With the continued escalation in the volume, sophistication, and complexity of network attacks, the training of government professionals with the cyber skills needed to operate, maintain and defend computer networks has become increasingly urgent. In fact, maintaining a robust workforce of educated and trained "cyber-bodyguards" is a real and present national security issue. And as threats continue to change and evolve at cyber speed, training must also continue to rapidly improve and adapt to meet new and unknown threats.
The use of crowdsourcing—a social networking technology that leverages the "collective experience" of the group—is rapidly showing promise as a way to capture high-quality experiential knowledge and lessons learned in a more efficient way than previous methods. The human performance domain typically employs cognitive analysis and direct workplace observation to identify what experts know and do and then feed that into improvement of training methods and content. But this process can be time consuming, has logistical challenges, and provides a very limited sampling upon which to make continuous improvements in training. Applying controlled "internal crowdsourcing" techniques, expert cyber security practitioners and intelligence analysts can be immersed in a game-based environment where their performance patterns are tracked, their insights captured, and new detection patterns discerned. These findings can then be fed back—in rapid succession—to improve training scenarios and methods.
This paper presents a methodology to help meet cyberspace requirements and address the current talent gap using a rapid and agile process for continuous improvement in cyber training. The authors present a framework whereby crowdsourcing can be employed to capture human performance in a game-based network environment. The convergence of crowdsourcing and gaming provides a new and effective way for current training development models to integrate lessons learned from expert performers and improve personnel proficiency at cyber speed.