangeThe Business of Change
The Business of Change
 
When Disaster Strikes
When Disaster StrikesWhen Disaster Strikes
When Disaster Strikes
 
Polaris Product Fact Sheet
Polaris Product Fact SheetPolaris Product Fact Sheet
Polaris Product Fact Sheet
 
Government 2.0: Cutting-Edge Solutions For Communication, Collaboration, Serv...
Government 2.0: Cutting-Edge Solutions For Communication, Collaboration, Serv...Government 2.0: Cutting-Edge Solutions For Communication, Collaboration, Serv...
Government 2.0: Cutting-Edge Solutions For Communication, Collaboration, Serv...
 
The Next Gen Program Analysis Infographic
The Next Gen Program Analysis InfographicThe Next Gen Program Analysis Infographic
The Next Gen Program Analysis Infographic
 
RightIT™ Maximizing Government IT Efficiency
RightIT™ Maximizing Government IT EfficiencyRightIT™ Maximizing Government IT Efficiency
RightIT™ Maximizing Government IT Efficiency
 
Mitigating Our Nation’s Risks – Calling Upon the Whole Community
Mitigating Our Nation’s Risks – Calling Upon the Whole CommunityMitigating Our Nation’s Risks – Calling Upon the Whole Community
Mitigating Our Nation’s Risks – Calling Upon the Whole Community
 
Methodology for Platform Modernization
Methodology for Platform ModernizationMethodology for Platform Modernization
Methodology for Platform Modernization
 
IP Theft
IP TheftIP Theft
IP Theft
 
Mission Readiness
Mission ReadinessMission Readiness
Mission Readiness
 
Cloud Brokering Brochure
Cloud Brokering BrochureCloud Brokering Brochure
Cloud Brokering Brochure
 
Reform Infographic
Reform InfographicReform Infographic
Reform Infographic
 
Enabling Cloud Analytics with Data-Level Security
Enabling Cloud Analytics with Data-Level SecurityEnabling Cloud Analytics with Data-Level Security
Enabling Cloud Analytics with Data-Level Security
 
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
 
Booz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year TimelineBooz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year Timeline
 
Bah risk-ecosystem-survey[1]
Bah risk-ecosystem-survey[1]Bah risk-ecosystem-survey[1]
Bah risk-ecosystem-survey[1]
 
Information Security Governance
Information Security GovernanceInformation Security Governance
Information Security Governance
 
Digital Forensics: Digital Evidence That Endures
Digital Forensics: Digital Evidence That EnduresDigital Forensics: Digital Evidence That Endures
Digital Forensics: Digital Evidence That Endures
 
Strategic Information Management Through Data Classification
Strategic Information Management Through Data ClassificationStrategic Information Management Through Data Classification
Strategic Information Management Through Data Classification
 

Similaire à Cyber Training: Developing the Next Generation of Cyber Analysts

Enterprise Immune System
Enterprise Immune SystemEnterprise Immune System
Enterprise Immune System
Austin Eppstein
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
karenahmanny4c
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
croysierkathey
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
Austin Eppstein
 
Cybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatCybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global Threat
NTT Innovation Institute Inc.
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 

Similaire à Cyber Training: Developing the Next Generation of Cyber Analysts (20)

Dhs cybersecurity-roadmap
Dhs cybersecurity-roadmapDhs cybersecurity-roadmap
Dhs cybersecurity-roadmap
 
Enterprise Immune System
Enterprise Immune SystemEnterprise Immune System
Enterprise Immune System
 
Insa cyber intelligence_2011-1
Insa cyber intelligence_2011-1Insa cyber intelligence_2011-1
Insa cyber intelligence_2011-1
 
Insa cyber intelligence 2011
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011
 
The Evolution of Cyber Threats: Past, Present, and Future Trends
The Evolution of Cyber Threats: Past, Present, and Future TrendsThe Evolution of Cyber Threats: Past, Present, and Future Trends
The Evolution of Cyber Threats: Past, Present, and Future Trends
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESS
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Crowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber SpeedCrowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber Speed
 
