π Note: This article explains how Squad Managers (users with Manage Squads who have been assigned to be a Squad Manager for a particular Squad) can navigate their Squad's Profile. This article requires some pre-requisite understanding of the concept of Functions on the FifthDomain platform. Please refer to this article first for an overview of Functions.
What are Squads?
A Squad is a grouping of affiliated users in an organisation that sits within a Function. Functions, as mentioned here, represent high-level cyber operational areas in an organisation, whereas Squads represent more granular responsibilities relevant to the Function they sit in. For example, an organisation may set up a 'Cyber Investigation' Function. Within this Function, the organisation may set up Investigation-related Squads, such as the 'Digital Forensics' and 'Data Recovery' Squads.
Each Squad in an organisation is made up of individuals - individual contributors of relevant cyber skills (Squad Members), as well as those who manage the Squad while contributing cyber skills to it (Squad Managers).
Squads allow organisations to identify, manage, and develop skills at a more granular level than Functions. At the ground level, the skills of each individual within a Squad form the collective skills of the Squad. Going a level higher, the collective skills of each Squad within a Function form the skills present and available in the Function. Finally, the skills present in all Functions in an organisation form the organisation's overall cyber skills, or its cyber 'workforce'.
Types of Contributing Members in Squads
A contributing member refers to a user whose individual skills contribute to the collective skills of a Squad. Squads comprise of two types of users, Squad Managers and Squad Members, both of which are contributing members.
The skills of users in organisations who are not contributing members (i.e. have not been added to a Squad as either a Squad Manager or Squad Member) do not contribute to the skills of any Squad or Function in the organisation. Non-contributing members' skills also do not contribute to the collective skills in the organisation.
π€ Squad Managers
A Squad Manager is a contributing member who is appointed (by a Function Lead) to be responsible for training in a specific Squad. Via their Squad's profile, Squad Managers create Training Activities for those in their Squad, edit them, and if required, edit the WRs of those in their Squad to best meet the needs of their Function. A squad can have any number of Squad Managers (but it is mandatory to have at least one).
π Note: To be a Squad Manager, you need to have been given the Manage Squads permission in your organisation on the platform. You also need to be explicitly allocated to be a Squad Manager for a specific Squad in your organisation. Simply being assigned Manage Squads alone will not grant you Squad Manager abilities.
As mentioned above, Squad Managers are contributing members - in addition to managing training, their own skills contribute to the Squad's collective skills. A user can only be a contributing member of one squad at a time.
π₯ Squad Members
Squad Members are users added to a Squad by Function Leads to contribute skills to their assigned Squad. Squad Members do not have visibility of their Squad's profile. A squad can have any number of Squad Members.
π Note: To be a Squad Member of a Squad in an organisation, you simply need to be affiliated to the organisation. After you are affiliated, Function Leads will be able to add you into a Squad in their Function. A user can only be a contributing member of one squad at a time.
Navigating to your Squad Profile as a Squad Manager
As a Squad Manager, if you want to open your Squad's profile, simply click Workforce on the sidebar. When you have opened your Squad's profile, you will see your Squad's assigned Function [1] at the top, along with profile icons [2] of contributing members in the Squad. You will also see two tabs - Squad Skills [3] and Squad Management [4].
π Note: if you are solely a Squad Manager in your organisation (i..e you are not a Function Lead or an Org Designer), when you click Workforce, you'll be directed straight to your Squad's profile. You won't be able to see your organisation's Workforce page. If you are a Squad Manager and also a Function Lead and/or an Org Designer, you'll see the Workforce page when you click Workforce, and you will be able to access your Squad's profile from there.
Viewing the Squad Skills Tab
By default, when you click on your Squad's profile, you'll be directed to the Squad Skills tab. All skills and performance data demonstrated by current contributing members of the Squad (i.e. Squad Managers and Squad Members) will display.
π Note: As a Squad Manager, you'll only be able to see the Actual Skills demonstrated by your Squad's contributing members. You won't be able to see any Target Skills that have been set for the Function that your Squad sits in. Please discuss specific training needs for your Squad with your relevant Function Lead(s).
Sections in the Squad Skills Tab
The Squad Skills tab of a squad profile consists of two main sections - the Squad Cyber Skills Cortex [1], and the Squad Performance Triangle [2].
