(Editor’s Note: Cybersecurity and training go hand-in-hand, specifically as the military grows and develops its cybersecurity workforce and prepares the warfighter for battle. Cybersecurity expert, Jason Cuneo, senior consultant for PeopleTec, offers his insight on the importance of cybersecurity training for military and defense in this contributed piece below.)
With the continued growth of offensive cybersecurity capabilities from a nation-state perspective, there are several key considerations that Department of Defense (DoD) organizations must consider when organizing and effectively deploying a cybersecurity workforce.
From a training perspective, organizations must develop a cybersecurity training program that includes individual cybersecurity certification, skill development, and frequent hands-on organization level training exercises. To establish a standardized workforce, organizations within the DoD continue to follow guidance from Department of Defense Directive 8140 (DoDD 8140) with an objective of standardizing “cyberspace work roles, baseline qualification, and training requirements.”
Based on the management or technical requirements of a given position, organizations could identify the certifications that their personnel need to qualify for a cybersecurity position but DoDD 8140 only provides a baseline and does not provide a comprehensive cybersecurity training plan to aid in the development of technical skillsets to support operational objectives.
Personnel within a cybersecurity-focused organization must have numerous skills across a wide variety of technical fields including network architecture design and deployment, vulnerability analysis, forensics, and threat intelligence analysis, just to name a few. With this is a recognition that it is no longer enough to have expertise in a single cybersecurity domain, but to have a distributed understanding of how the fields work together, and this is where the integration of Massive Open Online Courses (MOOC) have aided in the skillset development of personnel within cybersecurity-focused organizations.
Due to the expansive nature of available MOOC’s and the wide variety of technical training courses available, it is possible to establish a comprehensive training schedule that trains personnel up to a high level of technical proficiency. Ultimately, this provides organizations with certified and trained personnel that can effectively support operational missions.
In addition to basic certification and skillset development, a cybersecurity training program should also make use of rigorous and cost-effective training exercises. To tie together certification and skillset training, organizations must develop exercises that ensure effective analysis, identification, and mitigation of organizational cybersecurity threats.
We have found that by taking operational network configurations and deploying them in either a local or cloud-based deployment, organizations can deploy real-world attacks as well as test unit “Tactics, Techniques, and Procedures” (TTPs) without affecting operational effectiveness. If a set of attacks were successful against the virtual deployment, this information could be used to harden the operational network and train personnel on how to effectively mitigate these attacks in the future.
One of the significant challenges that organizations have found is how to maintain operational effectiveness after all individual certification, skillset training, and unit level training exercises have been accomplished. Based on the significant operational turn-over that every organization experiences, it is necessary to develop a proactive methodology to rotate new personnel through the training program.
As we have seen, the development of an effective cybersecurity training program for DoD organizations requires numerous steps including onboarding new personnel through basic certification, development of technical skillsets, and frequent unit level cybersecurity exercises. The time necessary to replace qualified individuals as they move into other roles or out of the organization adds to the challenges of this process, highlighting the need for a more established cybersecurity training procedure.
In follow-on articles we will breakdown the different cybersecurity domains and specific skillsets that DoD organizations are continuing to need to make their cybersecurity force more operationally relevant.
To stay updated on following articles focused on cybersecurity training programs and other trends in military training, subscribe to our newsletter.