This framework positions cyber security and defense professionals as the worthy, heroic, courageous and technically savvy and empathic cyber citizens that we are.
The kind of professionals and people that little children and grown adults aspire to be.
OFFENSIVE CYBER OPERATIONS (also known as “DEFENDING FORWARD”)
Include the
manipulation and/or disruption of networks and systems with the purpose of
limiting or eliminating the adversary's operational capability. Offensive cyber
operations CANNOT be implemented in the “wild” without legislative exceptions.
Useful Content for Course/Skill Development
1.
Cyber Mission Assurance
2.
Offensive Cyber Operations [Udemy]
https://www.udemy.com/course/offensive-cyber-operations/
3.
Offensive Cyber Security Engineer Online
Training & Certification Course [Infosec Train]
a. https://www.infosectrain.com/courses/offensive-cyber-security-engineer-training/
4.
Introduction to Cyber Warfare and Operations
Design https://www.csfi.us/?p=icwod
5.
Cyber Security Regulation https://en.wikipedia.org/wiki/Cyber-security_regulation
6.
Lawfare
7.
An Ethical Decision-Making Tool for Offensive
Cyberspace Operations
a. https://www.airuniversity.af.edu/Portals/10/ASPJ/journals/Volume-32_Issue-3/V-Ramsey.pdf
8.
Cyber TSCM https://www.esotericltd.com/counter-surveillance-services/cyber-tscm/
9.
MITRE Attack and Defender https://mitre-engenuity.org/mad/
Jobs
(this link has jobs & skill/certification requirements related to this work,
sample job titles below)
- 1. Offensive Cyber Policy and Governance Support
- 2. Offensive Cyber Operations Business Lead
- 3. Offensive Cyber Integrated Effects Leader
- 4. Operator, Offensive Security: Red Team
Notes:
We refer to the
work we do as “Defensive Cyber Exploitation”. We DO NOT “hack” into anything so we will no longer use
that language when referring to the work we do in offensive cyber operations.
ACTIVE
CYBER DEFENSE
Focused on Mission Assurance
(vs Network Assurance) with a strong
emphasis on intelligence, reconnaissance, communication, and planning. Active
cyber defense does not involve direct engagement with the adversary but enables
cyber defenders to disrupt and neutralize cyberattacks as they happen and
before they can damage or negatively impact people and mission essential systems,
and functions.
Useful Content for Course/Skill Development
1.
Cyber Mission Assurance
2.
NIST Risk Management Framework https://csrc.nist.gov/projects/risk-management/about-rmf
3.
Cyber Deception- Attack Detection, Disruption
and Active Defense
4.
Active Defense and Cyber Deception Intro
a. https://www.blackhillsinfosec.com/active-defense-cyber-deception-intro/
5.
Cyber TSCM https://www.esotericltd.com/counter-surveillance-services/cyber-tscm/
6.
MITRE Attack and Defender https://mitre-engenuity.org/mad/
Jobs
(this link has jobs & skill/certification requirements related to this
work, sample job titles below)
- 1. Human Geographer
- 2. Intelligence Analyst
- 3. Cyber Targeter
- 4.
Cyber and Intelligence Specialist
PROACTIVE CYBER DEFENSE
Involves gathering information
to detect, prevent, disrupt, and deter an attack either pre-emptively or in
self-defense BEFORE it’s initiated. AGGRESSIVE interception and disruption
activities including cyber deception, attribution, threat hunting and
adversarial pursuit. Meant to improve information collection by stimulating
reactions of the threat agents to provide strike options to Offensive Cyber Ops
team members.
Useful Content for Course/Skill Development
1.
XM Cyber https://www.xmcyber.com/what-is-proactive-cyber-defense/
2.
Cyber TSCM https://www.esotericltd.com/counter-surveillance-services/cyber-tscm/
3.
MITRE Attack & Defender https://mitre-engenuity.org/mad/
4.
Adversary Pursuit: Cyber Intelligence https://www.boozallen.com/expertise/products/cybersecurity-products/adversary-pursuit-cyber-intelligence-solution.html
5.
Senior Adversary Hunter https://ninjajobs.org/job/1f1c0bb19522945a4d20d92d2da153e049c9901260
6.
Deception Platforms https://www.optiv.com/cybersecurity-dictionary/deception-platforms
7.
Cyber Deception https://www.unsw.adfa.edu.au/professional-education-courses/cyber-deception
8.
Attribution Models and Frameworks https://attribution.news/2020/03/31/attribution-models-and-frameworks/
9.
Using Deception and Trickery to Defeat Cyber
Adversaries https://www.mitre.org/publications/project-stories/active-defense-using-deception-and-trickery-to-defeat-cyber-adversaries
10. MITRE TTP Based Hunting https://www.mitre.org/sites/default/files/publications/pr-19-3892-ttp-based-hunting.pdf
11. Second Generation OSINT https://www.rand.org/pubs/research_reports/RR1964.html
12. How OSINT Supports Proactive
Defense https://www.sans.org/webcasts/wild-osint-supports-proactive-defense-118460/
JOBS
(this link has jobs & skill/certification requirements related to this
work, sample job titles below)
- 1. Full Spectrum Cyber Researcher
- 2. Cyber Security Research and Development Engineer
- 3. Evidence Specialist
CYBER
SECURITY
Focused on NETWORK assurance
(security) reducing attack surface of networks to reduce risk of exploitation. Compliance
driven (in many cases) with a Strong focus on reactive measures, incident
response, recovery, and resilience.
1.
Cyber TSCM https://www.esotericltd.com/counter-surveillance-services/cyber-tscm/
2.
MITRE Attack & Defender https://mitre-engenuity.org/mad/
…and other ther typical
cybersecurity courses/labs available for blue team members
Hey, there I sent my resume last night, I can't thank you enough!
ReplyDeleteGot it! I"ll send you feedback shortly!
ReplyDelete