Week 8 CYBR 650 Blog


Week 8 Blog Cyber Warriors?

My organization, the US Air Force, is eyeing a major shift in how it approaches what was considered “IT” when I first entered the service. Most personnel in computer career fields spent 100% of there time on fielding and supporting whatever computer systems were deemed necessary for mission success. The new initiative is driving the effort to transition these support personnel to cyber defensive personnel. Gone will be “blue suiters” imaging computers, mapping home drives, or managing e-mail boxes. These personnel will transition into defense teams with specialized missions of defending critical cyberspace terrain.

This isn’t new, as a lot of organizations are looking at something similar. In many cases though, I would imagine they can often hire new staff and rapidly train those that remain. In a large and relatively slow-moving organization though it will be interesting seeing how this unfolds. It may seem like a natural transition to take someone who has worked Microsoft servers, patching, or Cisco devices for many years and refocus them to securing critical systems. After all, the first step in learning to secure something is understanding how it works. While I agree that many will have the foundation for this transition, there are many other skills required to defend something versus just ensuring its availability.

Whole Different Ballgame

I am in a position similar to many old-timers in the enlisted communications career field. I grew up during this transition from “IT” to “cyber”. I have a lot of experience building networks and maintaining them, I even have a lot of experience with what would be considered cyber defense – mitigating vulnerabilities and rolling out security updates to an enterprise. This is completely different than active cyber defense against a sophisticated enemy. Fortunately, I think I have gained some insight due to studying the field on my own time and gaining some certifications. It really takes a different mindset. We have to figure out how to transition from “how do I make sure user accounts are created efficiently and correctly” to “how do I defend this F-22 weapon system from a malicious attack”. That is not a quick, or easy transition. It takes a different mindset – including both hard and soft skills. You have to learn risk management. You need to identify which systems we use which actually support the essential functions of the larger organization, so efforts can be focused on protecting them. For those systems, you have to identify potential weaknesses, and ways to detect when normal behavior from abnormal behavior. You have to go from support-oriented to thining like an adversary. Knowing their TTP’s and footprints. You also have to be aware of what is happening outside of your sphere of control. You are no longer just concerned about the users on your base…what if nation-state cyber actors are demonstrating new capabilities against another nation. Or maybe a lone wolf is probing a similar system to yours on a different base. That communication and information sharing infrastructure needs to support that.

Positive Outlook

This isn’t exactly trying to turn the Titanic around 100 yards from the iceberg. Leadership appears to be taking a measured and calculated approach to this, mapping out a multi-year plan to grow and develop current IT support personnel into cyber defense personnel. This will be the new way of life for new personnel, but I think how the plan is executed to transform the current force will dictate just how successful this can be. Freeing up the IT staff to focus on Cybersecurity is a fantastic idea. William Marion, the Air Force’s deputy chief of information dominance and deputy CIO dropped an interesting line when he said “Our core competency is ‘fly, fight, win’ in air and space. It is not to run email servers or configure desktop devices.” Not sure how I feel about that, as core competencies are enabled by its support element. That line certainly briefs well to military generals, and as a lifelong operations support Airman it certainly highlights an exciting new direction.


Comments

Post a Comment

Popular posts from this blog

Week 5 CYBR 650 Blog

Image
Will Harry and Mae’s Diner Ever Listen to their Paid Consultants? This week in class we are working through the familiar (at least for Bellevue Cybersecurity students) Harry and Mae’s case study . This examines a franchise of diners, and depending on the class you are in, you examine it through the lens required…it could be risk management, secu re network design, or threat analysis. One item I got to thinking about this week is the individual franchises under a company like this, and how much leeway they have when deciding how to run their own infrastructure. This is especially important when the headquarters policies dictate an insecure implementation of the IT equipment, such as is the case with Harry and Mae's. In my specific experience with them, this will be the third time I have recommended basic security configurations without any visible action on their part. Point of Sale Security Certainly, a hot-topic over the last few years, point of sale devices a...
Read more

Week 7 CYBR 650 Blog

Week 7 Blog Its National Cybersecurity Awareness Month! October is designated as Cybersecurity Awareness Month , generally a time of the year for the Government to post some helpful guidelines for everyday people to read about how cyber security could impact their lives. Typically, these involve a good exposure of common threats and vulnerabilities to personnel without much direct cybersecurity knowledge. This year there are four themes for the four weeks of the month: Cybersecurity at home, careers in cybersecurity, workplace cybersecurity, and critical infrastructure cybersecurity.   More specifically, week 4, Oct. 22–26 will be about safeguarding the Nation’s Critical Infrastructure. When most read this they correctly assume this means energy, financial, and emergency systems or maybe centralized communications and transportation. Those are all considered critical infrastructure, and afforded enhanced protection resources through that designation. One item that many ma...
Read more

Finally Here!

Hello all, welcome to my blog covering the final course in the Bellevue Cybersecurity Master's program. This has been quite a journey, starting back in the Winter of 2014. I am fully aware that four years is kind of excessive to complete 12 classes, but I went through at a pace that allowed me to enjoy life and accomplish other goals at the same time. My original goal was to complete my MS degree before retiring from the Air Force. Well, I hit that retirement button yesterday, requesting a retirement date of next year. So pending the results of this course (and the concurrent Risk Management course), mission accomplished! A bit about me. I am 37 years old and currently residing in Anchorage, AK. I married my high school sweetheart 18 years ago, and we have three wonderful children. We love Alaska, and all of the amazing things that you can only do here. I have about a year left to enjoy it, before we retire and transition to civilian life in Colorado, my hometown. I love fishing,...
Read more