2ndpreimage

Old-Salt
I think we're moving toward this very quickly. People are waking up to what our peer/near peer adversaries are capable of and are starting to think about how vulnerable they are.

Speaking specifically for the dark blue, our 1*/2* Battestaff commanders really think about this now and factor it into their operational planning.

It all comes out of 6 educating the 3/5 community and I'm sure the Army aren't far behind

My bold, what's that mean?
 
For want of more detailed descriptions, the 6 branch is CIS/ICS/Comms etc. and 3/5 are ops/plans. The army has G branches, the navy N branches and the RAF has A branches. At the joint level they are known as J and combined joint organisations have CJ. Some nations, including NATO units, have S branches at battalion level.

So he is saying that it is up to the CIS community to educate the ops/plans people (at all command levels) in order that they can factor it in, rather than just charging up the valley with their sabres drawn.
 

2ndpreimage

Old-Salt
For want of more detailed descriptions, the 6 branch is CIS/ICS/Comms etc. and 3/5 are ops/plans. The army has G branches, the navy N branches and the RAF has A branches. At the joint level they are known as J and combined joint organisations have CJ. Some nations, including NATO units, have S branches at battalion level.

So he is saying that it is up to the CIS community to educate the ops/plans people (at all command levels) in order that they can factor it in, rather than just charging up the valley with their sabres drawn.

Thanks. Which isn't dissimilar to our educating the business on risk their risks. That said, the most effective engagements are where the business unit have the risk function embedded.
 
I can't wait to see how many T3s bother to get T1 if they have CCNA, or of those that do how many pursue full military careers with a CCNP in their skyrocket. I think I have an inkling what the answer may be.

Take a look at NCIA NATO, Just about every job on the comms side has ...

Desired qualification - CCNA.


WTF for? Not only do they not have access to do anything except surf the net even if they are working on the network.

OH the noobs in human resources have read, heard , been told CCNA is a computer thing and good to have.

Having CCNA without a few years of working and using it is just a piece of paper.

I have a good friend , University CCIE/CCAr lecturer who gets loads of students from India and Pakistan. They either have paid for a friend to take the exam or done a boot camp and know nothing about networking.

I did my first Cisco class in 87 with AMRAF ( I think ? it was a long time ago) along with some R. Sigs pers who were on resettlement , retiring and they really thought that a 2 week class in the UK would open up the world to them.
 
Take a look at NCIA NATO, Just about every job on the comms side has ...

Desired qualification - CCNA.


[Snip...]

No they don't. It is desirable not essential. We try to train people up once they are in post and the amount of access they have, with the possible consequences of failure, require it.

Don't spout about subjects you are not up to speed on.
 
D

Deleted 3147

Guest
Thanks. Which isn't dissimilar to our educating the business on risk their risks. That said, the most effective engagements are where the business unit have the risk function embedded.

At Bde and Battlestaff level they have a "6" function embedded, thats who should be presenting the risks to the Commander for their direction.
 
Even if the 6 staff should be the ones advising the Comd and staff about how strong/vulnerable the network is, the next order is going to be ...so fix it.

What can they (YofS, FoS, Supr IS or even the SO2 J6) do about fixing any issues given the level of conracting out / managed service these days?
 
Good afternoon ladies and gents, just a quick one:

Would anyone be able to inform me on which Sigs regiments / sqns deal with Cyber Security / Information Assurance and all the rest of the jazz. I'm aware of JCU, but as far as I'm aware, the only gen I've seen is that these cyber security type roles in the Sigs is usually for Reservists?

Someone correct me if I'm wrong please.

Cheers.
apologies if anybody has answered this already - but like most specialist roles in the army the reality is thus:

as a junior, you're too junior to involved in specialist employment - expect to spend most time playing soldiers, cleaning weapons, and doing guard duty.
as a Cpl you'll spend most time learning to be a sergeant or on resettlement.
As a sergeant, you'll be employed as troop sergeant, aka, troop social worker, sorting out blokes admin and arranging rosters for blokes doing guard duties.
As a SSgt you make do some tech related stuff, but you'll be downgraded by then.
As a WO you could be a sergeant major, aka, sqn social worker, checking up that the sergeants have done their job.

you might do a few courses in this time which will teach you about the theory of cyber ops, maybe go to a few presentations but when it comes to actually doing the job its mainly left to the RAF and GCHQ...enjoy your career
 
D

Deleted 3147

Guest
Even if the 6 staff should be the ones advising the Comd and staff about how strong/vulnerable the network is, the next order is going to be ...so fix it.

