Idrach
LE
Slightly_Nasty said:There are plenty of suitable people, we just haven't got the funding or political will to exploit them properly yet.
Oh, I don't know - SGRS, anybody?
There is also an argument that the Army is reluctant to train soldiers in state of the art industry standard software because they would all put their papers in and earn big bucks in civvy street.
Indeed - exactly what happens with whatever they're calling AISU these days. 215 MI?
At the time that I did the Army's computer forensic course, the commercial world had been using Encase forensic software for 5 years. It was the best, but cost £1500 per licence. The Army's answer was to teach us with a £20 copy of Norton Utilities; this would take someone several months to forensically search an average sized hard drive, but at least there was no demand for it in civvy street.
Dunno when your course was but we've had enCase since just before Telic 1. I've deployed it to assist with various things - other people have used it on ops, in major investigations etc.
Cyber defence in the form of 100% sy audits and system redesign (if required) already happens in the MOD, as you would expect, with all 3 services having some type of capability. In fact most MOD systems are fairly well protected for both network intrusion and resilience compared to the commercial world.
Snicker - if only. Oh, sorry - you actually mean that, don't you It's not rose tinted specs - somebody's covered your's with black nasty, haven't they.
Any vague appearance of competence is only because the MOD is generally only interested in talking to itself. Pretty much wherever it tries to connect to other bodies - govt or the interwebs, it runs in to the same problems that the rest of the world has - just with no money left, a bunch of well meaning middle managers who'd much rather be in Afg than Abbey Wood or Andover. About the only advantage it has is that it is large enough (and we're used to doing anti-social duties) that it runs a 24x7 SOC. Which is great until you realise that most attacks are now at the application layer which makes them very difficult to spot with centralised network based tools (regardless of whether it is the RAF using them or Microsoft.)