Cybersecurity is a strong area of focus for many organizations as business leaders around the world become increasingly aware of the direct link between a company’s reputation and its ability to protect enterprise data. Although they may be at different stages in the development of their incident response plans and aptitudes, these organizations are on a maturity curve to better secure themselves and protect their operations.

In its “2019 Threat Intelligence Index” report, IBM X-Force revealed a 20 percent year-over-year increase in publicly disclosed misconfiguration incidents. New cybersecurity regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), increase the level of government oversight and liability that an entity would face in the event of a data breach. Businesses will be looking to further invest in cybersecurity either by themselves or through managed security providers.

The growing demand for cybersecurity products and services has led to an increase in the number of cybersecurity jobs, which is expected to grow over 28 percent from 2016 to 2026, according to the U.S. Department of Labor. With the number of unfilled cybersecurity positions set to reach 3.5 million by 2021, according to Cybersecurity Ventures, now is the time for organizations to invest in cybersecurity education. Collegiate competitions offer an engaging, hands-on way for students to start on their path to a career in cybersecurity — and for prospective employers to help them get there.

How IBM Gamifies Incident Response Training

At IBM, we work with various universities on research partnerships in cybersecurity technologies, methodologies and policies. For instance, CyberDay4Girls, which targets middle school-age girls around the world, has reached 3,450 students since its inception in October 2016. We also sponsor cybersecurity competitions such as the Collegiate Penetration Testing Competition (CPTC) and Collegiate Cyber Defense Competition (CCDC).

I was excited to lead IBM Security’s effort in sponsoring the 2019 Southeast Collegiate Cyber Defense Competition (SECCDC) along with Matthew Dobbs, who acts as a liaison and technical team lead. IBM has been a proud sponsor of the SECCDC for the past four years. In previous years, prior to its official sponsorship, IBM invested personnel to assist during the events.

The competition format was what is known as a blue team exercise in the cybersecurity industry. Students showed up to protect corporate assets, including virtual infrastructure, networking tools, Windows and Linux servers, web and email services, and desktop environments. In addition to the technologies they were tasked to protect, the students had to install new services, write reports, investigate incidents and meet business injects designed to emulate real-world operations.

Peyton Duncan, a University of Central Florida student competitor, noted that the hands-on experience helps him in the real world. The practices for the competition exposed him to tools such as open-source firewalls, network monitoring software and log analysis solutions. This exposure helps the team develop its ability to solve problems quickly and successfully protect their environment. Duncan also stressed the importance of keeping up with cybersecurity news, which allowed the team to protect itself against the latest threats.

What Are the Benefits of Hands-On Cybersecurity Competitions?

For cybersecurity professionals, training doesn’t stop when the job starts. From collegiate competitions to the workforce, incident response training in realistic settings helps teams prepare for any scenario. A hands-on approach, whether it’s through a simulated cyber range experience or a competition setting using real industry tools, provides an opportunity to build cyber muscle memory.

This year, participating teams used an intelligent security information and event management (SIEM) solution to score points as part of the business injects during the competition. IBM Atlanta united to build and configure the SIEM appliances for the competition. We worked closely with the competition organizer, Kennesaw State University, to create the business injects, and integrated the SIEM tool with log collections and network monitoring from various systems.

The team worked hard to ensure that the environment students competed in closely emulated what they would be doing in a real world. IBM X-Force Command sets up these simulations on a daily basis for Fortune 500 clients and their leadership teams to practice breach response and recovery using both technical and nontechnical injects to drive success.

And the Winner Is…

The two-day 2019 regional final competition was hosted at Kennesaw State University on April 3–4. The competitors took full advantage of this unique opportunity to develop diverse skill sets. Many of them practiced on a weekly basis to hone their technical skills, teamwork and business responses and learn how to handle any situation that might arise during the competition. Out of 31 universities that participated, the following eight made it to the final round:

  • Clemson University
  • Columbus State University
  • Kennesaw State University
  • University of Central Florida
  • University of Florida
  • University of North Carolina, Wilmington
  • University of South Alabama
  • University of Tennessee at Chattanooga

IBM identified student intern candidates as well as early professional candidates from the competition who have the requisite skills and passion to protect an organization from cyberattacks. These students know how to configure secure systems and services and understand the implications of misconfiguration and noncompliance. Moreover, the competition gave them business context experience, which is critical in real-world environments. We are excited to extend the offer for internship and full-time positions to many of these students.

It just goes to show that everyone wins when employers have a chance to meet talent and bridge the skills gap at cybersecurity competitions around the world.

More from CISO

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…

5 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Do You Really Need a CISO?

2 min read - Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer. A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership. It’s a changing role in a changing world. But…

2 min read

What “Beginner” Skills do Security Leaders Need to Refresh?

4 min read - The chief information security officer (CISO) was once a highly technical role primarily focused on security. But now, the role is evolving. Modern security leaders must work across divisions to secure technology and help meet business objectives. To stay relevant, the CISO must have a broad range of skills to maintain adequate security and collaborate with teams of varying technical expertise. Learning is essential to simply keep pace in security. In a CISO Series podcast, Skillsoft CISO Okey Obudulu recently said,…

4 min read