Narus Cyber 3.0 Position Paper
Narus Cyber 3.0 Position PaperNarus Cyber 3.0 Position Paper
Narus Cyber 3.0 Position Paper
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
 
Cybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatCybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global Threat
 
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
Manifesto_final
Manifesto_finalManifesto_final
Manifesto_final
 
Iurii Garasym. The future crimes and predestination of cyber security. Though...
Iurii Garasym. The future crimes and predestination of cyber security. Though...Iurii Garasym. The future crimes and predestination of cyber security. Though...
Iurii Garasym. The future crimes and predestination of cyber security. Though...
 
188
188188
188
 

Plus de Booz Allen Hamilton

You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest ChallengesYou Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
Booz Allen Hamilton
 

Plus de Booz Allen Hamilton (20)

You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest ChallengesYou Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
 
Examining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working MomsExamining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working Moms
 
The True Cost of Childcare
The True Cost of ChildcareThe True Cost of Childcare
The True Cost of Childcare
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of Directors
 
Inaugural Addresses
Inaugural AddressesInaugural Addresses
Inaugural Addresses
 
Military Spouse Career Roadmap
Military Spouse Career Roadmap Military Spouse Career Roadmap
Military Spouse Career Roadmap
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and Tomorrow
 
Preparing for New Healthcare Payment Models
Preparing for New Healthcare Payment ModelsPreparing for New Healthcare Payment Models
Preparing for New Healthcare Payment Models
 
The Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile CoachingThe Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile Coaching
 
Immersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is HereImmersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is Here
 
Nuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving PerformanceNuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving Performance
 
Frenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join ForcesFrenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join Forces
 
Booz Allen Secure Agile Development
Booz Allen Secure Agile DevelopmentBooz Allen Secure Agile Development
Booz Allen Secure Agile Development
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat Briefing
 
Booz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey ReportBooz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey Report
 
CITRIX IN AMAZON WEB SERVICES
CITRIX IN AMAZON WEB SERVICESCITRIX IN AMAZON WEB SERVICES
CITRIX IN AMAZON WEB SERVICES
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military Networks
 
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
 
Women On The Leading Edge
Women On The Leading Edge Women On The Leading Edge
Women On The Leading Edge
 
Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science
 

Dernier

The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
lizamodels9
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
amitlee9823
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
Matteo Carbone
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
dollysharma2066
 

Dernier (20)

Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Phases of negotiation .pptx
Phases of negotiation .pptx Phases of negotiation .pptx
Phases of negotiation .pptx
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 

