Security survival training
- By Dan Verton
- Mar 26, 2000
The pace of development in information technology has so altered the security
landscape that training has become a matter of survival, according to the
Army's chief information officer.
"There is absolutely no way that we can keep up with this technology
if we don't invest in training," said Lt. Gen. William Campbell, the Army's
CIO and director of information systems for command, control, communications
But if the increasing use of technology is the problem, it is also a
The Army this year plans to issue top-of-the-line computers and Internet
access to as many as 6,000 carefully selected recruits in an effort to bolster
its training and education programs. The effort is part of a larger program
that makes more than 1,044 IT and security-related courses available to
more than 200,000 Army students each year through the Internet and CD-ROMs.
The Army offered samples of some of those CD-ROM-based courses, developed
by the Defense Information Systems Agency's Information Assurance program,
to attendees at the recent Directors of Information Management 2000 Conference.
They are available to any DOD agency through DISA's Infosec Education,
Training, Awareness and Products Branch, which develops and coordinates
a DOD-wide information security training program.
A major part of that program includes about 10 different CD-ROM- and
video-based awareness courses on information assurance and security.
One of the products featured at the conference, a 30-minute introductory
video, outlines some of the security issues surrounding Internet activity
and the security threats posed by cell phones and fax machines. The Army
also passed out two CD-ROMs that offer security auditors and system administrators
a comprehensive look at how to identify threats, isolate intrusions and
coordinate responses with other defense agencies.
The following is what you'll find in those courses. For more information,
visit the DISA Infosec World Wide Web site at www.disa.mil/infosec or DOD's
Advanced Distributed Learning Network at www.adlnet.org.
This four-part video takes a light-hearted look at some common-sense
precautions that all information workers should take during the course of
their daily routines.
For example, the first segment urges personnel to be discreet about
their professional identities when participating in Internet chat forums
at home. "Kyle," whom the video describes as somebody who is passionate
about his work and often takes it home, "knows that others can build a profile
of him and his interests based on his Web surfing patterns."
In another segment called "Bits and Pieces," information workers are
warned that "spies will try almost anything in pursuit of information" and
that "even the most bumbling and inept spy can achieve success by accessing
the desired information on a computer." Bits and pieces of information,
the video warns, can be used to build a more in-depth picture of sensitive
Many different agencies within DOD, including the National Guard Bureau,
are developing their own training courseware and CDs. But that's about to
change. In May DOD will deliver to Congress a plan for the next generation
of standards-based distributed learning that will give rise to computer-based
training modules that will be more "accessible, interoperable, portable
and reusable," according to Robert Downes, executive secretary for DOD's
Advanced Distributive Learning Initiative.
Through this program, the Pentagon will be able to take content from
CDs, such as those reviewed here, and other applications and reuse it across
the entire enterprise. This will ensure that courses are written by verifiable
experts and will eliminate the need for units to rewrite their own courses.
"The intent is to be very engaging," said Lt. Cmdr. Rick Blunt, deputy
director of learning technologies in the office of the assistant secretary
of Defense for Reserve Affairs. "If it's done correctly, training can be
done one-third faster and one-third cheaper."