Zero trust, top key exploited vulnerabilities part of 5th annual cyber cup challenge – Federal News Network

Hubbard Radio Washington DC, LLC. All rights reserved. This website is not intended for users located within the European Economic Area.
Whether you are a chief information security officer, a cybersecurity analyst or have nothing to do with securing networks or systems in your day job, if you want to test your mettle against other federal experts, the 5th annual President’s Cup Cybersecurity Competition is your opportunity.
The federal employee-only contest pits teams of federal employees and individuals from across the civilian, defense and intelligence communities against not just each other, but against the smart folks at Carnegie Mellon University’s Software Engineering Institute, which helps CISA develop the contest.
“Every year we start our challenge development cycles by looking at new vulnerabilities that have come out that year, looking at some relevant topics to the cybersecurity community. We take a look at CISA’s key exploited vulnerabilities catalog to see what we can put in there that’s testable within our infrastructure,” said Michael Harpin, the competitions section chief within the Cyber Defense Education and Training branch at the Cybersecurity and Infrastructure Security Agency in the Homeland Security Department, in an interview with Federal News Network. “We have some challenges this year that are focusing on zero trust architecture as well because that’s a highly relevant topic within the community. On top of that, we’re always looking to push the limits within our competitions. We’re going to incorporate some physical industrial control systems (ICS) escape room challenges into our teams finals that we host in person at CISA’s facilities the week of April 15. We’re really looking forward to incorporating these new wrinkles and giving new vulnerabilities out to our participants.”
The “capture the flag” competition also includes some aspects of artificial intelligence and large language models. Harpin said the real test is around a lot of the fundamental skills within the workforce CISA wants to continue to assess and test.
        Join us Jan. 25 at 2 p.m. EST for a discussion with agency and industry leaders on how agencies are fostering collaboration and modernizing mission applications using Agile, DevSecOps, sponsored by CACI. | CPE credit eligible
“Those are always key to see within not just the competition, but also to see within workforce development,” he said.
Teams of two-to-five must register by the end of Tuesday, while individuals have until Feb. 6.

The competition is open to only federal employees, whether or not they work in cybersecurity full-time or at all, and CISA is encouraging anyone interested in demonstrating their cyber chops to take part in this governmentwide event.
“The competition gives individuals a task that they have to solve within a virtual regime. For us in the Presidents Cup, it’s very simple for all of our participants as all they need is access to the internet and a web browser. We make it very lightweight for our participants to play,” Harpin said. “We’re seeing a lot of mixed teams in the competition. We’ve seen the Postal Service join with some Department of Defense individuals. We’ve even seen some mixed teams of military branches, but still no teams that have Army and Navy individuals on the same group.”
The individuals competition is split into two tracks, with one focusing on defensive work roles and tasks, and the second track focusing on offensive work roles and tasks.
Harpin said in the past some individuals make it into the finals of both tracks.
The Army has won the teams competition every year, and teams or individuals from the Defense Department make it to the winner’s circle annually.
But other agencies such as the FBI are gaining ground, with an individual from the bureau placing within the defensive competition last year. Harpin said that was the first time the FBI advanced that far.
        Read more: Cybersecurity
“This year we’re allowing individuals to register by their agency and not just their department as we’ve done in years past. We’re seeing a lot of growth within the competition around who’s been out there playing,” he said. “We think that’s also going to give some additional representation to these other agencies in the finals and in our winner’s circle that they can represent the agency that they work for, and not just at the high level department level.”
Harpin added that even if federal employees do not enter the competition, they can still take advantage of the practice area CISA set up with previous year’s challenges.
By posting puzzles from previous competitions, CISA hopes to not only attract new competitors but also give folks some motivation to see if they have the aptitude to work in the cybersecurity sector.
“It’s a community and we’re trying to get that encouragement from supervisors for employees to take part. Obviously, operational need comes first, but it’s a great opportunity to highlight some unique skill sets in the workforce,” Harpin said. “It’s also hard and everyday work to really verify that negative [that your cyber defenses are working]. Did you properly set up your network? Did you defend that threat? While the competition is a game and it’s a gaming environment, it still has those real world tasks within it and this gives them an opportunity to shine. We encourage everyone to play, get some hands-on experience.”
 
 
        Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Jason Miller is executive editor of Federal News Network and directs news coverage on the people, policy and programs of the federal government. 
Follow @jmillerWFED
Need help accessing the FCC Public File due to a disability? Please contact Susan Rushkowski at publicfiledc@hubbardradio.com or (202) 895-5027.
Copyright 2024 Hubbard Radio Washington DC, LLC. All rights reserved. This website is not intended for users located within the European Economic Area.

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *