Lt. Col. Brian Denman and Skip Runyan of the U.S. Air Force's 39th Information Operations Squadron receiving the National Cybersecurity Innovation Award, with White House Cyber Coordinator Howard Schmidt, at the National Cybersecurity Innovation Conference in Washington, DC.
Washington DC, October 21, 2011
US Air Force Wins U.S. National Cybersecurity Innovation Award Deploying a Cyber Range As An Integral Element of Its Training Courses Enables the Air Force To Improve Mastery of Tactics, Techniques, and Procedures by the Next Generation of Cyber Warriors
The SANS Institute announced today that the U.S. Air Force's 39th Information Operations Squadron (IOS) was selected as 2011 U.S. National Cybersecurity Innovation Award winner for its innovative use of a realistic cyber range woven into in the training of military personnel in cybersecurity.
Finding and developing cybersecurity talent is among the highest cyber priorities, as recognized by a long list of government officials and senior corporate executives, including Department of Homeland Security Secretary Janet Napolitano and U.S. Cyber Command Chief Gen. Keith Alexander. Sadly, most government agencies cannot find people with the right skills and experience. Too often, they are forced to bring in people who are able to theorize about security but who lack the practical, hands-on skills needed to protect critical systems.
The U.S. military is investing heavily to build cybersecurity training programs that can prepare the next generation of hands-on cyber defenders and cyber operators. The Air Force made a breakthrough when it moved its program away from the common overreliance on classroom training and instead deployed a cyber range where students can "fight in cyberspace" every day, testing and honing their new skills and improving their impact.
The 39th IOS cyber "Flight Simulator" and "Training Range" allow each student to conduct defensive cyber operations against real-time network attacks in controlled training scenarios. In the simulations, students use a graduated set of hands-on skills to find hidden flags, analyze security flaws, remotely access other computers within the network, analyze evidence to determine attacker activities, and defend their networks as they move to the next level of exercise.
This program adheres to a key tenet of effective development of Airmen: "fight like you train and train like you fight."
The US Air Force 39th Information Operations Squadron is awarded the 2011 National Cybersecurity Innovation Award in Developing World-Class Cyber Talent for setting a high standard that is already being noticed and copied by other organizations that need cybersecurity people with hands-on skills.
The National Cybersecurity Innovation Awards recognize developments undertaken by companies and government agencies that have developed and deployed innovative processes or technologies that (1) is innovative in that it has not been deployed effectively before, (2) can show a significant impact on reducing cyber risk, (3) can be scaled quickly to serve large numbers of people, and (4) should be adopted quickly by many other organizations. Nominators for the include most of the senior government officials involved with cybersecurity as well as those from the major Cybersecurity Information Sharing and Analysis Centers (ISACs). Corporations and individuals, including SANS instructors also nominated innovations. Each nomination was tested by SANS research department against the criteria; those that met *all* four were recognized. More than 50 nominations were received; 14 were selected.
Press persons who want to talk with the AF 39thIOS and ask other questions contact:
Alan Paller, firstname.lastname@example.org, (301) 951-0102 x108
1Lt Casey Osborne at (850) 884-3795
Established in 1989 as a cooperative research and education organization, SANS' programs reach more than 400,000 security professionals, auditors, system administrators, and network administrators who share the lessons they are learning and jointly find solutions to the challenges they face. At the heart of SANS are the many security practitioners in government agencies, corporations and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community. (www.sans.org)