What is a Cyber Ops Planner?
The Cyber Ops Planner develops detailed plans for the conduct or support of the applicable range of cyber operations through collaboration with other planners, operators and/or analysts. Participates in targeting selection, validation, synchronization, and enables integration during the execution of cyber actions.
Cyber Ops Planner must know:
- computer networking concepts and protocols, and network security methodologies.
- risk management processes (e.g., methods for assessing and mitigating risk).
- laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- cybersecurity and privacy principles.
- cyber threats and vulnerabilities.
- specific operational impacts of cybersecurity lapses.
- human-computer interaction principles.
- concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).
- physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
- understanding of operational design.
- website types, administration, functions, and content management system (CMS).
- accepted organization planning systems.
- forms of intelligence support needs, topics, and focus areas.
- attack methods and techniques (DDoS, brute force, spoofing, etc.).
- classification and control markings standards, policies and procedures.
- client organizations, including information needs, objectives, structure, capabilities, etc.
- common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
- computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
- crisis action planning and time sensitive planning procedures.
- crisis action planning for cyber operations.
- cryptologic capabilities, limitations, and contributions to cyber operations.
- cyber actions (i.e. cyber defense, information gathering, environment preparation, cyber-attack) principles, capabilities, limitations, and effects.
- cyber laws and legal considerations and their effect on cyber planning.
- cyber operations support or enabling processes.
- data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
- deconfliction processes and procedures.
- evolving/emerging communications technologies.
- existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization.
- fundamental cyber concepts, principles, limitations, and effects.
- fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
- how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
- how modern digital and telephony networks impact cyber operations.
- how modern wireless communications systems impact cyber operations.
- information security concepts, facilitating technologies and methods.
- intelligence support to planning, execution, and assessment.
- internal and external partner cyber operations capabilities and tools.
- Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
- malware.
- objectives, situation, operational environment, and the status and disposition of internal and external partner collection capabilities available to support planning.
- operational effectiveness assessment.
- operations security.
- organization cyber operations programs, strategies, and resources.
- organization decision support tools and/or methods.
- organization issues, objectives, and operations in cyber as well as regulations and policy directives governing cyber operations.
- organization objectives, leadership priorities, and decision-making risks.
- organization or partner exploitation of digital networks.
- organization policies and planning concepts for partnering with internal and/or external organizations.
- organizational hierarchy and cyber decision-making processes.
- organizational planning concepts.
- organizational structures and associated intelligence capabilities.
- physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
- planning activity initiation.
- planning timelines adaptive, crisis action, and time-sensitive planning.
- required intelligence planning products associated with cyber operational planning.
- staff management, assignment, and allocation processes.
- target and threat organization structures, critical capabilities, and critical vulnerabilities
- telecommunications fundamentals.
- the basic structure, architecture, and design of modern communication networks.
- the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
- the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
- the critical information requirements and how they’re used in planning.
- the functions and capabilities of internal teams that emulate threat activities to benefit the organization.
- the information environment.
- the organizational planning and staffing process.
- the organizational structure as it pertains to full spectrum cyber operations, including the functions, responsibilities, and interrelationships among distinct internal elements.
- the outputs of course of action and exercise analysis.
- the process used to assess the performance and impact of operations.
- the processes to synchronize operational assessment procedures with the critical information requirement process.
- the range of cyber operations and their underlying intelligence support needs, topics, and focus areas.
- the relationships between end states, objectives, effects, lines of operation, etc.
- the role of network operations in supporting and facilitating other organization operations.
- the structure and intent of organization specific plans, guidance and authorizations.
- the structure, architecture, and design of modern digital and telephony networks.
- the ways in which targets or threats use the Internet.
- virtualization products (VMware, Virtual PC).
- what constitutes a “threat” to a network.
- wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems.
Key skills of the Cyber Ops Planner include:
- evaluating information for reliability, validity, and relevance.
- preparing and presenting briefings.
- utilizing feedback to improve processes, products, and services.
- utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).
- administrative planning activities, to include preparation of functional and specific support plans, preparing and managing correspondence, and staffing procedures.
- applying analytical methods typically employed to support planning and to justify recommended strategies and courses of action.
- applying crisis planning procedures.
- documenting and communicating complex technical and programmatic information.
- preparing plans and related correspondence.
- reviewing and editing plans.
- anticipate key target or threat activities which are likely to prompt a leadership decision.
- apply the process used to assess the performance and impact of cyber operations.
- craft indicators of operational progress/success.
- graphically depict decision support materials containing intelligence and partner capability estimates.
- developing and executing comprehensive cyber operations assessment programs for assessing and validating operational performance characteristics.
- distinguish between notional and actual resources and their applicability to the plan under development.
- synchronize operational assessment procedures with the critical information requirement process.
- analyze and assess internal and external partner cyber operations capabilities and tools.
Cyber Ops Planner must be able to:
- communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- accurately and completely source all data used in intelligence, assessment and/or planning products.
- apply critical reading/thinking skills.
- function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
- exercise judgment when policies are not well-defined.
- effectively collaborate via virtual teams.
- collaborate effectively with others.