Reading your Squad's Cyber Skills Cortex
A squad Cyber Skills Cortex is a diagram which maps out the cyber skills that contributing members of a squad have demonstrated in assigned competitions and assessments, against FifthDomain's Cynaptic Skills Adaptor Framework.
π‘Remember: Only current Squad Managers and Squad Members' skill and performance data will appear in Squad Skills. The skill and performance data of previous squad members who have been removed will not show up.
What is the Cynaptic Skills Adaptor Framework?
The Cynaptic Skills Adaptor Framework maps all of the challenges on the FifthDomain platform to the following three components - Professional Specialties, Skills, and Proficiency levels. When a challenge mapped to a certain Professional Specialty and Skill is solved, the Cyber Skills Cortex will reflect demonstration of that Professional Specialty and Skill (at the set Proficiency level of the challenge).
What are Professional Specialties?
Professional Specialties are grouping units within the Cynaptic Skills Adaptor Framework which group all cyber skills demonstrable on the platform to overarching high-level cyber work specialisations. Each challenge on the platform is mapped to one of six Professional Specialties. A single challenge cannot be mapped to multiple Professional Specialties.
π A quick overview of each of the six Professional Specialties is below:
Intelligence: Cyber work which relates to the collection of information on the open or dark web outside of one's own network. This can include removing friendly information as an Operational Security (OPSEC) measure.
Penetration: Cyber work which relates to gaining unauthorised access and ability to make modification to a system.
Protection: Cyber work which relates to hardening one's own systems, identifying system configurations that protect from threats, and finding vulnerabilities.
Detection: Cyber work which relates to searching systems, sources, and information points to detect events, and identifying and moderating a comprehensive list of relevant observables.
Engineering: Cyber work which relates to building Security Operation Centre (SOC) technologies in order to make technologies better and faster.
Investigation: Cyber work which relates to the analysis of artefacts to derive Indicators of Compromise (IOCs), and reveal a full behaviours and capabilities.
What are Skills?
Each Professional Specialty is made up of Skills. Skills, as per the Cynaptic Skills Adaptor Framework, are a more granular set of abilities and knowledge related to a more specific area within cybersecurity. For example, the Log Analysis (LA) Skill is mapped to the Detection Professional Specialty.
There are currently approximately 30 Skills demonstrable on the platform, each mapped to one of the six Professional Specialties in the Cynaptic Skills Adaptor Framework.
Each challenge on the platform can be mapped to multiple Skills within the single Professional Specialty that it is mapped to. As an example, a Detection challenge may be mapped to the Log Analysis (LA) and Traffic Analysis (TA) Skills. However, it cannot be mapped to Skills outside of the Detection Professional Specialty.
What are Proficiency Levels?
Proficiency levels, per the Cynaptic Skills Adaptor Framework, determine level of ability in a particular Skill on the platform. There are five proficiency levels that can be demonstrated on the platform. These are modelled from the Dreyfus Model of Skills Acquisition, and are described below:
π A quick overview of the Cynaptic Skills Adaptor Framework Proficiency Levels (drawn from the Dreyfus Model of Skills Acquisition):
Level 1 (Novice): Demonstration of a basic but incomplete understanding of a concept, and a mechanistic approach requiring supervision for relevant work completion.
Level 2 (Advanced Beginner): Demonstration of a working understanding of a concept, and a perception of required actions as steps. Those at this level can an complete simpler tasks independently.
Level 3 (Competent): Demonstration of a good working and background understanding of a concept, with contextual awareness. Those at this level are capable of independent work to an acceptable standard.
Level 4 (Proficient): Demonstration of deep understanding of a concept, complete with a holistic view of required actions. Those at this level consistently achieve high standards when performing relevant work.
Level 5 (Expert): Demonstration of authoritative and/or deep holistic understanding of a concept, complete with intuitive handling of routine relevant matters. Those at this level excel effortlessly when performing relevant work.
Each challenge on the platform is assigned one of the five proficiency levels within the Cynaptic Skills Adaptor Framework. Solving a challenge which tests a particular Skill at a particular proficiency level indicates that the solver is able to demonstrate that Skill at that proficiency level.
What is the Cyber Skills Cortex?
The Cyber Skills Cortex is a cyber skills map that conceptually mimics the structure and shape of the human brain. The diagram shows which Skills a user has demonstrated, which Professional Specialties they align to, as well as which proficiency levels they have demonstrated Skills in. The Cyber Skills Cortex is made up of six sections, with one section for each of the six Professional Specialties within the Cynaptic Adaptor Skills Framework. Within the Cortex, each Professional Specialty has been subtly grouped in pairs according to similar functions.
