The purpose of this article is to explore the world of cybersecurity competitions from both an academic and professional perspective. We will explore what is a cybersecurity competition, the importance of cybersecurity competitions, and examples of cybersecurity competitions
Cybersecurity competitions are being used by both academia and industry. Each level of education from high school to colleges and universities to the cybersecurity workplace uses cybersecurity competitions for different reasons. Academia uses cybersecurity competitions to bridge the cybersecurity skills gap.
Companies use cybersecurity competitions to keep cybersecurity staff up-to-date and trained. Cybersecurity threats change every year. Attackers adapt their strategies and tactics to circumvent the protections that are put in place. Cybersecurity competitions are being used to keep cybersecurity teams current.
It is not uncommon today to have cybersecurity competitions that consist of professional and novice teams.
What is a cybersecurity competition?
Cybersecurity competitions are a way for cybersecurity teams, both academic and professional, to be fully immersed in a cybersecurity simulation to train on how to attack organizations ethically and also protect and defend networks from cybersecurity attacks. Both of these skills are absolutely critical to cybersecurity teams today. To be a good cyber defender you need to understand how the attackers are breaking into organizations.
Cybersecurity threats are ever-evolving and cybersecurity teams need to keep pace with the changing strategies and tactics of attackers.
Types of cybersecurity competitions
There are so many different types of cybersecurity competitions that exist today. There is an entire industry created to provide this real-world cybersecurity experience. We will explore two of the main types of competitions but realize that a mix of these types might be what you see.
The first type of cybersecurity competition is called a CTF. CTFs are a traditional outdoor activity where you have two teams (each has a flag). The goal is to capture the other team\’s flag from their home base. This physical activity has turned into a virtual activity where the concept is to be presented cybersecurity challenges and each solution you are capturing a flag.
The most common type is a Jeopardy-style CTF. A Jeopardy-style CTF provides teams with questions to solve and each question is given a certain number of points depending upon the difficulty. A question in a Jeopardy-style competition can be a set of cybersecurity challenges that cybersecurity teams must solve to earn points. When a team solves the challenge, they \”capture the flag\”. The team with the most points wins the competition.
The CTF-style competition is about learning how to do ethical hacking and penetration testing if the competition requires cybersecurity teams to solve challenges in simulated network environments. Some cybersecurity CTF competition challenges are challenges that require research on the Internet and you get points based on your solutions.
There is a scoreboard that ranks the teams based on their points earned.
CyberDefense (Red Team/Blue Team), also known as Attack-Defend
The cybersecurity competition that I like the most is the cyber defense competition. A typical scenario for this type of competition is your team has been hired to take over the cybersecurity operations of an organization. Your job is to secure the organization from constant attacks. Time is money and the company is losing money if the network and systems are not operational. These events span 1-3 days. During the 1-3 days, you are given day-to-day tasks to complete along with locking down the systems and the network from attacks. In this scenario, you are the blue team.
Lurking in the background you have the attackers called the red team. Their job is to breach the systems and disrupt operations. There is also a gold team usually run by the CIO for the competition who provides the team tasks to complete. The team earns points based on the tasks being completed and the uptime of the network and the systems. The cybersecurity team also earns points for submitting documentation on the incidents that occurred that are able to detect and correct.
The team with the most points at the end is the winner. They typically have the teams ranked by points on a scoreboard. Each of these competitions has its own scenario and rules that the cybersecurity teams must adhere to.
Importance of cybersecurity competitions
But, why are these cybersecurity competitions important? Let\’s look at it from the different levels from high school to college, to professional.
- High Schools – Cybersecurity competitions at the high school level are really meant to get students engaged early on to encourage them to study cybersecurity as a career. A lot of competitions have a high school-appropriate level. A lot of CTFs are not appropriate for beginners if you are not careful. You have to do your research and ask if there is a high school competition included.
- Colleges and Universities – Cybersecurity competitions exist at the local, regional, state, and national levels. There are usually a lot of competitions available for college teams to participate in. You need to do your research and pick the ones that are appropriate for your team. At the college level, cybersecurity competitions are needed to help bridge the skills gap. I will go out on a limb and say that cybersecurity competitions are more important than internships in the development of a student. They will develop varied experiences in a short amount of time through practice and the competition themselves. Employers use competitions as a way to hire cybersecurity talent for their organizations.
- Professional – Cybersecurity competitions exist and are sponsored by the companies but there are also ones at the local, regional and national levels to participate in. As an example, Microsoft has red team/blue team competitions periodically between Microsoft teams and they play either the red team role or the blue team role. They rotate roles periodically. At the professional level, cybersecurity competitions help keep cybersecurity teams trained and up to date on the latest strategies and tactics by attackers.
The importance of cybersecurity competitions is different at each level but is very important in the development of cybersecurity professionals no matter their skill level.
Examples of cybersecurity competitions
There are so many cybersecurity competitions that exist today. I will just review a couple of examples that are pillars of the different levels to give you a taste of what you will find in your areas.
- CyberPatriot – from their website. \”CyberPatriot is the Air Force Association\’s National Youth Cyber Education Program, created to inspire K-12 students toward careers in cybersecurity or other science, technology, engineering, and mathematics (STEM) disciplines critical to our nation\’s future.\” They also sponsor a high school level competition every year.
- National Collegiate Cyber Defense Competition (CCDC) – One of the oldest cyber defense competitions that have both a qualifier, regionals and. nationals every year. It was founded in 2004 by a group of educators, students, and government and industry representatives in San Antonio Texas to provide a framework to use.
- National Cyber League (NCL) – NCL was created in 2011 to create an innovative way for students to apply what they are learning in class. There are 13,000 students from over 650 colleges and universities that participate in the NCL every year.
- DefCon CTF – DEF CON is the oldest and largest hacker convention in the world. Ten of thousands of people attend this convention every year. The DefCon CTF started in 1996 and has been an ongoing CTF ever since. It is the oldest CTF. It is tailored to professionals but college and university teams participate and try their luck every year.
Learning to become a cybersecurity professional and progressing in the profession is more than going to school and getting a degree. Cybersecurity competitions provide the gap between the classroom and the workplace by providing the necessary training that goes beyond a class. Cybersecurity competitions are a critical piece of cybersecurity professional development at all levels of expertise. We explored cybersecurity competitions, their importance, and examples of cybersecurity competitions that exist and been around for many years.
If you have any questions or comments, please provide them below. Thanks.