Research Scientist Momentum non vertendum Irreversible Momentum The ACI is a national resource for research advice and education in the cyber domain engaging military government academic and industrial cyber communities in impactful partnerships to build intellectual capital and ID: 816255
Download The PPT/PDF document "Army Cyber Institute CW3 Judy Esquibel" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Army Cyber Institute
CW3 Judy Esquibel Research Scientist
"Momentum non vertendum" - Irreversible Momentum
Slide2The ACI is a national resource for research, advice, and education in the cyber domain, engaging military, government, academic, and industrial cyber communities in impactful partnerships to build intellectual capital and expand the knowledge base for the purpose of enabling effective Army cyber defense and cyber operations .
Vision
Recruit people who want to continuously contribute to the ACI missionBuild a diverse resource portfolio
Develop and maintain facilities
Develop a culture to empower interdisciplinary research
Develop an ACI communications strategy
Line of Support: Enabling the ACI
Line of Effort 1: Advance the Body of Knowledge
Conduct, facilitate, and identify basic research
Conduct, facilitate, and identify interdisciplinary applied research
Create venues for sharing research of interest to DoD
Attend, present, and facilitate prioritized cyber community events
Synchronized and accessible cyber innovation and research conducted in an interdisciplinary approach
Line of Effort 2: Leverage Impactful Partnerships
Harness academic partnerships to support of research objectives
Collaborate with USMA research centers in support of research objectives
Develop partnerships with industry in support of research objectives
Create and nurture partnerships with government entities to help identify cyber domain future challenges and support research objectives
Lead cyber community partnership efforts across the Army to reduce duplicative efforts and advances efforts across the community
Developed dynamic partnerships
The ACI has empowered people with the right skills, aligned with their interests on useful projects
Line of Effort 3: Leader Development
Supported cyber curriculum integration into USMA and other leader development institutions
Influence and advise pre-commissioning leader development
Support the Dean’s vision of cyber curriculum integration throughout USMA
Support the Commandant of Cadets with innovative technology for training
Support integration of cyber learning objectives throughout the U.S. Army War College
Slide3HQ DA-G3/5/7 (DAMO-CY)
The Army Cyber Enterprise
Slide4Research – Jack Voltaic Background (Con’t): 135 Participants across 25 Organizations
First Responders, Emergency Mgmt, Transportation, Telecommunications, Power, Water, Finance and Healthcare
Jack Voltaic 1 – New York City
JACK VOLTAIC is a multi-sector cyber security threat exercise led by the Army Cyber Institute and Citigroup in concert with a variety of commercial, and local government sector collaborators to demonstrate a cyber-attack in NYC, resulting in impact to multiple sectors and requiring coordinated response to contain an escalating threat to business and critical infrastructure.
Lessons Learned – August 2016
BLUF: The need to improve “cyber fusion” was communicated in this context to express the need to improve a city’s communication to enable a proactive defense.
Purpose
– August 2016
Slide66
Technological Complexity or Sophistication
"To counter the advantages that are available to those conducting cyberattacks, we must pursue more disruptive defensive innovations" -
Defending the Core with Cyber Innovations: Refusing to Concede to Cyberattacks (Gagnon, Wong, Hutton, 2016)
Innovations for Cyber
Defense
Jack Voltaic is an example of…
High
Targeted Market
Existing
New
Low
Sustaining
(Meeting Existing Customer Needs)
Breakthrough
(Jumping the Curve)
Incremental
(Evolutionary)
Disruptive
(Revolutionary)
Slide77Background: Leveraged Partnerships
Innovate
Academia
Government
Industry
April 2016 ACI in Partnership
With the Electric Infrastructure
Security (EIS) Council and
CMU-SEI-CERT conducted
A workshop
to explore
Cyber Mutual Assistance
Jonathon Monken, Former EIS
Council VP of Operations
Experiment
Partner
December 2015 ACI discovered
Regional Mutual Assistance Groups (RMAGs) .
An energy sector framework to provide
Operational and technical assistance
During an incident.
How
Is this done within the
Cyber domain?
Technical Report (draft):
“Cyber Mutual Assistance Workshop Report” –
soon
To be published through CMU
Bill Lawrence, E-ISAC/NERC
Director Programs & Engagement
Develop an experiment…
May 2016 ACI Partnered with
Citigroup’s Global Threat
Exercise Team
to begin
developing
Jack Voltaic
Slide8Table Top ExerciseInspired from 2014 NYC TTX – led by DHS & FBI
Homeland Security Exercise Evaluation Program (HSEEP) ACI consulted with DHS-National Cyber Exercise Planning Program (NCEPP) to obtain AAR 8
Design Concept Category – 3 : Senior ExecutivesCategory – 2: Mid-level Management
Category – 1: Operator and Analysts
Selected planners, also known as
“trusted agents” were key to the successful
development and execution of this exercise.
Planners were knowledgeable and
experienced in cyber, emergency plan
procedures and was involved throughout the designing, execution and evaluation of the
exercise.
Inspired from
Existing exercise frameworks
ACI consulted with U.S. Cyber command J71 – Training & Exercise
Live-Fire-Exercise inspired from
Cyber Guard Component 1: Live-Fire-Exercise (LFX)
Component 2:
Table-Top-Exercise (TTX)
Component 3:
Planning Committee
Correlated
Jack Voltaic 2National Preparedness – Strengthening
the security and resilience of the United States
Slide10Jack Voltaic
2 – Sector Participants
Slide11Jack Voltaic 3 ? – Innovate & Thrive
How the military and industry partnerships fill gaps between cyber + physical attacks and critical infrastructure Develop Enduring Partnerships with Private Sector(experts within a critical infrastructure) Identify collaborative opportunities – work a similar challenge together
Evolve the Army’s ability on cross-sector protocol. Begin by learning from operations conducted within the homeland and then apply and adapt to operations abroad. Example – Evolve Cyber/EW Operational Insights on mission critical systems Future Required Skillsets brought on by technologies (Electrical Grid, Software Defined Radios, Internet of Things (PLC device emit Radio Frequencies)) Ham Radio Operators merged with Hacker skillsets – “Ham-Hackers”Vulnerabilities introduced overtime through the modernization of OT environments to enable management and efficiency.
Enable the Identification of the “Gold Standard” – needed for transformation
Enable Rapid Capability Development
Evolve our use of existing authorities
Slide12Questions?