The two Professional Specialties on the upper section [1] of the Cortex (Intelligence and Penetration) are grouped together on the Cortex as they both relate to interacting with external devices, systems, information sources to achieve an outcome.
The two Professional Specialties on the middle section [2] of the Cortex (Protection and Detection) are grouped together on the Cortex as they both relate to systems administration and operational work.
Finally, the two Professional Specialties on the lower section [3] of the Cortex (Engineering and Investigation) are grouped together on the Cortex as they both relate to assembling and disassembling systems, artefacts, and their accompanying information.
Each Professional Specialty section on the Cortex is made up of its relevant Skills. Each Skill is allocated a dedicated row on the Cortex (each row contains five squares), with one square for each of the five proficiency levels demonstrable for each Skill (these squares are called Skill-Proficiency squares). The row of numbers at the top of the Cortex diagram represent the five proficiency levels.
There are two sets of proficiency levels on the Cortex, each increasing in level from the central spine of the Cortex, and dividing the Cortex into a left and right section. The set of proficiency level numbers on the left of the Cortex span from the centre to the left, and the set on the right span from the centre to the right.
How do I read a squad's Cyber Skills Cortex?
A squad's Cyber Skills Cortex shows all the cyber skills members have demonstrated on the FifthDomain platform across all the assessments and competitions they have participated in.
Understanding Blank vs Filled Skill-Proficiency Squares
All Skill-Proficiency squares that a squad has not demonstrated a relevant challenge solve in will be blank on its Cortex diagram.
Once a challenge has been solved in an assessment or competition, the Skill-Proficiency square relevant to that challenge should be filled in with a number and colour.
The number in a Skill-Proficiency square shows how many unique challenges (mapped to that specific Skill-Proficiency square) squad members have solved. For instance, if squad members have solved 6 unique challenges mapped to the Log Analysis (LA) Skill at the Level 1 (Novice) proficiency level, the squad Skill-Proficiency square for Level 1 (Novice) Log Analysis (LA) will contain the number 6 inside it.
Note that solving the same challenge across different events will only count as one solve in the challenge's relevant Skill-Proficiency square (each unique challenge will only show up in the count once).
The intensity of the colour in a Skill-Proficiency square is also determined by the number of relevant challenge solves demonstrated. The darker the colour of a square, the more unique challenge solves relevant to that square a squad has solved. Each time a challenge is solved, its relevant Skill-Proficiency square will darken by one shade.
Activating Tooltips over Skill-Proficiency Squares
To view more details about a specific Skill-Proficiency square, simply hover your mouse over it. Upon hover over a square you will be able to see the following details:
Full Skill Name
Proficiency Level
Solve Contributions
Last Solve
In the example below, hovering over the square [1] for Geo-Intelligence (GI) at the Level 1 (Novice) level activates a tooltip [2] which spells out the full name of the Skill (i.e. expanding from the acronym "GI"), the proficiency level of the square being viewed, the solve contributions for Level 1 Geo-Intelligence challenges, and the date, month, and year of the most recent relevant solve.
Understanding Links between Proficiency Levels for a Skill
It is important to note that demonstrating a Skill at a higher proficiency level is considered in the logic of the Cortex diagram to also contribute to ability to demonstrate the same Skill at lower proficiency levels.
Therefore, solving a challenge at a proficiency level higher than Level 1 (Novice) will also contribute to increased colour shade intensity of relevant mapped Skills at lower proficiency levels.
For instance, solving a Level 3 (Competent) Intrusion Detection (ID) challenge will lead to the Level 3 (Competent) Intrusion Detection (ID) Skill-Proficiency square deepening by a shade. Simultaneously, solving this challenge will also cause the Level 1 (Novice) and Level 2 (Advanced Beginner) Intrusion Detection (ID) Skill-Proficiency squares to also deepen.
Due to this logic, Skill-Proficiency squares will always be visually displayed as darker from the central spine of the Cortex, to lighter towards the left and right sides.
Understanding Skills Degradation over Time
Skills naturally degrade over time without consistent application and/or practice - the logic of the Cyber Skills Cortex takes this into account. Skill-Proficiency squares will lose their number value and colour intensity after a certain period of time. The number of months until degradation of a Skill-Proficiency square occurs depends on proficiency.
