On This Page

Military Strategy and Tactics for Cyber Security

David Raymond
Greg Conti
 | 
July 30-31 & August 1-2



Overview

The designation of cyberspace as a U.S. military operational domain and subsequent application of U.S. doctrine to cyberspace operations has shed light on new tactics and techniques for network defense. In this course we will introduce you to the intricacies of this complex new landscape through discussion and hands-on exercises.

We designed this course for security professionals who would like to apply military cyber operations concepts to defending their enterprise and for DoD, contractor, and other government personnel who need to know more about the emerging field of Cyber Operations. Whether you like it or not, if you are charged with defending a network, you are facing nation-state adversaries. It is no longer sufficient to be "just a little more secure than the other guy". Our enemies in the digital world will target both of you. And they will probably be successful. Furthermore, they don't discriminate between government and private industry. They will attack them all and take whatever might prove useful in the future.

We will teach you how the enemy uses military strategies to attack your network, and how you can use similar strategies to defend it. Publicly available information, software and hardware monocultures, porous attack surfaces, and ever present vulnerabilities have the defender always playing catch up. This course will help defenders generate the information, disinformation, and intelligence strategies that will to put you and your assets in a position of tactical strength, not weakness. Many of today's best practices are stuck in the individual and small team model, we'll provide you an entirely new arsenal of military grade strategies and tactics that scale to the enterprise-level and will help you fend off even nation-state adversaries. In addition, you will also learn how to reverse enemy strategy and tactics to help predict their next moves so you can counter them in advance.

This course is developed and taught by career Army officers with a combined 50+ years of experience and all material discussed will be unclassified. The views expressed in course are those of the authors and do not reflect the official policy or position of the Department of the Army, the Department of Defense, or the United States Government.

Who Should Take this Course

Anyone responsible for defending a network and interested in new defensive techniques and approaches based on military doctrine and strategy. Our material is appropriate for hands-on network defenders as well as executives responsible for network defense.

Student Requirements

General understanding of network security concepts and how they are traditionally applied. Prior familiarity with military tactics or doctrine is not required.

What Students Should Bring

Preferred tool for taking notes. All course materials will be provided.

What Students Will Be Provided With

  • Full course content slides
  • Military Doctrine Smartbook

Trainers

David Raymond is Deputy Director of the IT Security Office and Adjunct Professor at Virginia Tech where he serves as deputy to the Virginia Tech CISO, teaches courses in computer networking and cybersecurity, and advises graduate and undergrad security research. He is an Army officer of 26 years with a unique mix of experience in armored maneuver warfare and Army systems automation. He has published over 25 papers and articles on topics including computer architecture, wireless security, online privacy, and cyber warfare and has spoken at several academic and industry conferences, including Black Hat, RSA, Shmoocon, and the NATO Conference on Cyber Conflict.

Greg Conti is an Associate Professor at West Point and Director of the Army Cyber Institute. He is the author of "Security Data Visualization" (No Starch Press) and "Googling Security" (Addison-Wesley) as well as over 60 articles and papers covering cyber warfare, online privacy, usable security, and security data visualization. Greg has served as Officer in Charge of a forward deployed expeditionary cyber team, acted as a Senior Advisor in the US Cyber Command Commander's Action Group, and co-created US Cyber Command's flagship Joint Advanced Cyber Warfare Course (JACWC). He has spoken at numerous security conferences, including Black Hat, DEF CON, HOPE, ShmooCon, RSA, and the NATO Conference on Cyber Conflict. His work can be found at www.gregconti.com.