It is no secret that we face a significant global cybersecurity skills shortage, with 1.8 million open and unfilled positions expected by 2022. As global leader of academic outreach for IBM Security, I am often asked what steps we can take to address the shortage and accelerate skills.

My response is unwavering: There is no single answer, no silver bullet. We must act tirelessly, remain dedicated to the cause and engage in many different types of activities. One such activity involves corporate sponsorship of competitions such as the Collegiate Cyber Defense Competition (CCDC), which wrapped up this past weekend with the national finals taking place at the University of Texas at San Antonio.

What Is the CCDC?

The CCDC aims to provide an educational experience in which students can apply theory and practical skills in a controlled, competitive environment, all while fostering teamwork, ethical behavior and effective communication both within and across teams. Over the course of several months, teams from higher education institutes across the U.S. compete in virtual qualifiers, regional competitions and, ultimately, the national finals.

In a CCDC competition, student teams assume administrative and protective duties for a fictitious commercial network. Teams begin the competition with identical sets of hardware and software, and are scored on their ability to detect and respond to outside threats, react to business injects and maintain the needs of the business.

Read the IBM X-Force Report: Using gamification to enhance security skills

The Importance of Industry Sponsorship

According to Stephen Keim, principal architect and program manager at IBM Security, it’s important for industry sponsors to be involved with CCDCs. For one thing, it gives them access to a hotbed of talent, with over 1,000 highly skilled security and computer science students from top U.S. schools looking for employment. These competitions also offer students visibility into products and people.

While theory has its place, nothing beats hands-on skills when it comes to being employable upon graduation. In fact, aside from the shortage of talent itself, the most common complaint of hiring managers is the lack of hands-on skills demonstrated by applicants. Competitions like the CCDC provide a wonderful environment for hands-on learning.

“I enjoyed seeing the strong level of interest and enthusiasm the student competitors have toward IBM Security,” said John Wheeler, vice president of services strategy at IBM Security. “I believe students really find IBM Security attractive given the broad range of experiences we can offer given the vast range of our solutions, global presence and leading direction in cognition.”

Bob Kalka, vice president of IBM Security, networking at NCCDC in San Antonio.

Furthermore, volunteering at the CCDC presents an opportunity to speak with department heads and other faculty members to understand their needs. They provide perspective on what we, their industry partners, can do to help them teach the skills necessary to make the world a safer place.

Nurturing the Cybersecurity Talent of Tomorrow

This year, for the first time, IBM sponsored the CCDC regionals in the Northeast, Southeast and Western regions, as well as the national finals in San Antonio. IBM Security employees volunteered in various capacities, but they overwhelmingly favored white team membership.

White team members judge teams and monitor their performance, attitude and technical skills very closely throughout the competition. White team members also have the opportunity to provide feedback to the students, to share what went well and what could be improved upon next time. Overall, CCDC competitors remained calm and displayed incredible enthusiasm and professionalism, leaving quite an impression on the IBM team.

“As a white team member, you really get to see who is going to perform under pressure,” said Rhonda Childress, IBM Fellow. “By watching the teams, you really get a feel for how they will react to situations. I wish they had this competition around when I was going through university!”

In addition to monitoring and judging the teams, IBM volunteers had the opportunity to share their passion for IBM, explain what they do, and talk about the breadth and depth of IBM Security solutions. According to Nat Prakongpan, integration lab manager for IBM Security, students across the U.S. are now aware that IBM does cybersecurity, and does it well.

The IBM Booth, with Nat Prakongpan, at SECCDC.

Our IBM volunteers had such a wonderful time meeting and observing the young talent of the future in action that many are already asking if they can go back next year. Congratulations to all the teams who competed in the 2017 CCDC qualifiers, regionals and national finals. Competing in events such as the CCDC takes a special kind of passion and dedication. The IBM team sends a big shout out to the team from the University of Maryland, Baltimore County, which took the 2017 National CCDC championship title.

As they say in show business, that’s a wrap! See you at CCDC 2018!

Read the IBM X-Force Report to learn how gamification can enhance security skills

More from Intelligence & Analytics

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read