Cyber Training: Developing the Next Generation of Cyber Analysts

  • 1. Cyber Training Developing the Next Generation of Cyber Analysts Ready for what’s next.
  • 2. Table of Contents The Crisis Moment .............................................................1 The Cyber Skills Gap ..........................................................1 Developing a World-Class Cyber Workforce .........................2 Emulating the Medical Model........................................2 Aligning Training with Mission Goals ..............................2 Keeping Pace in the Tech Race ......................................5 Connecting the Dots in Cyber Space..............................6 Conclusion.........................................................................8 About Booz Allen ................................................................9 Principal Offices ................................................ Back Cover
  • 3. Cyber Training: Developing the Next Generation of Cyber Analysts The Crisis Moment More sophisticated, complex, and powerful than any piece of malware to date, Stuxnet is essentially a “cyber You’re a government technology leader responsible for missile” and a chilling reminder of the digital threats protecting the systems that power critical infrastructure that nations face in the information age. Our enemies across your entire jurisdiction—but you’ve never seen are less hindered by borders, cost, and availability anything like this. of weapons than at any point in our history. Previous methods of attack—like bombs or missiles—could only A piece of malware has infected a power plant that be executed by a select few. By contrast, cyber attacks delivers electricity to millions of citizens, and it’s not only require a certain amount of expertise and access to interested in stealing information or spying—it’s built a computer, and the anonymity of the cyber environment to inflict physical damage. This super worm has taken lowers the risk of retaliation. Our national security control of the plant’s automated factory control system experts used to worry about rogue individual hackers, and is now calling the shots. Service interruptions have but now they are facing threats from malware developers already begun, but you’re more worried about the safety who are supported by governments and other political of your citizens. If it’s capable of crossing the digital organizations capable of devoting significant resources divide and manipulating actual plant processes, what to the creation of more intricate cyber weaponry. else is it capable of? The bad news is that as the threat evolves, the stakes The malware has infected the plant’s IT infrastructure get higher. The world’s citizens are increasingly reliant without any action by internal personnel—nobody on IT systems to deliver essential services like energy, downloaded a rogue link. You’ve got your best communications, and healthcare. Critical infrastructure cybersecurity experts conducting analysis, but time is networks are more connected than ever before, and we running short. Do they possess the necessary cyber share vast amounts of information online. As our society skills required for an effective response? becomes more dependent on information technology, cybersecurity becomes absolutely essential, and the The Cyber Skills Gap United States needs more cybersecurity professionals It would be comforting if the example above was with the skills required to defend our citizens against hypothetical, but the description mirrors the Stuxnet these emerging threats. computer super worm that was discovered in 2010. Part of the solution involves identifying and recruiting Stuxnet marks a transformative leap in cyber warfare, top thinkers into the field of cybersecurity, but the as a weapon capable of destroying physical assets. It is more immediate challenge is ensuring that cyber known to have infected tens of thousands of computers professionals have access to the training and across the globe, seeking out targeted industrial information they need to keep their cyber intelligence systems. In November of that same year, Iran’s analysis skills relevant and effective. Due to the rapidly president confirmed that the worm halted activities evolving nature of the threat, education and training critical to the country’s uranium enrichment program.1 must be continuous, and this document focuses on 1 Ashford, Warwick, “Iran confirms Stuxnet hit uranium enrichment centrifuges.” ComputerWeekly.com, November 30, 2010, www.computerweekly.com/Articles/2010/11/30/244264/Iran-confirms- Stuxnet-hit-uranium-enrichment-centrifuges.htm (accessed 11 Feb. 2011) 1
