Game On: How Cybersecurity Competitions and Hands-On Incident Response Training Help Bridge the Skills Gap

June 6, 2019
| |
4 min read

Cybersecurity is a strong area of focus for many organizations as business leaders around the world become increasingly aware of the direct link between a company’s reputation and its ability to protect enterprise data. Although they may be at different stages in the development of their incident response plans and aptitudes, these organizations are on a maturity curve to better secure themselves and protect their operations.

In its “2019 Threat Intelligence Index” report, IBM X-Force revealed a 20 percent year-over-year increase in publicly disclosed misconfiguration incidents. New cybersecurity regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), increase the level of government oversight and liability that an entity would face in the event of a data breach. Businesses will be looking to further invest in cybersecurity either by themselves or through managed security providers.

The growing demand for cybersecurity products and services has led to an increase in the number of cybersecurity jobs, which is expected to grow over 28 percent from 2016 to 2026, according to the U.S. Department of Labor. With the number of unfilled cybersecurity positions set to reach 3.5 million by 2021, according to Cybersecurity Ventures, now is the time for organizations to invest in cybersecurity education. Collegiate competitions offer an engaging, hands-on way for students to start on their path to a career in cybersecurity — and for prospective employers to help them get there.

How IBM Gamifies Incident Response Training

At IBM, we work with various universities on research partnerships in cybersecurity technologies, methodologies and policies. For instance, CyberDay4Girls, which targets middle school-age girls around the world, has reached 3,450 students since its inception in October 2016. We also sponsor cybersecurity competitions such as the Collegiate Penetration Testing Competition (CPTC) and Collegiate Cyber Defense Competition (CCDC).

I was excited to lead IBM Security’s effort in sponsoring the 2019 Southeast Collegiate Cyber Defense Competition (SECCDC) along with Matthew Dobbs, who acts as a liaison and technical team lead. IBM has been a proud sponsor of the SECCDC for the past four years. In previous years, prior to its official sponsorship, IBM invested personnel to assist during the events.

The competition format was what is known as a blue team exercise in the cybersecurity industry. Students showed up to protect corporate assets, including virtual infrastructure, networking tools, Windows and Linux servers, web and email services, and desktop environments. In addition to the technologies they were tasked to protect, the students had to install new services, write reports, investigate incidents and meet business injects designed to emulate real-world operations.

Peyton Duncan, a University of Central Florida student competitor, noted that the hands-on experience helps him in the real world. The practices for the competition exposed him to tools such as open-source firewalls, network monitoring software and log analysis solutions. This exposure helps the team develop its ability to solve problems quickly and successfully protect their environment. Duncan also stressed the importance of keeping up with cybersecurity news, which allowed the team to protect itself against the latest threats.

What Are the Benefits of Hands-On Cybersecurity Competitions?

For cybersecurity professionals, training doesn’t stop when the job starts. From collegiate competitions to the workforce, incident response training in realistic settings helps teams prepare for any scenario. A hands-on approach, whether it’s through a simulated cyber range experience or a competition setting using real industry tools, provides an opportunity to build cyber muscle memory.

This year, participating teams used an intelligent security information and event management (SIEM) solution to score points as part of the business injects during the competition. IBM Atlanta united to build and configure the SIEM appliances for the competition. We worked closely with the competition organizer, Kennesaw State University, to create the business injects, and integrated the SIEM tool with log collections and network monitoring from various systems.

The team worked hard to ensure that the environment students competed in closely emulated what they would be doing in a real world. IBM X-Force Command sets up these simulations on a daily basis for Fortune 500 clients and their leadership teams to practice breach response and recovery using both technical and nontechnical injects to drive success.

And the Winner Is…

The two-day 2019 regional final competition was hosted at Kennesaw State University on April 3–4. The competitors took full advantage of this unique opportunity to develop diverse skill sets. Many of them practiced on a weekly basis to hone their technical skills, teamwork and business responses and learn how to handle any situation that might arise during the competition. Out of 31 universities that participated, the following eight made it to the final round:

  • Clemson University
  • Columbus State University
  • Kennesaw State University
  • University of Central Florida
  • University of Florida
  • University of North Carolina, Wilmington
  • University of South Alabama
  • University of Tennessee at Chattanooga

IBM identified student intern candidates as well as early professional candidates from the competition who have the requisite skills and passion to protect an organization from cyberattacks. These students know how to configure secure systems and services and understand the implications of misconfiguration and noncompliance. Moreover, the competition gave them business context experience, which is critical in real-world environments. We are excited to extend the offer for internship and full-time positions to many of these students.

It just goes to show that everyone wins when employers have a chance to meet talent and bridge the skills gap at cybersecurity competitions around the world.

Nat Prakongpan
Integration Lab Manager, IBM

Nat Prakongpan has been working in the information security industry since 1997. He has experiences in various technologies including firewall, IPS, SIEM, ac...
read more