Cyber defense
Download 2.54 Mb. View original pdf
|
| CIBERDEFENSA ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR 47 operational, strategic and political) and it must foresee the necessary resources to carry it out. In addition, the program must define the evaluation and certification criteria for each position. 262. Collective training is aimed at cyber defense units in order to train and practice shared, coordinated and organized use of different and supplementary individual skills to achieve the same effect or objective. 263. Cyber exercises are standard practice internally, within the cyber force, and in the national and international context. Cyber exercises have two fundamental purposes to train individuals in collective tasks and to evaluate and, where appropriate, certify the preparedness degree of units. 264. It should be noted that the two purposes, training and evaluation, are often incompatible. The target audience of a training-oriented cyber exercise must comprise individuals (not experts) who are suitable to learn and make the most of the practices while the target audience of an evaluation-oriented cyber exercise must be made up of the regular staff of the unit to be evaluated. 265. A collective training program includes technical and procedural cyber exercises, at all levels of command, in all its facets (defensive, exploitative and offensive) for all cyber defense units, and the definition of the evaluation and certification criteria for each unit. 266. A collective training program must also consider the integration of cyber defense in joint military exercises and in other domains, and it must foresee and encourage participation in cyber exercises at national and international levels. 267. The most common cyber exercises are defensive-technical, offensive-technical and procedural. 268. Defensive-technical cyber exercises focus on training in defensive techniques against complex real-time cyberattacks; on garnering experience that is not usually acquired in regular work on the evaluation or comparison of units on testing new technologies on coordination and cooperation between units from different organizations (for example cyber force teams with other military branches, police, national critical infrastructure protection, etc) and on talent attraction. They are carried out on a cyber range, in which real networks and systems are setup, real techniques and tools are applied and all this framed in fictitious situations and scenarios based on probable real cases. 269. The most common defensive- technical cyber exercise is based on a model of five types of teams white team, green team, yellow team, red team and several blue teams. Download 2.54 Mb. Share with your friends:
|