The Next Generation of Cyber Defenders
From Jan 20-22, I led a team of high school students and mentors to second place among high schools during the 2017 CyberThon Capture the Flag event in Pensacola, FL. The students, who had some programming experience from a game programming class, prepared for the weekend by taking introductory cyber security and threat analysis classes. These classes were put on by volunteers from the local Armed Forces Communications & Electronics Association (AFCEA) chapter.
Capture the Flag (CTF) was implemented using the Facebook CTF framework and lots of man hours from local cyber talent (of which we have quite a bit!).
As I attended four speakers during the opening day ceremonies, one thing stood out to me. Three of the four made a serious point of humans being the weakest link in security:
- Ray Murphy, VP Information Security, Navy Federal Credit Union
- Captain William Lintz, Commanding Officer, Center for Information Warfare Training
- Joseph Campbell, Senior Security Specialist, Defense Security Service
I was also struck by a quote from a local DHS cyber analyst: “I always tell people to patch their systems and train their people.” Yes, you need both!
This event also left me with an appreciation of what educators do on a daily basis: keep students engaged. On day one, knowing that the students didn’t have Linux experience, we taught them basic command line operations. Then, their jaws dropped when I showed them that with their IP and login, I could read the text files they had just written to on their Desktops.
As the event unfolded, the students were excited to capture “flags” that ranged from basic terminology to using the Linux command line to write regular expressions to performing packet analysis with Wireshark.
The best part of this experience was seeing the students light up and be excited to compete. It was also rewarding to watch the mentors get competitive while researching areas of knowledge outside their expertise. Were we doing homework Saturday night? You bet we were.
This is the third year that this CyberThon event has been held in Pensacola and my second year volunteering. I keep coming back because I believe we need more talent in the cyber security arena. Equally important are people who are willing to see “the big picture” instead of just their little slice of the pie. For the students who have been inspired to pursue the security side of a future technology career, that’s exactly what CyberThon was meant to do and I’m so happy to be part of that.