nexgen education, training & readiness - amazon s3 · pdf file ·...
TRANSCRIPT
Patrick Walsh, Ph.D. VP, Customer Education. Admiral, U.S. Navy, (Ret.)
Nexgen Education, Training & Readiness
The Problem
Customer does not have exposure to
malware in a consequence free
environment
Customer lacks currency, relevant
analytic skill, and recent, practical
experience
Customer industry training model
drives companies to individual
certification, not team training in a
simulation environment
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED. 3
Cybersecurity Unemployment Rate
Dropped to 0%
Information Security growth rate of
36.5% through 2022
Non-existent unemployment rate
means companies hire sub-par,
unprepared candidates
Customer has difficulty keeping up
with the changing threat environment
What is the industry asking for?
• Relevant training
• Reinforce the need for IR training and intelligence integration
• Strengthen teamwork & communications
• Assess team performance
• Holistic approach to people, process & technology
• A continuous improvement model
• Adopt an experiential learning model
• Educational paradigm shift
• Use intelligence to connect the training environment to the operating environment.
• Make it real
How to we apply it to Cyber?
7
Cyber Training Current State
Relevancy
Interaction COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
Educational Paradigm Shift
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED. - SEVERENCE “THIRTY YEARS OF EXPERIENTIAL LEARNING”
Dimension Traditional Experiential
Faculty Individual Team
Perspective Functional Interdisciplinary
Problem Simplistic Messy
Duration Minutes-Hours Days-Weeks
Solution Conceptual Detailed
Student Individual Team
Learning Location Same Time/Place Different Time/Place
Responsibility for Learning Teacher/“Trainer” Student/“Learner”
What do teams learn?
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
• Greater awareness of critical business assets and processes
• Establish points of communication for crisis escalation
• Understanding of management information needs
• Test roles and responsibilities under dynamic conditions
• Crisis response is not linear
• Exposes assumptions about single point solutions
Key Characteristics of Experiential Learning
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
Team
Cross-Functional
Chaos Ambiguous
Days
High Fidelity
Immersive
Reflection
Intelligence Sources
Adversary Intelligence
Victim Intelligence
Machine Intelligence
Readiness
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
Readiness Architecture Ensure optimal performance before business impact
Course work +
Micro-Scenarios
Threatspace
Threatspace +
Executive Coaching
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
Cybe r Security Founda tions
Inc ident ManagementS tra tegie s for e ffec tive inc ident hand ling
Ana lytic a l TrackCyber Threa t Inte lligence Tradec ra ft
Art of Attribution
Adv. Inte lligence Tradec ra ftAna lys is S tra tegie s
Critica l Infra s truc ture
Technica l TrackInc ident Respons e Tradec ra ft
Malware Ana lys is
Bas ic Inte lligence Tradec ra ftNe twork/Hos t Inves tiga tion
Inc ident Respons e
Bas ic Cybe r Security Ope ra tions Networking, Sys tem Adminis tra tion, and Cyber Thr ea t Inte lligence Concep ts
Micro-Scena riosFocus ed tra ining module s
Produc t TrackFireEye P roduc t Tradec ra ft
Admin for Ne tForens ic s /Ana lytic s
Admin for Ana lytic s and LegacyAdmin for Core /Endpoint/
Ne tForens ic s
Ale rts Ana lys is and Forens ic s Fundamenta ls
Tactical Threat Awareness Curriculum
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
18
Cyber Training Future State
Relevancy
Interaction COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
Paradigm shift
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED. 19
Individual
Certification
Interesting
Team
Experience
Essential
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
THANK YOU
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
Patrick Walsh, Ph.D. Vice President, Customer Education Admiral, U.S. Navy, (Ret.)