Leading IT & IA Organizations in the “Real World”

(Well, at least my real world)

17 Oct 07

What I Want to Cover

• Perspective on IT and IA – advancements as I’ve experienced them

• Things I’ve learned and want to share

• War stories along the way to relate it in real world examples *

• What I look for when hiring IA help– Types of experience, certificates and degrees

A Bit About Where I Come From

• Military Communications and Networks– Telecom, Computers, Networks and SATCOM

• Wild, Wild, West

• Enterprise Network Defense

• Post-Military -- Net Defense Consultant

Building IT Organizational Credibility in the Mid 90s

• Issue: Taming the Wild West – NT, Novell, Banyan Vines– PeachText, WordStar, Word, WordPerfect– Internet…friend or foe? What’s this Mosaic?– “Hobby Shops”

Building IT Organizational Credibility in the Mid 90s (cont.)

• Credibility needed to enable central management of IT and IA company-wide– Obstacles: Budget, Technology, Talent,

Experience, Culture, Competing Agendas– OK for mainframes and data centers

Progress in the late 90s• Budgets and technology start to catch up

– Consolidate to Scalable Apps (NT, Office) – First successful (that is they did more good

than harm) firewall and IDS use

• However, still problems with attitudes (IT * and users), credibility, competing agendas

• Hobby Shops fighting to the finish *

Progress in the late 90s (cont.)

• Not a matter of could it be done, but should it be done and can we trust the IT department geeks

• Focus on “customer responsiveness” *

Users should come to you NOT because they have to, but because they want to

Enterprise Network Defense

Enterprise Network Defense

• Joint Task Force – Global Network Operations (JTF-GNO): Responsible for joint network ops and network defense

• AF Network Operations and Security Center (AFNOSC) Network Security Division: Responsible for AF network defense– IDS Ops here in San Antonio (Computer

Emergency Response Team (CERT))

IA versus Net DefenseUSAF Definitions

• IA: “measures to protect and defend info and info services by ensuring availability, integrity, authentication, confidentiality and non-repudiation”

• Net Defense: “Employment of network-based capabilities to defend friendly info in or transiting our nets against enemy efforts to destroy, disrupt, corrupt, or usurp it”– Said another way, response to a maneuvering enemy

on our nets vice IA commercial best practices

Enterprise Network DefenseLegal Justification

• Electronic Communications Privacy Act (ECPA) service provider exception:“(2) (a) (i) It shall not be unlawful under this chapter [18 USCS §§

2510 et seq.] for an operator of a switchboard, or an officer, employee, or agent of a provider of wire or electronic communication service, whose facilities are used in the transmission of a wire or electronic communication, to intercept, disclose, or use that communication in the normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service, except that a provider of wire communication service to the public shall not utilize service observing or random monitoring except for mechanical or service quality control checks.”

Enterprise Network Defense

• ECPA, a wiretapping law, allows us to do network defense

• “we can drive a truck through the hole opened by the service provider exception”

Enterprise Network Defense

• AF Ops organized into 4 focus areas

• Prevent, Detect, Respond, Sustain– Prevent: Anti-virus, Blue Team scans, Red

Team, Network Orders, Patch Mgt– Detect: IDS, traffic analysis– Respond: Incident Response Team, port

scans, intel, law enforcement– Sustain: Maintenance, planning/budget,

training, Q/A (“stan/eval”)

Enterprise Network Defense

• Operations conducted following “Find, Fix, Track, Target, Engage, Assess” process– Same F2T2EA process as AF air strike

operations in Iraq or Afganistan

• Intelligence actions v/s law enforcement *– Intel – Foreign nationals or companies– LE – US citizens and companies

• If we don’t or can’t catch the hack, we can catch the follow on activity

Enterprise Network Defense

• Boiling Frog Syndrome

• Culture, attitudes and cooperation continue to play a part in success and failures

Unsolicited Advice

• Since you are here, assume you aspire to leadership roles, so here goes….

• It’s the Organization’s Missions and Goals, not the latest IT craze– Know how your company makes money– Know how IT and IA contribute to that– Know how to articulate it to non-geek

leadership– Budget savings *

Unsolicited Advice

• Focus on the people (users), resist urge to focus on technology

• The relationships you build will play heavily into your success *– A concept beyond “networking”

• Find a mentor in your company

• “Never underestimate the power of being kind” *

Unsolicited Advice• Work your boss’s problems

– Not an IT-specific thing, but understand his/her goals and challenges…and help

• Arrive early, stay late…even if it’s just minutes

• Learn to write and speak well– You’d be amazed what a differentiator this is– Take speech or composition as an elective – We have active Toastmasters

Insight From Recent Hiring's

• Timing counts *…match skills with opening

• Expect your current employer to be contacted *

• Certifications are a positive differentiator now…eventually they’ll be an ante just to play the game (negative if you don’t have)– Requirement for military, civ and contractors

Recent Hiring's

Recent Hiring's (cont)

• Master’s Degree: start when you’re young, possible market salary adjustments

• My boss always asks…“How fungible are they” (consultancy)– In other words…how many different problems can

they help us solve…”thoroughbred or a one trick pony”.

– Identify all talents you have that may apply to opening

Questions?

"There are but two powers in the world, the sword and the mind. In the long run, the sword is

always beaten by the mind."

-- Napoleon Bonaparte

• Feel free to email me at

rydell_mark@bah.com