A Cyber Counterintelligence Competence Framework: Developing the Job Roles

European Conference on Cyber Warfare and Security Pub Date : 2023-06-19 DOI:10.34190/eccws.22.1.1093

Thenjiwe Sithole, J. D. Toit, S. V. Solms

{"title":"A Cyber Counterintelligence Competence Framework: Developing the Job Roles","authors":"Thenjiwe Sithole, J. D. Toit, S. V. Solms","doi":"10.34190/eccws.22.1.1093","DOIUrl":null,"url":null,"abstract":"In recent years, there have been intensifying cyber risks and volumes of cyber incidents prompting a significant shift in the cyber threat landscape. Both nation-state and non-state actors are increasingly resolute and innovative in their techniques and operations globally. These intensifying cyber risks and incidents suggest that cyber capability is inversely proportional to cyber risks, threats and attacks. Therefore, this confirms an emergent and critical need to adopt and invest in intelligence strategies, predominantly cyber counterintelligence (CCI), which is a multi-disciplinary and proactive measure to mitigate risks and counter cyber threats and cyber-attacks. Concurrent with the adoption of CCI is an appreciation that requisite job roles must be defined and developed. Notwithstanding the traction that CCI is gaining, we found no work on a clear categorisation for the CCI job roles in the academic or industry literature surveyed. Furthermore, from a cybersecurity perspective, it is unclear which job roles constitute the CCI field. \nThis paper stems from and expands on the authors’ prior research on developing a CCI Competence Framework. The proposed CCI Competence Framework consists of four critical elements deemed essential for CCI workforce development. In order of progression, the Framework’s elements are: CCI Dimensions (passive-defensive, active-defensive, passive-offensive, active-offensive), CCI Functional Areas (detection, deterrence, deception, neutralisation), CCI Job Roles (associated with each respective Functional Area), and Tasks and Competences (allocated to each job role). Pivoting on prior research on CCI Dimensions and CCI Functional Areas, this paper advances a proposition on associated Job Roles in a manner that is both intelligible and categorised. \nTo this end, the paper advances a five-step process that evaluates and examines Counterintelligence and Cybersecurity Job Roles and functions to derive a combination of new or existing Job Roles required for the CCI workforce/professionals. Although there are several cybersecurity frameworks for workforce development, establishing the CCI Job Roles is specifically based on the expression of the Job Roles defined in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"European Conference on Cyber Warfare and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.34190/eccws.22.1.1093","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In recent years, there have been intensifying cyber risks and volumes of cyber incidents prompting a significant shift in the cyber threat landscape. Both nation-state and non-state actors are increasingly resolute and innovative in their techniques and operations globally. These intensifying cyber risks and incidents suggest that cyber capability is inversely proportional to cyber risks, threats and attacks. Therefore, this confirms an emergent and critical need to adopt and invest in intelligence strategies, predominantly cyber counterintelligence (CCI), which is a multi-disciplinary and proactive measure to mitigate risks and counter cyber threats and cyber-attacks. Concurrent with the adoption of CCI is an appreciation that requisite job roles must be defined and developed. Notwithstanding the traction that CCI is gaining, we found no work on a clear categorisation for the CCI job roles in the academic or industry literature surveyed. Furthermore, from a cybersecurity perspective, it is unclear which job roles constitute the CCI field. This paper stems from and expands on the authors’ prior research on developing a CCI Competence Framework. The proposed CCI Competence Framework consists of four critical elements deemed essential for CCI workforce development. In order of progression, the Framework’s elements are: CCI Dimensions (passive-defensive, active-defensive, passive-offensive, active-offensive), CCI Functional Areas (detection, deterrence, deception, neutralisation), CCI Job Roles (associated with each respective Functional Area), and Tasks and Competences (allocated to each job role). Pivoting on prior research on CCI Dimensions and CCI Functional Areas, this paper advances a proposition on associated Job Roles in a manner that is both intelligible and categorised. To this end, the paper advances a five-step process that evaluates and examines Counterintelligence and Cybersecurity Job Roles and functions to derive a combination of new or existing Job Roles required for the CCI workforce/professionals. Although there are several cybersecurity frameworks for workforce development, establishing the CCI Job Roles is specifically based on the expression of the Job Roles defined in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.

查看原文本刊更多论文

网络反情报能力框架:发展工作角色

近年来，网络风险不断加剧，网络事件不断增多，网络威胁格局发生重大变化。民族国家和非国家行为体在全球范围内的技术和行动中都越来越坚定和创新。这些不断加剧的网络风险和事件表明，网络能力与网络风险、威胁和攻击成反比。因此，这证实了采用和投资情报战略的迫切需求，主要是网络反情报(CCI)，这是一种多学科和主动的措施，可以减轻风险，应对网络威胁和网络攻击。在采用CCI的同时，还认识到必须定义和发展必要的工作角色。尽管CCI正在获得吸引力，但我们发现，在调查的学术或行业文献中，没有对CCI工作角色进行明确分类的工作。此外，从网络安全的角度来看，尚不清楚哪些工作角色构成了CCI领域。本文源于并扩展了作者之前关于构建CCI能力框架的研究。拟议的CCI能力框架由四个关键要素组成，这些要素被认为是CCI劳动力发展所必需的。按照进展顺序，该框架的要素是:CCI维度(被动防御、主动防御、被动进攻、主动进攻)、CCI功能区(侦查、威慑、欺骗、中和)、CCI工作角色(与每个各自的功能区相关联)以及任务和能力(分配给每个工作角色)。本文以先前对企业文化创新维度和企业文化创新功能区的研究为中心，以一种既可理解又可分类的方式提出了相关工作角色的命题。为此，本文提出了一个评估和检查反情报和网络安全工作角色和职能的五步流程，以得出CCI劳动力/专业人员所需的新工作角色或现有工作角色的组合。尽管有几种用于劳动力发展的网络安全框架，但建立CCI工作角色是专门基于国家网络安全教育倡议(NICE)网络安全劳动力框架中定义的工作角色的表达。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

European Conference on Cyber Warfare and Security

自引率

0.00%

发文量