nexgen education, training & readiness - amazon s3 · pdf file ·...

Patrick Walsh, Ph.D. VP, Customer Education. Admiral, U.S. Navy, (Ret.)

Nexgen Education, Training & Readiness

The Problem

COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED. 2

Cybersecurity Unemployment Rate

The Problem

Customer does not have exposure to

malware in a consequence free

environment

Customer lacks currency, relevant

analytic skill, and recent, practical

experience

Customer industry training model

drives companies to individual

certification, not team training in a

simulation environment


Cybersecurity Unemployment Rate

Dropped to 0%

Information Security growth rate of

36.5% through 2022

Non-existent unemployment rate

means companies hire sub-par,

unprepared candidates

Customer has difficulty keeping up

with the changing threat environment

4

SOC IR Intel C* O

ORGANIZATIONAL SILOS

COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.

Copyright © FireEye, Inc. All rights reserved. 5

High Profile Breaches

Bangladesh Bank

What is the industry asking for?

• Relevant training

• Reinforce the need for IR training and intelligence integration

• Strengthen teamwork & communications

• Assess team performance

• Holistic approach to people, process & technology

• A continuous improvement model

• Adopt an experiential learning model

• Educational paradigm shift

• Use intelligence to connect the training environment to the operating environment.

• Make it real

How to we apply it to Cyber?

7

Cyber Training Current State

Relevancy

Interaction COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.

Educational Paradigm Shift

COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED. - SEVERENCE “THIRTY YEARS OF EXPERIENTIAL LEARNING”

Dimension Traditional Experiential

Faculty Individual Team

Perspective Functional Interdisciplinary

Problem Simplistic Messy

Duration Minutes-Hours Days-Weeks

Solution Conceptual Detailed

Student Individual Team

Learning Location Same Time/Place Different Time/Place

Responsibility for Learning Teacher/“Trainer” Student/“Learner”


Exercise Replay

What do teams learn?


• Greater awareness of critical business assets and processes

• Establish points of communication for crisis escalation

• Understanding of management information needs

• Test roles and responsibilities under dynamic conditions

• Crisis response is not linear

• Exposes assumptions about single point solutions

Key Characteristics of Experiential Learning


Team

Cross-Functional

Chaos Ambiguous

Days

High Fidelity

Immersive

Reflection

Intelligence Sources

Adversary Intelligence

Victim Intelligence

Machine Intelligence

Readiness


Readiness Architecture Ensure optimal performance before business impact

Course work +

Micro-Scenarios

Threatspace

Threatspace +

Executive Coaching


Cybe r Security Founda tions

Inc ident ManagementS tra tegie s for e ffec tive inc ident hand ling

Ana lytic a l TrackCyber Threa t Inte lligence Tradec ra ft

Art of Attribution

Adv. Inte lligence Tradec ra ftAna lys is S tra tegie s

Critica l Infra s truc ture

Technica l TrackInc ident Respons e Tradec ra ft

Malware Ana lys is

Bas ic Inte lligence Tradec ra ftNe twork/Hos t Inves tiga tion

Inc ident Respons e

Bas ic Cybe r Security Ope ra tions Networking, Sys tem Adminis tra tion, and Cyber Thr ea t Inte lligence Concep ts

Micro-Scena riosFocus ed tra ining module s

Produc t TrackFireEye P roduc t Tradec ra ft

Admin for Ne tForens ic s /Ana lytic s

Admin for Ana lytic s and LegacyAdmin for Core /Endpoint/

Ne tForens ic s

Ale rts Ana lys is and Forens ic s Fundamenta ls

Tactical Threat Awareness Curriculum


Paradigm shift


Individual

Certification

Interesting

Team

Experience

Essential


THANK YOU


Patrick Walsh, Ph.D. Vice President, Customer Education Admiral, U.S. Navy, (Ret.)

nexgen education, training & readiness - amazon s3 · pdf file ·...

Documents