A Playbook Puts Cyber Defenders in the GameOctober 2016
Every sport coach uses a playbook that defines the role of team members and lists strategies or actions to win the game. MITRE's Jason Kick covers all the bases in the "Cyber Exercise Playbook," which demonstrates how to conduct cyber warfare exercises and what you can learn from them.
Cyber warfare exercises consist of running malicious cyber scenarios against a system or network in a controlled environment. Exercises help organizations assess their security posture and the ability of staff to defend systems under an attack. Kick's "playbook" focuses on the planning and execution of the exercises, including developing objectives, scenarios, reporting, assessment procedures and lessons learned.
An Inspiring Internship
His efforts in developing cyber defense exercises "started as a fluke" when he was recruited to work as an intern for the United States Transportation Command. Kick worked on a team of MITRE engineers who designed and implemented a security architecture for their resources worldwide.
"I was young and new to MITRE and ready to jump into anything," he says. "It was a career-defining opportunity and enabled me to be where I am today." Kick's work supports the National Security Engineering Center—the federally funded research and development center MITRE operates for the Department of Defense.
Unique Cyber Exercises for Unique Cyber Needs
Now, Kick uses that experience to support various types of exercises for multiple sponsors. "There are a lot of objectives in conducting cyber exercises. You're trying to assess the maturity of the security program. You also want to have an open mind about training and mentoring – it’s a learning process that’s not meant to make anybody look bad. It's a controlled environment where we're working as a trusted partner to facilitate training, mentoring, and assessing the security posture."
The exercises are unique every time, for every sponsor, in every country. "The playbook has defined the planning processes and guidelines, but each exercise takes on its own shape, look and feel, depending on the sponsor's objectives and needs."
Kick says every sponsor "is at a different level of maturity." The various types of exercises address sponsors' capabilities along with reinforcing things being done well and identifying areas of improvement.
"If it's a fairly young organization, they may not have the tools and capabilities to understand what's going on which can lead to more mentoring during the exercise. This can particularly be true within small organizations, educational institutions, non-governmental organizations, foreign governments or when working with multiple different entities where there are differences in terminology, capability, or language barriers.
He cites the need to "start slow, foster relationships, and build out the necessary processes and procedures."
Multiple Sponsors, Multiple Sites
Since he started as a MITRE intern at Scott Air Force Base in Illinois in 1999, Kick has worked primarily with the defense and intelligence communities. But he has also supported other sponsors, including the Federal Aviation Administration, the Department of Health and Human Services, the Department of Homeland Security, and the Internal Revenue Service.
His willingness to go on-site with sponsors has been an asset. In 2012, Kick relocated to Vicenza, Italy, for over two years to support the U.S. Army Africa Command. In that job, he traveled to Africa to work on communications and engineering support projects between the U.S. Army and African nations' militaries.
He also worked in Afghanistan for more than a year in 2011-12, providing analysis of the intelligence surveillance and reconnaissance systems to enable force reduction there. "It was a great opportunity. I learned so much and built so many relationships there. I felt like I contributed to a much larger public-service mission."
Kick currently supports cyber investigations related to national security and he continues to put the lessons of his cyber playbook to work for projects across the corporation.
—by Blair Gately
Are you a good fit for MITRE, too? Explore our current Job Openings.