What can they (YofS, FoS, Supr IS or even the SO2 J6) do about fixing any issues given the level of conracting out / managed service these days?

Certainly for the RN the order has been fix it, and because they've looked at the issue in the planning cycle there has been time to step back and develop options. You're right in part around the amount of contracting/managed services but with time these have the levers in place to make changes (albeit at cost and a fat wheezy snails pace).

Your latter point is one reason why the RN will look to regain some of that agility and in-source a lot more work in the future particularly as we adopt great use of open architectures/standards to enable true share infrastructures on ships that host delivered services. We want to own the data (APIs, interfaces et al), be able to add value (add in AI services, data aggregation etc) and be able to alter/update services and integrate them at our pace, not a contractors pace. Of course this means a significant change in how we train our maintainers/administrators which will benefit everyone. It won't happen overnight but it is happening.
 
D

Deleted 3147

Guest
you might do a few courses in this time which will teach you about the theory of cyber ops, maybe go to a few presentations but when it comes to actually doing the job its mainly left to the RAF and GCHQ...enjoy your career

In part there is some truth to that but the reality is changing. I have people up to SO3 who are ingrained in Defensive Cyber capability, LAND have the same. Small numbers for now but that will slowly grow and whilst it won't be the size of a new Corps, it will be a significant undertaking for MoD.

The RAF has been very canny in flexing manpower and liability for cyber roles, at up to 1*. They were quick to spot the opportunity and luckily had enough fat to flex, no way the RN or LAND could have made the same moves.

There is also an initiative underway to grow an entirely separate Joint Cadre and that has significant support. These will be very specialised individuals from all services, more aligned to GCHQ activity.

Your point in the main remains and I'm still watching the CEMA Regiment construct with interest to see how that develops.
 
Certainly for the RN the order has been fix it, and because they've looked at the issue in the planning cycle there has been time to step back and develop options. You're right in part around the amount of contracting/managed services but with time these have the levers in place to make changes (albeit at cost and a fat wheezy snails pace).

Your latter point is one reason why the RN will look to regain some of that agility and in-source a lot more work in the future particularly as we adopt great use of open architectures/standards to enable true share infrastructures on ships that host delivered services. We want to own the data (APIs, interfaces et al), be able to add value (add in AI services, data aggregation etc) and be able to alter/update services and integrate them at our pace, not a contractors pace. Of course this means a significant change in how we train our maintainers/administrators which will benefit everyone. It won't happen overnight but it is happening.
That sounds like a lot of fluff. MOD doesn't have the ability to steer procurement towards your stated destiny. It will talk about it but go down every rabbit hole known to man in getting there, in a similar way that ISS took back it's networks...continued to contract them out but now with someone with a green / light blue suit in charge.
 
D

Deleted 3147

Guest
That sounds like a lot of fluff. MOD doesn't have the ability to steer procurement towards your stated destiny. It will talk about it but go down every rabbit hole known to man in getting there, in a similar way that ISS took back it's networks...continued to contract them out but now with someone with a green / light blue suit in charge.
Which part exactly is fluff?

The Navy can create a lot more freedoms. We have our own platform networks and infrastructure, we develop our own applications. The biggest issue we've had is a legacy of "systems" procured that are silos in all respects. We can change that over time as we amend extant contracts and influence new ones. Saying it can't be done is defeat at the outset.

Incidentally ISS have never taken back any networks. If you're referring to DFTS which became GC (after GV2), that's still a fully contracted out service, where MoD is the customer and has some integration/security responsibility.
 
Which part exactly is fluff?

The Navy can create a lot more freedoms. We have our own platform networks and infrastructure, we develop our own applications. The biggest issue we've had is a legacy of "systems" procured that are silos in all respects. We can change that over time as we amend extant contracts and influence new ones. Saying it can't be done is defeat at the outset.

Incidentally ISS have never taken back any networks. If you're referring to DFTS which became GC (after GV2), that's still a fully contracted out service, where MoD is the customer and has some integration/security responsibility.
That biggest issue you had, you still have, your new ships infrastructure has been designed in isolation so probably isn’t FFP. I can’t think of any of your networks that you can throw any of these apps onto. By amending contract do you mean going with the cheapest provider then paying through the nose to get what you’ve asked for because they haven’t got the skill set to deliver? I’ve only met one Navy bloke that actually understands Comms and he’s just finished his time, he talked sense, not fluff. By the way DFTS is here for a while yet, probably until the Andrew sorts it’s life out with it’s legacy systems.
 

