tailored cybersecurity training in lvc environments
play

Tailored Cybersecurity Training in LVC Environments Presented by - PowerPoint PPT Presentation

May 12, 2023 •276 likes •466 views

Tailored Cybersecurity Training in LVC Environments Presented by Jeremiah Folsom-Kovarik, Ph.D. On behalf of the co-authors: Denise Nicholson, Ph.D., Lauren Massey, Ryan OGrady and Eric Ortiz 5 November 2018 Outline What are trying

  1. Tailored Cybersecurity Training in LVC Environments Presented by Jeremiah Folsom-Kovarik, Ph.D. On behalf of the co-authors: Denise Nicholson, Ph.D., Lauren Massey, Ryan O’Grady and Eric Ortiz 5 November 2018

  2. Outline • What are trying to do: – Address the cybersecurity workforce need • Stakeholders: – Homeland security, industry, academia, and government • What is done today: – National Initiative for Cybersecurity Careers and Studies (NICCS) Framework • What is new: – Training Learning Architecture in conjunction with LVC learning experiences • Use Case Virginia Beach, Virginia • April 26-28, 2016 2

  3. National Initiative for Cybersecurity Careers and Studies (NICCS) • Shortage in cyber security workforce • Aid in pinpointing what current and future professionals need to know for a career in the cyber workforce • Missing link Potential Cyber Workforce 3 Virginia Beach, Virginia • April 26-28, 2016

  4. Development of a Personalized Assistant for Learning (PAL) • Advance Distributed Learning (ADL) initiative • Provides life-long, relevant, tailored, timely access to learning content and performance aids • PAL accomplished through usage a Training Learning Architecture (TLA) Virginia Beach, Virginia • April 26-28, 2016 4

  5. Training and Learning Architecture (TLA) • Learner Profiles – Basic information regarding the user • Content Brokering – Decision making on what type of content the user needs to cover to accomplish their unique goal • Experience Tracking – Learner profiles updated as learner progresses in competency • Competency Network – Library of course content to be pulled by content brokering as needed 5 Virginia Beach, Virginia • April 26-28, 2016

  6. Use Case: Usage of PAL NICCS Framework • User – Advancement of career – Interest in Computer Network Defense • Knowledge, Skills, and Abilities (KSAs) 1. Knowledge of and experience in Insider Threats 2. Knowledge of common adversary tactics, techniques, and procedures 3. Knowledge of Computer Network Defense and vulnerability assessment tools • The needed KSAs are linked to PAL and the TLA would manage, track, and Potential Cyber Workforce monitor their progression thru a selection of learning experiences Virginia Beach, Virginia • April 26-28, 2016 6

  7. Example Learning Path KSA #3 - Computer Network Defense & Assessment Tools KSA #2 - Adversary Tactics, Techniques, & Procedures KSA #1 - Insider Threat NICCS Framework Virginia Beach, Virginia • April 26-28, 2016 7

  8. KSA #1: Knowledge of and experience in Insider Threat • Insider Threat – Individuals that have the ability to or at one time had permissions to access an organization’s data and network structures – Insider advantages: • Knowing where critical data exists • Ability to access restricted areas Virginia Beach, Virginia • April 26-28, 2016 8

  9. Suggested Activity - LVC for Insider Threat • Serious games environment offer an interactive training method to engage participants • Allows for high level of engagement that can present logically control, difficult, dangerous, or complicated situations in practical and safe environments Virginia Beach, Virginia • April 26-28, 2016 9

  10. KSA #2: Familiarization with Common Adversary Tactics, Techniques, and Procedures Suggested Activity: • Cyber Security Environment (CYSTINE) – Training system to create a dynamic training scenario that responds to the training skill of the trainee – Cyber defender cognitive agents, Soar agents, provide dynamic, cognitively realistic adversaries • Defenders that offer active opposition to the student – The simulation – based training system adapts and learns with the students without placing an unreasonable burden on instructors Virginia Beach, Virginia • April 26-28, 2016 10

  11. CYSTINE Architecture Virginia Beach, Virginia • April 26-28, 2016 11

  12. KSA #3: Knowledge of Computer Network Defense and Vulnerability Assessment Tools in a Live Simulation Exercise • Although knowledge of computer network defense system can be provided through traditional methods , there is a lack of real world dynamics – Traditional methods: classroom training with static vulnerabilities • Current cyber simulations and tools lack the element of active opposition – Trains cyber operators to behave as though opponents do not have a tangible existence or do not have higher level goals Virginia Beach, Virginia • April 26-28, 2016 12

  13. Activity: Red on Blue Cyber Exercises • The military academies participate in a yearly competition to attack and defend their systems in a four day competition. • Issues: • The exercise is a large scale competition with highly trained cadets which makes reproduction on a smaller scale difficult • An opportunity to replicate such • Not feasible for emerging environments for emerging cyber professionals to receive this professionals with a training against scale of training because of dynamic, automated adversaries lack of readily available trained personnel 13 Virginia Beach, Virginia • April 26-28, 2016