  • 4. strategies and best practices for developing a cyber enemy, and understand the cyber tactics that an enemy force that maintains America’s position as a global may employ to achieve its ends. leader in the information age. Emulating the Medical Model The medical profession can serve as a helpful guide Developing a World-Class Cyber Workforce in building a comprehensive, well-rounded cyber force. The United States must begin developing a different Medicine, like cybersecurity, is a rapidly changing, kind of cyber analyst. Current cyber training is typically complex field. Every day, new viruses are discovered, focused on the technical skills required to identify new treatments are developed, and practitioners must and respond to cyber threats. While those skills are consistently incorporate the latest thinking into patient essential, they are only effective when implemented care. The medical profession also strives to be proactive within the broader context of intelligence analysis. It’s rather than reactive, focusing research on prevention as not enough to know how to take down a network, or well as prescription. prevent an intrusion. Today’s cyber analyst must be able The world of cyber is very similar, as analysts are to “connect the dots”—anticipating where threats could constantly challenged by new technology, (e.g., potentially originate from and understanding the broader, worms), new vulnerabilities, and emerging enemies. strategic implications of a cyber response. While It’s unreasonable to expect a single cyber analyst necessary, technical skills alone are insufficient without to be trained to respond to the incredible variety of the analytical skills required to develop a holistic threat threats that exist, but at the same time, there are picture and a proactive cyber strategy. some foundational skills that all cyber pros should It really comes down to understanding what our enemies possess. The goal is a cyber force comprised of general want, and how they think. The United States needs practitioners, specialists, and emergency responders. cyber professionals capable of anticipating attacks The medical model shows that creating an effective based on the attacker’s motivation and culture. So force in a constantly evolving field requires continuous what do our enemies want? Ideas are a highly sought training. Doctors, surgeons, and nurses are required after commodity in the digital age. Some attackers to stay up to date on current treatment methods, and are attempting to steal trade secrets for economic much of this is done through rigorous qualifications, gain. Others want to gain access to national security accreditations, and certifications that have been information. Still others are looking to bring down established within the profession. The cyber community networks and halt critical infrastructure processes can achieve the same results using a similar model, but as a show of intimidation or terrorism. Defending our the challenge lies in identifying the skills analysts must country’s most critical assets requires a force of possess to ensure training initiatives align with current all-source intelligence analysts that also possess the mission goals. skills and competencies to operate within modern cyber warfare. We need professionals who can recognize why Aligning Training with Mission Goals an agency, network, or data set would be a target to an Too often, our top cyber certifications focus solely on technical competencies, and don’t incorporate the 2 Center for Strategic and International Studies, CSIS Commission on Cybersecurity for the 44th Presidency, A Human Capital Crisis in Cybersecurity, November 2010, http://csis.org/files/publication/101111_Evans_ HumanCapital_Web.pdf 2
  • 5. “There are about 1,000 security people in the US who have the specialized security skills to operate effectively in cyberspace. We need 10,000 to 30,000.” – Jim Gosler, Sandia Fellow, NSA Visiting Scientist5 3
  • 6. 4
  • 7. structured analytical training techniques that produce structured analytical techniques designed to develop cyber analysts capable of “big picture” thinking. We necessary critical thinking skills. We understand that need to reexamine the processes we use to teach our government needs a new type of cyber analyst—one cyber professionals how to think. capable of taking technical intelligence and merging it with traditional intelligence to produce a holistic threat There have been many independent attempts by picture. Booz Allen is currently guiding several federal well-meaning organizations within the government to agencies through this process—building critical thinking establish training standards, position descriptions, and skills through 23 distinct analytical techniques that certifications around cyber, but these disparate attempts incorporate immersive, active learning exercises. During lack uniformity and have led to confusion. In fact, the the process of building both technical and analytical Center for Strategic and International Studies (CSIS) general practitioner skills, we also offer specialist Commission on Cybersecurity for the 44th Presidency courses focused on developing regional expertise. found that not only is the current system inadequate, it’s Analysts use these courses to develop an understanding also dangerous.3 Organizations are spending resources of the historical, cultural, and religious influences that on training initiatives that aren’t improving analysts’ impact the way our enemies think, what they value, and abilities to address threats, and these credentials are how they might engage in cyber warfare. creating a false sense of security within the industry. In support of these efforts, Booz Allen is using its These are extremely distressing findings for the cyber Cyber University to increase the cyber talent pool community and a clear