Think of it as an American Idol in which the contestants aren’t fighting for record deals but rather a pathway to joining the next generation of American offensive and defensive cybersecurity experts.
Meet Cyber Aces, a series of experimental state competitions that use a videogame to target participants with the right skills — a mixture of a deep understanding of networking, operating systems and systems administration — to receive a $25,000 scholarship for National Security Agency-level cybersecurity training. Many participants are high school and college-aged, but entrants also include Ph.D. recipients and military veterans.
“It’s a little like an Olympic sport, where you’re not really looking for everybody who wants to play baseball, you’re looking for the people who can score at world-class levels,” said Cyber Aces founder Alan Paller, who’s a co-chair on the Department of Homeland Security’s Task Force on Cybersecurity and SANS Institute Director of Research.
Cybersecurity is a growing field with an increasing number of job opportunities — but supply of qualified experts hasn’t yet met demand. That’s creating skills and security gaps that programs like Cyber Aces are hoping to eliminate by finding the top people to receive some of the best training in the world.
“What you’re searching for in cyberspace are the people who can respond in near real-time to a Stuxnet coming back at you,” said Paller in reference to a major, and likely state-sponsored, cyberattack targeting nuclear processing facilities in Iran.
“We’re looking not for general, workmanlike-people; we’re looking for what we call the hunters and the tool builders.”
Perhaps one of those future “hunters and tool builders” is 17-year-old Ryan McVeety, a high school senior who was among one of 10 scholarship winners at the second Cyber Aces competition, held last weekend in New Jersey. He called the program “very fun and very challenging.”
“It was what is called a ‘capture the flag’ contest,” said McVeety, who intends to pursue a cybersecurity career. “What happens is there are multiple ‘flags’ scattered in the computers. A flag is a string of characters, and capturing the flag involves copying it and the pasting it into the scoring system. Some of the first ones were very easy, but as you progressed through the game they got much more difficult. For instance, an easy one would be locating a hidden file, while a hard one would involve hacking into an external computer to try and find it.”
Jack Radigan, a 55-year-old U.S. Navy veteran who’s also interested in the cybersecurity field, was another New Jersey winner.
“I thought it was great,” he said. “I honestly had no expectation of what I was going to do here. I had a career in technology. I’ve never done any penetration testing, but I have a good bit of Unix knowledge, which served me well. I am totally jazzed about something like this. This is what we need: to give a forum for people to demonstrate their skills and ability.”
If the Cyber Aces pilot program is successful, it will expand to other states.
Can competitions bring out the top people to become cybersecurity experts? Share your thoughts in the comments.
Share
MAR
2013