Information Security Specialists Learn to Handle Hackers

June 15, 2010
By Maryann Lawlor, SIGNAL Connections
E-mail About the Author

When the school bells ring for the first time this fall, one of them will be calling students—especially government employees—to explore cyber operations from a whole new vantage point. A brainchild of industry, the Art of Exploitation (AoE) University will feature a curriculum rich with hands-on computer penetration training, red teaming, vulnerability analysis, exploitation and forensic analysis.

The concept of teaching courses in information security is not new. Many organizations offer them piecemeal. These improve information systems personnel understanding of specific vulnerabilities, but not necessarily their ability to see a full-threat picture. In fact, even TeleCommunication Systems Incorporated (TCS) has been offering courses individually at its training center in Baltimore. These classes will become part of a comprehensive AoEUniversity curriculum when the 36,000-square-foot facility opens its doors during the third quarter of 2010 in Hanover, Maryland.

According to Andre Gudger, senior vice president, TCS, the idea for a university that focuses on cyber exploitation began four years ago. At that point, TCS developed specific courses addressing the issues information security professionals and industry were facing. Jeremy Willingham, senior cyber instructor, TCS, explains that the original course materials were delivered during a two-week boot camp where students studied in more than 40 hands-on projects in laboratories that were followed by comprehensive practical exercises.

TCS soon realized that it could fill a training gap that existed in government agencies. While government agency personnel were installing a variety of information security software and hardware, little comprehensive training was being offered to them in this arena. In addition, courses were being taught in a briefing style with the subject matter expert standing at a lectern delivering a lecture, which is not the best way to learn, Gudger says.

To remedy this problem, TCS developed an all-encompassing curriculum that not only addresses cyberthreats but also brings together cybersecurity subject matter experts in a think tank environment. The new facility will be considered a "Cyber Center of Excellence" and a research and development facility that focuses on supporting cybersecurity professionals. At the AoEUniversity, these experts will offer their opinions about current and future cybersecurity challenges and opportunities. In addition, they will participate in dynamic research and development activities to create technologies to protect mission-critical networks.

From the government's standpoint, the university offers an opportunity for agency personnel to study in an enhanced, blended learning environment that includes both hands-on and instructor-led course work. Gudger explains that TCS is developing at least four courses specifically aimed at the information security issues that government information security personnel face. Some of these courses will be classified, others will not.

Individuals with specific mission experience will teach the classes to ensure that the teachers can relate directly to the problems their students face every day. In addition, all courses within the curriculum will feature information security technology tools that the students will use in the future in their organizations.

Willingham reveals that some students who are taking or have taken TCS individual computer network operations courses work for the U.S. Defense Department. Although he will not say which agencies within the department have sent personnel through this training, he allows that they include "anyone who you can imagine in the intelligence agencies."

Gudger explains that one of the reasons the AoEUniversity curriculum approach is of particular importance today is that the threats to information systems have transformed rather drastically. During the 1990s and earlier this decade, networks were the primary focus for both attackers and defenders of agencies' systems. Today, however, threats occur through different venues. With the introduction and increased use of social networking media and wireless mobile devices, those protecting information systems must be prepared to fight additional adversaries in different battlespaces using new techniques, he says. This is one of the purposes of the university as a Cyber Center of Excellence, Gudger adds.

The AoEUniversity courses have evolved to address these changes. For example, in the past an information security specialist would focus on specific vulnerabilities or threats. Today, it is more important to study the method that is behind these problems and determine where adversaries are aiming to obtain information and the tools they are using, Gudger relates.