  14. SC2RAM - Cognitive Agent in Cyber Defense Training • The cognitive simulation provides: – Adaptive, goal – oriented aggressors/defenders – Ability to learn and adjust strategies and tactics at the cognitive time scale – Real – time, cognitive scale situation understanding and decision making • Cognitive simulation can be used to substitute human counterparts. • This allows training exercises like the CDX to be implemented on a scale that adaptable to the emerging professionals. Virginia Beach, Virginia • April 26-28, 2016 14

  15. Example Learning Path KSA #3 - Computer Network Defense & Assessment Tools KSA #2 - Adversary Tactics, Techniques, & Procedures KSA #1 - Insider Threat NICCS Framework Virginia Beach, Virginia • April 26-28, 2016 15

  16. Next Steps NICCS Framework • Implementation of the TLA and development of LVC activity learning experiences • Exploration of making LVC Cyber Learning Activities TLA compatible • Iterative future testing and experimentation Potential Cyber Workforce 16 Virginia Beach, Virginia • April 26-28, 2016

  17. QUESTIONS and DISCUSSION • For more information Denise Nicholson, Ph.D. denise.nicholson@soartech.com • Acknowledgement This material is based upon work supported by the Advanced Distributed Learning (ADL) Initiative under Contract No. W911QY-16-C-0019. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Advanced Distributed Learning (ADL) Initiative. 17 Virginia Beach, Virginia • April 26-28, 2016

Recommend

Automated Scenario Generation Toward Tailored and Optimized Military Training in Virtual

Automated Scenario Generation Toward Tailored and Optimized Military Training in Virtual

Entertainment Intelligence Lab Automated Scenario Generation Toward Tailored and Optimized Military Training in Virtual Environments Alex Zook Stephen Lee-Urban, Mark Riedl, Heather Holden, Robert Sottilare, Keith Brawner Scenario-based

399 views • 23 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
REGULATION UPDATE The Wheel | Tailored Training MAIREAD OCONNOR Training & Advice

REGULATION UPDATE The Wheel | Tailored Training MAIREAD OCONNOR Training & Advice

The Wheel | Tailored Training REGULATION UPDATE The Wheel | Tailored Training MAIREAD OCONNOR Training & Advice Coordinator The Wheel __________________________________ mairead@wheel.ie The Wheel | Tailored Training 3 MOST RECENT

656 views • 40 slides
Cybersecurity for Future Presidents USENIX Enigma Conference website:

Cybersecurity for Future Presidents USENIX Enigma Conference website:

Cybersecurity events from the past week (or 2) of interest to future (or current) Presidents: NSA Tailored Access Operations (TAO) chief gives public talk on how NSA breaks into networks (1/25/2016):

273 views • 4 slides
Meeting the Need: Training that Rocks Kimberly Hemby Kassy LaBorie Lisa Plaggemier

Meeting the Need: Training that Rocks Kimberly Hemby Kassy LaBorie Lisa Plaggemier

CYBERSECURITY | INNOVATION . AWARENESS . TRAINING 2020 Vision : Bringing the Future of Cybersecurity Awareness and Training Into Focus 33rd Annual FISSEA Conference 2020 Summer Webinar Series #FISSEA2020 | nist.gov/fissea Meeting the Need:

1.16k views • 70 slides
Cybersecurity Training for the End User A Journey of Lessons Learned Chris Gaucher, Director of

Cybersecurity Training for the End User A Journey of Lessons Learned Chris Gaucher, Director of

Cybersecurity Training for the End User A Journey of Lessons Learned Chris Gaucher, Director of Cybersecurity & Privacy Simon McLaren, LCDR US Navy N A V A L P O S T G R A D U A T E S C H O O L NPS Mission Statement NPS provides

355 views • 18 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Cox Training for Gig Clubs 1 About this Training This training is made available for clubs to

Cox Training for Gig Clubs 1 About this Training This training is made available for clubs to

Cox Training for Gig Clubs 1 About this Training This training is made available for clubs to deliver to coxes. It should be tailored to include local information. Throughout the presentation there are Tutor Notes. These indicate where local

1.32k views • 96 slides
Tailored Cyber Risk Solutions for Community Banks As a community financial institution, your

Tailored Cyber Risk Solutions for Community Banks As a community financial institution, your

Tailored Cyber Risk Solutions for Community Banks As a community financial institution, your cyber risks and regulatory expectations are growing faster than your resources to deal with them. Unfortunately, a single public cybersecurity or data

407 views • 17 slides
Learning from Aviation: How tailored NTS training has shown positive effects on error management

Learning from Aviation: How tailored NTS training has shown positive effects on error management

Learning from Aviation: How tailored NTS training has shown positive effects on error management in the Rail Industry Samantha Carter Senior Human Factors Consultant 1 August 2012 RRM Rail Resource Management Drivers Guards N N Day 1

144 views • 13 slides
CYBERSECURITY CERTIFICATION PROGRAMS Workforce Training Need 30% more computer and network

CYBERSECURITY CERTIFICATION PROGRAMS Workforce Training Need 30% more computer and network

CYBERSECURITY CERTIFICATION PROGRAMS Workforce Training Need 30% more computer and network workers needed from 2008 to 2018 1 ; 433 New Mexico IT job postings in 2012 for security- specific positions 2 ; 110,000 information assurance

144 views • 11 slides
Managing Cybersecurity Risk in the Digital Age Workshop - 29 May 2019 1 Admin Program 1.

