Cyber defenders study the art of cyber war

The country’s cyber defenders need to master the art — as much as the science — of cybersecurity through continuous education, an information security expert said at the Defense Systems Summit on Cyber Defense Sept. 7.

Because cyberspace is a fluid environment, trends and situations can change within minutes or seconds. Cyber experts need a broad education rather than specific training to quickly analyze and react to sudden shifts, said Gil Duvall, chairman of information operations and information assurance at the National Defense University, at the conference in Arlington, Va.

That type of critical thinking cannot come from an ordinary training course, Duvall said. Instead, the next generation of cyberspace specialists must be familiar with a variety of concepts and theories. NDU is focusing on teaching future cyber warriors about defending critical infrastructure by offering master’s degrees and college-level course, he said.

NDU’s curriculum strives to educate students rather than train them. The nuance of that goal is that training encourages a checklist mentality rather than a flexible problem-solving outlook, Duvall said. NDU wants to produce cyberspace experts who have an open mentality because they will have better situational awareness, he added.

The university promotes critical thinking by first teaching basic security policy, then supervisory control and data acquisition (SCADA) operations and policies, followed by a final level of classified courses that focus on the nature of the nation’s critical infrastructure and specific threats to it.

NDU also extensively uses its cyberspace laboratory to test and train students in network attack and defense concepts, giving them hands-on experience in a safe environment, Duvall said. For example, during the SCADA courses, students use the lab to defend a simulated facility against a variety of cyberattacks. Other modeling and simulation courses further refine students’ ability to defend critical assets, he said.

Duvall said another goal of the curriculum is to teach the art of cybersecurity, which includes:

• Attribution — identifying the nature and results of an attack.
• Rules of engagement — familiarity with command and control processes; risk management; laws and decision-making; and cyber operations, such as network attack, exploitation and defense.
• Trust relationships — international diplomacy, public- and private-sector communications, interagency relationships, academia, and professional education.

NDU also offers courses in cyberspace law, continuity of operations, information warfare and strategy, and cyber crime. Other courses emphasize cyber leadership skills that look beyond mere security to issues such as operating in an intra-agency environment and emphasizing global and international perspectives, he said.