I just refined my most recent stint as the IO SME for a Joint Public Affairs Possibility Course. As a part of the operational play I had to devise an shape campaign to try and stop a BN CDR from attacking the capitol city as ordered by his BDE CDR.I must admit I wasn’t the best map-reader in the Army. I always tried to pair myself up with someone who was excellent at it. But it was clear to me that even before I could even develop my own MISO CONOP I had to be with you the military operation. This meant assessing the convoy route, determining how long the convoy would be allowed to travel before being attacked from the air, etc. This analysis complemented the media analysis of how to get to the unit’s leadership. Many people feel the same way in this area the cyber realm. In developing a graduate course for American Military University (AMU), “Cyber & The Intelligence Cycle” I have one lesson which is a practical implementation. I plotting it would be appropriate to provide some insight into cyber attack and defense by the side of the lines of a class military piece on small unit tactics. My version is a couple of pages and can be found below.Duffer’s Drift (found at: http://www.globalsecurity.org/military/store/policy/usmc/fmfrp/12-33/fmfrp12-33.pdf) is regarded as a classic in the realm of small unit tactics. It is set in the Boer War and describes dreams that a LT has while being exciting with the defense of a key piece of terrain. You can find a copy of the book on Amazon at: http://amzn.to/2nBB0j8 (which is also the photo source). In this version I’ve brought it up to date and analogized the small unit infantry tactics to the cyber world of today. There is a USMC authored Rand version for Information Operations Practitioners which is 50 pages worth and can be found at: http://bit.ly/2oL1XRIFirst Marvel“Do not place off defense” can be interpreted to mean use an active, layered defense or defense in depth means to use a digit of complementary security products and services in your defense. These include multi-factor authentication, firewalls, intrusion prevention systems, etc.“Locals” we can define to be contractors, visitors, temporary employees and similar stakeholders. In the defense context the doctrine relating to ‘locals’ means that you treat everyone as a security risk who must adhere to the same policies and procedures as employees and who must be subject to the same sort of cybersecurity technology products and services as others. Security needs to be standardized across all personnel seeking to access the organization’s information technology resources.“Tents” in the cyber context means insure that all devices and networks have at least a minimum amount of security to avoid casual use by unauthorized personnel and to discourage would be cyber trespassers.Second DreamThe second marvel makes a strong case for cyber concealment and deception. Techniques here can include honey-pots and sandboxes. Honeypots and sandboxes are technical means whereby systems and/or networks are set up that are really isolated from actual systems and networks. They are designed as decoys to attract, study, and entrap attackers. Both of these induce the attacker into an area where they can do no harm. As to locals in this marvel – the implication is that the organization treats the employees well so that they don’t covet the contractor’s position. Contractors should not be given favorable treatment to include the need to cover shifts beyond the normal day shift/week day work schedule.Third DreamThe third marvel makes the case for stringent ‘local’ management. This may also alluded to the 21st century enchantment with Social Media and that family members might unwittingly be security risks or even targets. Executives and those in insightful positions need to take unique care to insure that the organization’s insightful data, prototypes, plans, etc. are not accidently exposed on social media by family members. This bid for OPSEC means that family members should be aware of the dangers of social media and should have clear guidelines as to what they cannot do.Comments with respect to trenches can be taken to mean that there is a need for advanced security architecture. Architecture should also consider how organizations should maintain security in the face of advances in smartphones, drug, etc. Systems should be designed with cyber security as a core foundational element rather than as an add-on feature after the systems or applications are fielded.Fourth DreamThere are several key points contained in the 4th marvel. First of all, the marvel correctly realizes that cyber is everywhere. This is especially vital given the growth of the Internet of Things (IoT) as the 21st century version of Supervisory and Data Acquisition (SCADA) systems. Advice in this area guarding your rear could easily be interpreted as watch out for intentional (made by bots perhaps) or unintentional backdoors. Today’s software is highly complex and contains tens of thousands of lines of code. Product flaws, whether or known or unknown, can offer inviting entry points for attackers.Huddling the men could be interpreted as importance - don’t place all your insightful data in one spot. This principle is a driving force behind cloud architectures software as a service. Data Centers are giving way to web services for a variety of reasons with cost reduction being a primary consideration and advanced security such as provided by Amazon Web Services (AWS) being another. Not that AWS is impregnable. They make it clear that the client bears a heavy responsibility for security as well. Concealment needs to be addressed physically and logically. Physically it is not a excellent practice to make it simple to find your data center. Data centers should be concealed to add to their security and they should be buffered with appropriate physical security measures.Fascinatingly sufficient the 4thDream makes a case for penetration testing – “Look from the enemy’s view.” As a practical matter, penetration testing should be holistic. While employing white hat (excellent guy) hackers to test your IT security postures is a excellent thought, Human Intelligence (HUMINT) operatives should be considered to test resistance to social engineering and other people based hard work.Fifth DreamMakes a case for deception. Read industry expert Bruce Schneier’s concise summary at: https://www.schneier.com/blog/archives/2014/08/us_air_force_is.html.Sixth DreamUse all you have learned in all the other dreams to come up with the best possible cyber defense in your own situation.