Governments and armed forces worldwide last year spent more than $8 billion in the cyberwarfare market to beef up networks and increase security. Analysts believe that an expected growth in information security spending also could lead to new opportunities for businesses that can help train cyberwarriors.
Visiongain, a market research firm based in London, is forecasting significant sales growth in the global cyberwarfare market in the coming years. “We believe the cybersecurity boom offers a lucrative range of business opportunities for defense companies and software developers,” a company spokesman said in promotional materials for a report titled, “Cyberwarfare Market 2010-2020.”
That range not only spans information technology hardware and security software but also includes training and education for the cyberwarrior and layman alike.
“There are opportunities for those that have online training or in-class training to grow a market,” said Robert Rodriguez, chairman and founder of the San Francisco-based Security Innovation Network, an organization that aims to advance IT security.
As governments nurture their cybersecurity work forces, some leading companies and organizations also are trying to educate their own workers so that they are savvier about conducting day-to-day business in the Internet-connected world. They are quickly learning that tried-and-true teaching methods are becoming obsolete in the digital realm.
“Traditional classroom training may not any longer be the most effective,” said Diane Miller, operations director of Northrop Grumman Corp.’s cybersecurity group.
Training is evolving from lecture delivery to a computer-based process that is engaging, visually appealing and contains embedded tools and quizzes that progressively move students from the basics to more advanced levels.
“The curse of much computer-based training is that some scenarios are really profoundly uninteresting and you walk away bored, no smarter, possibly a little bit dumber, than when you sat down,” said Jared Freeman, chief research officer at Aptima Inc., a Woburn, Mass.-based company that specializes in adaptive training tools. “The trick is to present scenarios that challenge folks at just the right level and then to push them to the kind of expertise you want them to attain.”
The company is developing a 3-D game with an “accelerated learning architecture” to quickly train frontline managers in identifying potential insider cyberthreats.
“The insider threat is one of the biggest issues we have,” said Rodriguez.
Though the government and the Defense Department remain focused on thwarting cyberattacks from outside entities, one of the growing areas of concern is an enemy that is already inside the nation’s networks conducting espionage or theft or sabotaging systems.
Pentagon officials are just beginning to grapple with how the department will continue operating when faced with that problem. Educating managers to spot potential troublemakers in the work force is one way to help security officers stop an attack. Currently they do not receive such training.
Aptima’s game, RESIST-EM (Resisting Espionage & Sabotage with an Intelligent System for Training Expert Managers), aims to change that.
“We will take novices in this area and help them become journeymen,” said Freeman. “They will acquire a new way of understanding the behaviors of their staff that may help them to identify threats more accurately, earlier.”
The game simulates a corporate office environment. Players control avatars and learn how to spot clues indicating their fictional staff may have an insider threat lurking about. Just as they would in real life, players receive emails, take phone calls and access personnel reports and other documents and materials in search of indicators of disgruntled employees who are more likely than others to pose a problem.
“We’re trying to exploit some theory about bad behavior in the workplace — theory and evidence that comes from psychology, both cognitive and organizational,” said Freeman. Psychosocial cues, such as anger management issues or isolation, and environmental factors, such as recent company layoffs, can alert managers to a potential problem.
Freeman emphasized, “We are not trying to make security people out of everyday managers. We’re simply trying to help them identify the existence of threats within their walls,” so that the appropriate security officers can conduct an investigation.
“The accelerated learning architecture ensures that each student is constantly, appropriately challenged. This deliberate study and the amount of it are what makes experts,” said Freeman. The mathematical technique, called “partially-observable Markov decision process,” that is embedded in the game can be applied across many learning domains.
“This approach reliably accelerates learning even in complex military team tasks,” said Freeman.
By the end of next year, Aptima expects to deliver a prototype to the Defense Department. Company officials hope that it eventually becomes a standard part of the department’s managerial training curriculum or is made available to managers for voluntary training. “We think there’s a commercial market for this as well and will be looking at that as the project proceeds,” said Freeman.
Northrop Grumman has been working with a small company that developed a 3-D training tool for the Naval Postgraduate School in Monterey, Calif. Together, the companies’ engineers created a scenario that turned into a 10-minute cyberdefense game that debuted on 12 laptops at an education workshop for school children in the Washington area. In the game, players took on the role of company executives in charge of new employees. They had to equip the workers with laptops, connect them to the network and allow access to certain files and systems via passwords. They also had to set up physical zone security within the organization’s walls and fight off problems such as malware coming into the network.
As the players made decisions, the training tool responded and reacted to those actions and customized the next step. For example, if a student forgot to purchase anti-virus software for the laptop and the new employee subsequently opened an email with an embedded virus, then the company would lose money.
Miller said the program has been so successful that the company is acquiring a new cyberdefense game. Officials plan to disseminate it via Facebook to reach middle school-aged children and make them aware of cybersecurity. The hope is that the children will decide to pursue careers in the field, and perhaps one day come to work for the company. “You’ve got to find them early and start building that talent pipeline,” she said.