indication that analysts need for government agencies. The Cyber University has access to more effective training methods that leverage evolved into boot camps, advanced training and best practices based on current industry research. mentoring programs, and technical certifications where That’s where Booz Allen Hamilton comes in. cyber professionals can acquire new competencies. Booz Allen’s own consultants have the opportunity to For decades, Booz Allen has engaged in defining cyber learn about new tools and strategies, allowing them roles and competencies with government agencies to stay ahead of emerging cyber trends, threats, and like the Office of Personnel Management (OPM), Office innovations and to better serve clients. Our training, of the Director of National Intelligence (ODNI), and education and performance support (TEPS) community Department of Homeland Security (DHS). We know the of practice includes over 1,400 learning professionals, challenges that our cyber clients are facing, we know the providing learning and education support services competency gaps, and we know how to conduct cyber worldwide. We leverage their knowledge of the latest training that gets results. tools, technologies, and skills to meet current and future To guide organizations through the process of government mission requirements. becoming “cyber ready” we’ve developed the Cyber Keeping Pace in the Tech Race People Readiness Suite, which is a modular approach The cybersecurity landscape has changed rapidly for building a next-generation cyber workforce. Our over the past decade, and the obsolescence curve is methodology combines the latest technical training with 3 Center for Strategic and International Studies, CSIS Commission on Cybersecurity for the 44th Presidency, A Human Capital Crisis in Cybersecurity, November 2010, http://csis.org/files/publication/101111_ Evans_HumanCapital_Web.pdf 5
  • 8. unrelenting. Threats have evolved through technology assurance roles within the defense industry. Today’s innovation, and cyber professionals are being challenged COTS solutions are scalable, customizable, focused on to keep pace. Security experts used to worry about cutting-edge cyber topics, and offer great value when viruses taking down systems or monitoring networks to training large teams. They are particularly effective for obtain valuable information. Now cyber analysts must developing those foundational, general practitioner prepare for the next generation of super worms like technical skills that all analysts need to have. COTS Stuxnet, capable of controlling and manipulating physical solutions work on the technical front because technical technology processes. skills are more cut and dry, and easier to test. The real challenge lies in developing highly-complex problem When new threats like Stuxnet emerge, the cyber solving abilities and threat detection techniques, community will be forced to act quickly. “Just-in-time” because the United States needs cyber analysts, not training will be replaced by “just-invented” training just technical security experts. created in response to a specific emerging threat. To go back to our medical analogy, teams of emergency Connecting the Dots in Cyber Space responders will need to be created to quickly Our clients are finding that their analysts need a richer understand these increasingly complex attacks. But, skill set. They need professionals with advanced there are still general practitioner technical skills and networking skills who can also conduct an all-source previously identified threat detection techniques in intelligence analysis. They need people capable of which all analysts will need to be proficient in. building contextual connections within highly complex Regardless of functional area, mission or title, information environments and making timely, informed competencies in network architecture, network security, decisions based on that data. They need analysts information assurance, and Web technology will serve with critical thinking skills who understand the way as foundational knowledge across cyber roles. our enemies are attacking systems and possess the Specialists in digital forensics, cloud computing, ability to write credible reports based on those findings. hacking methodology, and secure coding will also They need people capable of leading interagency continue to be in high demand. For updating, refreshing, collaboration efforts and facilitating information sharing and building these technical security skills, existing best practices. We’ve reached a tipping point within the commercial-off-the-shelf (COTS) training offerings can be cyber community—we need a different kind of analyst. extremely effective. So how do we create the twenty-first century cyber pro? The SysAdmin, Audit, Network, Security (SANS) Institute, It all starts with learning how to think, and establishing a a leading provider of information security training, culture that values analytical reasoning and the ability to certification, and research provides high quality, off-the- see things from alternative perspectives. shelf technical certification solutions that have proven It sounds so fundamental, but thinking analytically successful in the past. And for technical training, why is a skill that can be taught, learned, and improved reinvent the wheel? Some of these courses are currently with practice.4 In the world of intelligence, the key to being used to satisfy requirements within DoD Directive success is processing information as accurately as 8570, which identifies key training for information 4 Heuer Jr., Richards, J., The Psychology of Intelligence Analysis, Center for the Study of Intelligence, Pherson Associates, 1999. 6
