Army Cyber Institute CW3 Judy Esquibel - PowerPoint Presentation

Slide1

Army Cyber Institute

CW3 Judy Esquibel Research Scientist

"Momentum non vertendum" - Irreversible Momentum

The ACI is a national resource for research, advice, and education in the cyber domain, engaging military, government, academic, and industrial cyber communities in impactful partnerships to build intellectual capital and expand the knowledge base for the purpose of enabling effective Army cyber defense and cyber operations .

Vision

Recruit people who want to continuously contribute to the ACI missionBuild a diverse resource portfolio

Develop and maintain facilities

Develop a culture to empower interdisciplinary research

Develop an ACI communications strategy

Line of Support: Enabling the ACI

Line of Effort 1: Advance the Body of Knowledge

Conduct, facilitate, and identify basic research

Conduct, facilitate, and identify interdisciplinary applied research

Create venues for sharing research of interest to DoD

Attend, present, and facilitate prioritized cyber community events

Synchronized and accessible cyber innovation and research conducted in an interdisciplinary approach

Line of Effort 2: Leverage Impactful Partnerships

Harness academic partnerships to support of research objectives

Collaborate with USMA research centers in support of research objectives

Develop partnerships with industry in support of research objectives

Create and nurture partnerships with government entities to help identify cyber domain future challenges and support research objectives

Lead cyber community partnership efforts across the Army to reduce duplicative efforts and advances efforts across the community

Developed dynamic partnerships

The ACI has empowered people with the right skills, aligned with their interests on useful projects

Line of Effort 3: Leader Development

Supported cyber curriculum integration into USMA and other leader development institutions

Influence and advise pre-commissioning leader development

Support the Dean’s vision of cyber curriculum integration throughout USMA

Support the Commandant of Cadets with innovative technology for training

Support integration of cyber learning objectives throughout the U.S. Army War College

HQ DA-G3/5/7 (DAMO-CY)

The Army Cyber Enterprise

Research – Jack Voltaic Background (Con’t): 135 Participants across 25 Organizations

First Responders, Emergency Mgmt, Transportation, Telecommunications, Power, Water, Finance and Healthcare

Jack Voltaic 1 – New York City

JACK VOLTAIC is a multi-sector cyber security threat exercise led by the Army Cyber Institute and Citigroup in concert with a variety of commercial, and local government sector collaborators to demonstrate a cyber-attack in NYC, resulting in impact to multiple sectors and requiring coordinated response to contain an escalating threat to business and critical infrastructure.

Lessons Learned – August 2016

BLUF: The need to improve “cyber fusion” was communicated in this context to express the need to improve a city’s communication to enable a proactive defense.

Purpose

– August 2016

6

Technological Complexity or Sophistication

"To counter the advantages that are available to those conducting cyberattacks, we must pursue more disruptive defensive innovations" -

Defending the Core with Cyber Innovations: Refusing to Concede to Cyberattacks (Gagnon, Wong, Hutton, 2016)

Innovations for Cyber

Defense

Jack Voltaic is an example of…

High

Targeted Market

Existing

New

Low

Sustaining

(Meeting Existing Customer Needs)

Breakthrough

(Jumping the Curve)

Incremental

(Evolutionary)

Disruptive

(Revolutionary)

7Background: Leveraged Partnerships

Innovate

Academia

Government

Industry

April 2016 ACI in Partnership

With the Electric Infrastructure

Security (EIS) Council and

CMU-SEI-CERT conducted

A workshop

to explore

Cyber Mutual Assistance

Jonathon Monken, Former EIS

Council VP of Operations

Experiment

Partner

December 2015 ACI discovered

Regional Mutual Assistance Groups (RMAGs) .

An energy sector framework to provide

Operational and technical assistance

During an incident.

How

Is this done within the

Cyber domain?

Technical Report (draft):

“Cyber Mutual Assistance Workshop Report” –

soon

To be published through CMU

Bill Lawrence, E-ISAC/NERC

Director Programs & Engagement

Develop an experiment…

May 2016 ACI Partnered with

Citigroup’s Global Threat

Exercise Team

to begin

developing

Jack Voltaic

Table Top ExerciseInspired from 2014 NYC TTX – led by DHS & FBI

Homeland Security Exercise Evaluation Program (HSEEP) ACI consulted with DHS-National Cyber Exercise Planning Program (NCEPP) to obtain AAR 8

Design Concept Category – 3 : Senior ExecutivesCategory – 2: Mid-level Management

Category – 1: Operator and Analysts

Selected planners, also known as

“trusted agents” were key to the successful

development and execution of this exercise.

Planners were knowledgeable and

experienced in cyber, emergency plan

procedures and was involved throughout the designing, execution and evaluation of the

exercise.

Inspired from

Existing exercise frameworks

ACI consulted with U.S. Cyber command J71 – Training & Exercise

Live-Fire-Exercise inspired from

Cyber Guard Component 1: Live-Fire-Exercise (LFX)

Component 2:

Table-Top-Exercise (TTX)

Component 3:

Planning Committee  

Correlated

Jack Voltaic 2National Preparedness – Strengthening

the security and resilience of the United States

Jack Voltaic

2 – Sector Participants

Jack Voltaic 3 ? – Innovate & Thrive

How the military and industry partnerships fill gaps between cyber + physical attacks and critical infrastructure Develop Enduring Partnerships with Private Sector(experts within a critical infrastructure) Identify collaborative opportunities – work a similar challenge together

Evolve the Army’s ability on cross-sector protocol. Begin by learning from operations conducted within the homeland and then apply and adapt to operations abroad. Example – Evolve Cyber/EW Operational Insights on mission critical systems Future Required Skillsets brought on by technologies (Electrical Grid, Software Defined Radios, Internet of Things (PLC device emit Radio Frequencies)) Ham Radio Operators merged with Hacker skillsets – “Ham-Hackers”Vulnerabilities introduced overtime through the modernization of OT environments to enable management and efficiency.

Enable the Identification of the “Gold Standard” – needed for transformation

Enable Rapid Capability Development

Evolve our use of existing authorities

Questions?