Cybersecurity is dynamic – with innovative enemies constantly developing and discovering new ways to infiltrate even the most secure networks.
In turn, each new layer of cyber defense leads to the development of new techniques to breach systems.
In this “cyber arms race” it is imperative that the U.S. military develop innovative ways to train its own cyber warriors quickly – to keep them both ahead of emerging threats and prepared with cutting-edge techniques to isolate and remediate new threats to its networks.
Since last year, ManTech has been supporting PM Cyber Resiliency and Training (CRT) and working with several partners to develop a prototype cyber training program for the U.S. Army.
The capability, known as the Persistent Cyber Training Environment (or “PCTE”) will enable future cyber warriors to practice their tradecraft, standardize their training and learn how to better operate in a joint integrated environment.
The cyber training will be mobile, accessible via a laptop with a secure connection, enabling high-fidelity cyber training with realistic battle rhythms to reach soldiers worldwide.
Building and then scaling these cyber training environments present several challenges, however.
- The environments must be high-fidelity – realistic representations of both secure government networks and the types of attacks they might face.
- They must be cyber secure themselves – with multiple protocols and partitions in place to ensure that only authorized personnel can access the training environments.
- They must be nonproprietary – an open architecture design empowers cyber warriors with choice to remove or snap-in functionality any time, which mitigates vendor/product lock-in and facilitates capability expansion.
- They must be scalable – able to be flexible enough to train individuals, teams, or even entire divisions simultaneously, with equal ease.
- Finally, there’s accessibility – The training environments should be equally accessible to soldiers at home in the garrison and to those deployed to conflict regions where Wi-Fi access itself is far from assured.
ManTech’s approach to training cyber warriors is to teach them to think like an enemy intruder. By learning offensive cyber techniques, one can then apply that thinking to successfully defend the network.
ManTech has been working in cyber operations for years – our offensive-informed defensive cyber framework informs our approach to potential intrusion – and helps our cyber warriors be effective no matter the threat.
Red Meets Blue
Typically in a cyber range exercise there are the participants who are training, usually there are objectives that they’re trying to achieve with the event.
There’s a blue team that defends; there’s a red team that attacks, and a red team can be automated – it doesn’t actually have to be people that are performing that function.
Then there’s usually a white cell that is observing and controlling the pace of the exercise and refereeing the events. This team is also charged with wrapping up the event and providing analysis of the training exercise once it is finished – to evaluate the performance of the individuals and teams, rating them against their objectives.
That validation of learning objectives – that assessment of teams – is extremely important. The after-action debriefs touch on lessons learned and areas for improvement.
All of this is critical to ensuring ManTech is helping to provide the best possible cyber training – and thus ensuring that our soldiers, sailors, Marines, and Airmen – are properly qualified and certified to do this mission-critical and sensitive cyber work.