  • 9. possible in order to make informed strategic decisions. Exhibit 1 | Analytical Techniques for Improved To do this, cyber analysts must understand the science The Science of Decision-Making Analysis of analysis, while recognizing the limitations of the Group Exercises human mind.5 Between past experiences, education, Key Devil’s Advocacy Assumptions Check and cultural values, we all bring certain biases and List and review the key working Challenging a single strongly held view or mental constructs to the process of evaluating complex assumptions on which fundamental judgments rest consensus by building the best possible case for an alternative explanation problems. This becomes a challenge for intelligence Quality of analysts when these existing biases lead to premature Information Check Team A/Team B or incorrect assumptions. We tend to perceive what we Evaluates the completeness and Use of separate analytic teams that soundness of information sources expect to perceive, which can hinder our ability to get at contrast two or more strongly held views the truth. For analysts, this process is made even more Deception Detection Red Team Analysis complicated by the fact that there is often organizational Systemic use of checklists to determine Models the behavior of an individual pressure to be “consistent” with interpretations. So when deception actually may be present or group by trying to replicate how an and how to avoid being deceived adversary would think about an issue analysts are encouraged, both internally and externally, to maintain original analyses, even in the face of new evidence. We know these things about the way the Anticipate Potential Actions human mind works, and it’s important to teach Source: Booz Allen Hamilton analytical techniques that counterbalance these inherent weaknesses.6 truly understand motivation, analysts must thoroughly understand the cultures that shape enemy thinking. Unfortunately, this is where COTS offerings fall short. Analytical skills are best developed through interactive, To help build regional cyber specialists, Booz Allen has immersive training experiences. In other words, you created customized training courses that examine the can’t learn this stuff from a book. At Booz Allen, we’ve history, government, education, geography, religion, and found success in a number of group exercises and “war existing military theories that shape thinking in strategic games” that force analysts to question the fundamental regions across the globe. To understand Pakistan, basis of their interpretations. Some examples are listed analysts need more than information on Pakistan, they in Exhibit 1. need to understand the mental models, mind-sets, biases, and analytical assumptions that Pakistani The Red Team Analysis and Deception Detection citizens bring to complex global issues. An analyst can exercises bring up another key challenge that cyber only anticipate potential actions when he or she is able analysts face—understanding the motivations of our to view the world as a potential enemy does. enemies. It’s common for all people to project their own cultural values onto other societies in order to These complex analytical skills can’t be measured make sense of them. Unfortunately, in the intelligence through a multiple choice test. Critical thinking is gathering world, this can result in misperceptions and enhanced by placing analysts in real-world scenarios misunderstandings. Foreign behaviors can often appear involving rapidly changing threat data that demands a irrational through an American lens, and in order to 5,6 Heuer Jr., Richards, J., The Psychology of Intelligence Analysis, Center for the Study of Intelligence, Pherson Associates, 1999. 7
  • 10. nuanced response. There are many emerging tactics All training tactics must be constantly evaluated for that have been proven to achieve significant results, effectiveness and their ability to demonstrably improve including simulations, war games, social media skills that support mission goals, but it’s clear that tools, collaboration, case study reenactments, and the cyber community must place more emphasis on board games. But, threat analysis is only one part analytical skills such as critical thinking, problem of the process. These exercises must also simulate solving, stakeholder management, and communications. the management and strategic implementation As analytical training evolves and matures, meaningful of communications strategies between relevant certifications and more relevant university degree stakeholders. Today’s cyber leaders not only have to programs must be developed to reinforce best practices. be capable of identifying threats, but also leading and orchestrating coordinated responses to cyber events. Exhibit 2 | Developing a