Glad_its_all_over

ADC
Book Reviewer
I'm perfectly willing to accept that the Naval Service has a grip on its own requirements, as regards the information and data support its platforms require and the necessary infrastructure to knit it all together, ditto the RAF and the tri-Service ISTAR community; all jolly good and all fine and dandy. I expect the Army does its bit as well in terms of enabling the operational support and coordination that information systems supply - all good. As far as I'm aware, defence of all that good stuff is pretty much OK as well - money has been spent sensibly and the defence networks are protected to an OK standard, say around where the banks were five years ago, which isn't that bad. By their nature, defence systems tend to be a touch more resilient, given the redundancy which is built in - and should be built in, it's a feature, not a mistake, at least in resilience terms.

Where my doubts start to creep in is once the conversation turns from the 6 space with hints of 2 (Sy) and starts to move into the 3 and 2 (collect) spaces. This is where I see a true capability gap in terms of what the Services can deliver - and where I suspect this is deliberate. Offensive cyber, whether reconnaissance or attack, is a hugely, hugely dodgy issue for a nation state nowadays and, while I'm confident that the UK has a highly sophisticated capability and can generate a number of interesting effects from that capability, I'm highly dubious that it would entrust any operational initiative in this field to the Services.
 
D

Deleted 3147

Guest
That biggest issue you had, you still have, your new ships infrastructure has been designed in isolation so probably isn’t FFP.
If you've been reading my posts thats the point, and why we've changed/

Kroneit44 said:
I can’t think of any of your networks that you can throw any of these apps onto.
Shared Infrastructure V3 which we're starting to deploy. But more than that we've just spent three weeks demonstrating how we can do this with NSOIT hardware and BAE hardware- app integration in hours and days [at the extreme], and we even had a friendly ex FoS(IS) on hand to play with cables and VMs.

Kroneit44 said:
By amending contract do you mean going with the cheapest provider then paying through the nose to get what you’ve asked for because they haven’t got the skill set to deliver?
You're a little ray of sunshine aren't you. Amending would suggest the contract was already awarded to a provider, so it wouldn't be a recompetion. So no.

Kroneit44']I’ve only met one Navy bloke that actually understands Comms and he’s just finished his time said:
By the way DFTS is here for a while yet, probably until the Andrew sorts it’s life out with it’s legacy systems.
Hate to tell you this, DFTS as a service and contract is officially dead. Global Connect replaced it, a chap called Ivan Hooper signed the contract two years ago.....
 
Last edited by a moderator:
D

Deleted 3147

Guest
Where my doubts start to creep in is once the conversation turns from the 6 space with hints of 2 (Sy) and starts to move into the 3 and 2 (collect) spaces. This is where I see a true capability gap in terms of what the Services can deliver - and where I suspect this is deliberate. Offensive cyber, whether reconnaissance or attack, is a hugely, hugely dodgy issue for a nation state nowadays and, while I'm confident that the UK has a highly sophisticated capability and can generate a number of interesting effects from that capability, I'm highly dubious that it would entrust any operational initiative in this field to the Services.

Depends on your definition of OCO, think more CEMA and thats where some of the Forces play
 

Glad_its_all_over

ADC
Book Reviewer
Depends on your definition of OCO, think more CEMA and thats where some of the Forces play
Mmmm. I'll take you word for it - and clearly there are aspects to this which can't be discussed on these means (or with me, filthy civvy that I am), but my own experience and a degree of insight into the Service way of doing things combine to make me more than a little skeptical. I don't have a problem, particularly, with 'cyber' becoming part of the great Officers' Career Bearer Ecology, given all the other magic bean stuff folk are expected to become instant experts on, you understand, but that is an entirely separate beastie from actually having the capability as opposed to 100+ truly spiffy Powerpoints in a career deck.
 
If you've been reading my posts thats the point, and why we've changed/

ex FoS(IS) on hand to play with cables and VMs
hahahahahahaha, a recent FofS IS or an old skool one ?

You're a little ray of sunshine aren't you. Amending would suggest the contract was already awarded to a provider, so it wouldn't be a recompetion. So no.

Hate to tell you this, DFTS as a service and contract is officially dead. Global Connect replaced it, a chap called Ivan Hooper signed the contract two years ago.....
He might have signed a contract, but you can't get much done without DFTS involvement, and that isn't going to change for a while. Again, fluff.
 
I'd just like to point out here that the reformation of 13 won be a slab of becks. The loser of said wager was adamant that 'the mighty seven' was about to make a return. That is all.
 
Last edited:

Latest Threads

Top