Managing Cybersecurity Risk in the Digital Age Workshop - 29 May 2019 1 Admin Program 1.

Managing Cybersecurity Risk in the Digital Age Workshop - 29 May 2019 1 Admin Program 1. Overview of entire day course (1 hr) 2. Discussion on specific needs of participants (course will be tailored to suit the majority of participants)

1.09k views • 76 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017

Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017

Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017 Florian Tramr Stanford Joint work with Alexey Kurakin (Google Brain) Nicolas Papernot (PSU) Dan Boneh (Stanford) Patrick McDaniel (PSU)

723 views • 24 slides
Keeping the Lights On: Challenges of Cybersecurity Training and Awareness for the Smart Grid

Keeping the Lights On: Challenges of Cybersecurity Training and Awareness for the Smart Grid

Keeping the Lights On: Challenges of Cybersecurity Training and Awareness for the Smart Grid Susan Farrand What is the Grid? Why is the Grid like it is? The War of the Currents Thomas Edison Nikola Tesla George Westinghouse Electricity

303 views • 27 slides
TAILORED Tender alert service www.jurismarches.com TAILORED TENDER ALERT SERVICE 2 J360 SEPAO

TAILORED Tender alert service www.jurismarches.com TAILORED TENDER ALERT SERVICE 2 J360 SEPAO

TAILORED Tender alert service www.jurismarches.com TAILORED TENDER ALERT SERVICE 2 J360 SEPAO IS PROPULSED BY DATA EXPLORER Who we are As a business intelligence expert since 2005, OctopusMind develops tools for a smart analysis of economic

521 views • 7 slides
Cybersecurity Training for Nonprofit Organizations Todays threat environment Gordon Walton,

Cybersecurity Training for Nonprofit Organizations Todays threat environment Gordon Walton,

Cybersecurity Training for Nonprofit Organizations Todays threat environment Gordon Walton, President Matthew Horton, Director of Technology Alan Schwartz, Senior Systems Engineer OneWhoServes, Inc. Business Technology Services Who are

541 views • 37 slides
Cybersecurity Awareness Training be vigilant but unafraid! Leo F. Howell Chief Information S

Cybersecurity Awareness Training be vigilant but unafraid! Leo F. Howell Chief Information S

Cybersecurity Awareness Training be vigilant but unafraid! Leo F. Howell Chief Information S ecurity Officer lfhowell@uoregon.edu Why YOU should care University University YOU YOU COMPLIANCE increases business COMPLIANCE Research at risk

829 views • 43 slides
Cybersecurity Shorts: Short Cyber Training Videos for Todays Workforce Dr. Kelly S. Wright,

Cybersecurity Shorts: Short Cyber Training Videos for Todays Workforce Dr. Kelly S. Wright,

Cybersecurity Shorts: Short Cyber Training Videos for Todays Workforce Dr. Kelly S. Wright, CISSP Instructional Systems Specialist IT Workforce Development (ITWD) Office of Information & Technology Department of Veterans Affairs Why

360 views • 24 slides
Platoon: A Virtual Platform for Team-oriented Cybersecurity Training and Exercises Yanyan Li,

Platoon: A Virtual Platform for Team-oriented Cybersecurity Training and Exercises Yanyan Li,

Platoon: A Virtual Platform for Team-oriented Cybersecurity Training and Exercises Yanyan Li, Mengjun Xie Department of Computer Science University of Arkansas at Little Rock { yxli5, mxxie } @ualr.edu September 29, 2016 Yanyan Li, Mengjun Xie

594 views • 31 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
Tailored 685 Third Avenue Technologies LLC New York, NY 10017 Tel: (212) 503-6300 Date:

Tailored 685 Third Avenue Technologies LLC New York, NY 10017 Tel: (212) 503-6300 Date:

Tailored 685 Third Avenue Technologies LLC New York, NY 10017 Tel: (212) 503-6300 Date: December 18, 2018 To: The File of the Hugh L. Carey Battery Park City Authority From: Tailored Technologies, LLC Technology Observations and

291 views • 6 slides
Tailored 685 Third Avenue Technologies LLC New York, NY 10017 Tel: (212) 503-6300 Date:

Tailored 685 Third Avenue Technologies LLC New York, NY 10017 Tel: (212) 503-6300 Date:

Tailored 685 Third Avenue Technologies LLC New York, NY 10017 Tel: (212) 503-6300 Date: January 19, 2017 To: To the file of Battery Park City From: Tailored Technologies LLC Technology Observations and Recommendations Resulting From the

377 views • 5 slides
28 th Annual Conference Changes, Challenges, and Collaborations: Effective Cybersecurity

28 th Annual Conference Changes, Challenges, and Collaborations: Effective Cybersecurity

28 th Annual Conference Changes, Challenges, and Collaborations: Effective Cybersecurity Training National Institute of Standards and Technology Gaithersburg, Maryland Tuesday, March 24, 2015 AGENDA

178 views • 3 slides

More recommend