π Note: The list below outlines how Skill-Proficiency square number value and colour shades will lose their intensity according to their proficiency levels:
Level 1 (Novice) squares will lose their number value by 1, and colour intensity by 1 shade every 2 months.
Level 2 (Advanced Beginner) squares will lose their number value by 1, and colour intensity by 1 shade every 3 months.
Level 3 (Competent) squares will lose their number value by 1, and colour intensity by 1 shade every 5 months.
Level 4 (Proficient) squares will lose their number value by 1, and colour intensity by 1 shade every 8 months.
Level 5 (Expert) squares will lose their number value by 1, and colour intensity by 1 shade every 13 months.
As an example, if a user has solved 5 x Log Analysis (LA) challenges at Level 5 (Expert), their Level 5 LA Skill-Proficiency square would have the number 5 inside it, and the square would be five shades deep. If the user had solved 2 of these challenges 13 months ago, and 3 of them less than 13 months ago, then, when the user next logs in (assuming they have not solved any further Level 5 LA challenges), their Level 5 LA Skill-Proficiency square would have the number 3 inside of it, and the square would be 3 shades deep.
This is because 13 months have passed since the user last solved the first 2 Level 5 LA challenges, so skills degradation will have taken place. After this degradation occurs, the only way for the user to go back to having the number 5 in their Level 5 LA square (as well as having the square be 5 shades deep) is for them to solve an additional 2 x LA Level 5 challenges, keeping skills degradation at bay.
Using the Cyber Skills Cortex Time Period Filter
The Time Period Filter section contains a slider that enables you to filter your view the Cyber Skills Cortex to a specific time period in the past.
The leftmost side [1] of the slider represents Week 1 of October 2023. This is when the FifthDomain Cynaptic Skills Adaptor Framework was released to the platform, and is the earliest week available for you to view skills demonstrated/attempted.
The rightmost side [2] of the slider represents the current week and year.
How do I address skills gaps?
π‘ Remember:
As a Squad Manager, your primary responsibility is managing Training Activities for individual contributing members in your Squad to help your Function meet its Skill-Proficiency requirements (Target Skills) set by your organisation's Org Designers. Coordinate with your Function Lead(s) to identify areas in your Function where there are skill deficits. Your Function Lead(s) will be able to provide you with specific skills development goals for your particular Squad. For more details on how to create Training Activities, refer to this article. To view and edit existing Training Activities, please refer to this article.
Note that although only Squad Managers can create and manage Training Activities, Org Designers and relevant Function Leads can also access your Squad's profile, and navigate to the Affiliated User Profiles of contributing members in your Squad.
Interacting with your Squad's Performance Triangle
The squad Performance Triangle visually maps out Success, Efficiency, and Speed scores of contributing members of a squad. The blue triangle on a squad Performance Triangle represents the average scores of current contributing members of the squad, whilst the grey triangle shows the average scores of affiliated users within your organisation.
You can also use the checkboxes to display individual triangles for specific members of the squad. Note that selecting and deselecting from the checkbox will not affect the blue triangle or the grey triangle.
Using the Performance Triangle Time Period Filter
You can use the time period slider above the Performance Triangle to filter your view of a squad Performance Triangle to a specific time period in the past. Simply drag the slider nodes to the period you wish to view.
Viewing the Squad Management Tab
As a Squad Manager, you can also see non-skills related details about your Squad on the Squad Management tab. At the top, you will see a description [1] for the Squad. Click Edit if you wish to make changes to this description.
In the Squad Managers table, you'll see a list of all users who have been added as a Squad Manager for your Squad, including yourself. For each Squad Manager, you'll be able to see their name, email, and Event Engagement [2] (the number of events they have engaged with out of the total they have been assigned). You'll also find a link to each Squad Manager's Affiliated User Profile (aside from your own) via View Profile [3].
You will also find these details (name, email, and Event Engagement [4]) for all Squad Members in the Squad Members table. Click View Profile [5] to navigate to a specific Squad Member's Affiliated User Profile.
π‘ Remember: As a Squad Manager, you won't be able to add or remove specific users from your Squad as Squad Managers or Squad Members. If you would like to edit the allocation of users in your Squad, talk to your Squad's Function Lead(s).