Last weekend, the Center for Infrastructure Assurance and Security at UTSA hosted the 2017 National Collegiate Cyber Defense Competition (NCCDC) at the Henry B. Gonzalez Convention Center. There, the ten best collegiate cybersecurity teams came from around the U.S. to San Antonio to compete.
The goal of each team is to be the best cyber defense team in the nation. To achieve this, teams referred to as blue team, have to go head-to-head against some the best penetration testers in the country, the red team. The red team consists of many different private cybersecurity firms, federal agencies and well-known Department of Defense contracting firms.
The finalists are selected nationally from bracket type regional competitions, which take place across the nation during the spring semester. This year over 230 cyber collegiate teams, in various regions, competed for the opportunity to advance to nationals. UTSA’s cyber defense team had placed second in regionals, but did not qualify for the national competition.
“Despite making second at regionals, I volunteered at NCCDC to get a better understanding of other team dynamics and a peak at the type of infrastructure to expect at nationals,” stated Julian Chan, UTSA computer science sophomore. “You’ll get a lot out of CCDC if you make the effort to build relationships and technical skills both in and out of practice.”
Arguably, this competition is considered by both industry personnel and government officials as the most prestigious cyber defense competition. Companies and agencies such as Raytheon, Amazon, the NSA and the CIA sponsor and attend NCCDC and often hire student competitors.
Prestige and employment aside, students have various reasons for both volunteering and competing at NCCDC.
“You gain a form of training that is unlike anything else,” states Chris Gardner, member of team Cyber Dawgs from University of Maryland Baltimore County (UMBC). “It teaches you how to deal with extreme pressure, high stress situations and there is not really many places you can get that in a training environment…This is extremely stressful, and I wouldn’t trade that for anything.”
UTSA senior, CCDC team member and cybersecurity and information systems major Alexander Klepal also believes students gain a unique kind of training through competition.
“I’ve gained knowledge in class. I’ve applied it in CCDC. Without this program, I’d only have theoretical ‘textbook’ knowledge. Actually using what I’ve learned against an active red team? It’s the best way to learn.”
This pressure also pushes students to go well outside the scope of typical learning. These students practice many hours a week setting up servers with many different operating systems such as Linux and Windows.
“Don’t stick to what you learn in class, explore. If your school participates in cyber defense competitions, go for it. Because what you learn from competing will be invaluable to you,” states Sahiba Mann, UTSA team member and MS graduate student in information technology with a cybersecurity concentration.
Dr. Greg White, director of the CIAS and UTSA professor of computer science states, “Students go through a program at a lot of universities, and all they are going to get is a lot of lab time. Labs aren’t necessarily the same thing as the real world. CCDC provides students an opportunity to get a better feel for what it is going to be like once they graduate and go on to either government or industry.”
Real world cybersecurity experience is what NCCDC is aiming to provide students. Students are given scaled versions of corporate computer systems and are expected to defend them against cyber attacks, all while keeping the business functional for simulated customers. The teams that do the best get to call themselves champions.
Congratulations to University of Maryland Baltimore County, University of Tulsa and Brigham Young University for their respective first, second and third team places.