Next Generation Cyber Analyst Our clients are looking for customized analytical training Cyber Technical IMPROVED SKILLS Training exercises that prepare cyber personnel to deal with Support Mission Goals Regional Expertise practical, current, real-world situations. Booz Allen works Training/Studies closely with agency training departments to create All Source Analytic and Critical Thinking Training exercises that prepare analysts for today’s security threats, but academia plays a strong role here, as well. University Education One example comes from the Center for Information Systems Security Studies and Research (CISR) at the TRAINING Naval Postgraduate School (NPS). NPS has developed Tactics “CyberCIEGE,”7 a cutting-edge 3D video game in which players construct a networked computing system and Source: Booz Allen Hamilton defend it against a variety of attacks. Simulations like CyberCIEGE are part of the next wave Conclusion of learning solutions in the cyber community, and the The information age has redefined the way we think emergence of social media has a role to play, as well. about warfare. In this new cyber environment, the Analysts need to communicate with other analysts that United States requires leaders that possess both the have experienced complex cyber threat situations and analytical skills of a traditional intelligence analyst, and exchange valuable intelligence on best practices. Chat the technical skills of a cybersecurity expert. Building rooms, forums, and Wikis are all tools that can rapidly a cyber force with this unique skill set will require an expand the collective knowledge base of the entire cyber evolution in training methodology, and the creation of community. There is no replacement for experience, a culture that values critical thinking. The challenge is which is why Booz Allen training consultants base great and the stakes have never been higher, so let us exercises on real-world events and map decisions to work with you to build your team of next-generation actual consequences. cyber analysts. 8
  • 11. About Booz Allen Hamilton Booz Allen Hamilton has been at the forefront of Booz Allen is headquartered in McLean, Virginia, strategy and technology consulting for nearly a century. employs more than 25,000 people, and has annual Today, the firm is a major provider of professional revenues of over $5 billion. Fortune has named services primarily to US government agencies in Booz Allen one of its “100 Best Companies to Work For” the defense, intelligence, and civil sectors, as well for six consecutive years. Working Mother has ranked as to corporations, institutions, and not-for-profit the firm among its “100 Best Companies for Working organizations. Booz Allen offers clients deep Mothers” annually since 1999. More information is functional knowledge spanning strategy and available at www.boozallen.com. organization, technology, engineering and operations, To see how Booz Allen can help your cybersecurity and analytics—which it combines with specialized workforce effort, please contact one of our consultants: expertise in clients’ mission and domain areas to help solve their toughest problems. Michael Parmentier Principal The firm’s management consulting heritage is the parmentier_michael@bah.com basis for its unique collaborative culture and operating 703/984-0081 model, enabling Booz Allen to anticipate needs and opportunities, rapidly deploy talent and resources, and Lee Ann Timreck deliver enduring results. By combining a consultant’s Principal problem-solving orientation with deep technical timreck_lee_ann@bah.com knowledge and strong execution, Booz Allen helps 703/984-0096 clients achieve success in their most critical missions— Grey Burkhart as evidenced by the firm’s many client relationships that Senior Associate span decades. Booz Allen helps shape thinking and burkhart_grey@bah.com prepare for future developments in areas of national 703/377-6822 importance, including cybersecurity, homeland security, healthcare, and information technology. 9
  • 12. Principal Offices ALABAMA HAWAII NEBRASKA San Antonio Huntsville Honolulu Omaha 210/244-4200 256/922-2760 808/545-6800 402/522-2800 VIRGINIA CALIFORNIA ILLINOIS NEW JERSEY Alexandria Los Angeles O’Fallon Eatontown 703/822-8920 310/297-2100 618/622-2330 732/935-5100 Arlington San Diego 703/526-2400 KANSAS NEW YORK 619/725-6500 Leavenworth Rome Chantilly San Francisco 913/682-5300 315/338-7750 703/633-3100 415/391-1900 Charlottesville MARYLAND OHIO 434/973-2722 COLORADO Aberdeen Dayton Colorado Springs 410/297-2500 937/781-2800 Falls Church 719/387-2000 703/845-3900 Annapolis Junction OKLAHOMA Denver 301/543-4400 Herndon Oklahoma City 303/694-4159 703/984-1000 Lexington Park 405/610-6523 301/862-3110 McLean FLORIDA PENNSYLVANIA 703/902-5000 Pensacola Linthicum Philadelphia 850/469-8898 410/684-6500 Norfolk 267/330-7900 757/893-6100 Sarasota Rockville 941/309-5390 301/838-3600 SOUTH CAROLINA Stafford Charleston 540/288-5000 Tampa MICHIGAN 843/529-4800 813/281-4900 Troy WASHINGTON, DC 248/680-3500 TEXAS 202/548-3061 GEORGIA Houston Atlanta 713/650-4100 404/659-3600 The most complete, recent list of offices and their addresses and telephone numbers can be found on www.boozallen.com. ©2011 Booz Allen Hamilton Inc.