INI Student Competes in Cyber Defense Competition

March 13, 2012

Sometimes the best learning environment is infused with a little healthy competition. The Collegiate Cyber Defense Competition (CCDC) is a nation-wide, intercollegiate competition that places undergraduate students into a real-world simulation in order to learn skills about information assurance and security.

 In this competition, students play the role of new network and security administrators at a small company that need to quickly learn about all aspects of the network in order to fend off attacks on the system. In the CCDC there is a blue team, consisting of primarily undergraduate students who fend off attacks, and a red team, made up of security professionals who do the attacking.

 One of the red team members this year will be Andrew Santell, an INI student in the Master of Science in Information Security Technology and Management (MSISTM) program. Santell will be representing SPAWAR (Space and Naval Warfare Systems Command) in the Mid-Atlantic Regionals of the CCDC on March 15-17. SPAWAR sponsors the CCDC and uses it as an opportunity to recruit young soon-to-be professionals into their cyber workforce. Winners of the regional competitions will then move on to nationals, which will be held this year in downtown San Antonio, Texas on April 20-22.

Santell earned his seat through SPAWAR, where he has interned and will work full-time after graduation as part of his Department of Defense (DOD) Information Assurance Scholarship Program (IASP). The INI offers the scholarship program among efforts to educate future information assurance professionals who will address the nation's urgent security challenges.

 "I will have the opportunity to work with some of the most talented network security professionals in the field," Santell stated. "Working side-by-side with them, I will learn a ton of tricks on how to become an expert penetration tester."

But perhaps most importantly, undergraduate students at the CCDC will have the opportunity to learn and expand their skill set in information assurance and computer security. The blue team will receive business injects, which consist of a task and completion timeframe that mimic real-world scenarios. In addition to completing these injects while under attack from the red team, they must also keep up the normal services and applications run by their company, such as email, ftp, http, and sometimes custom software.

"Points are gained when a task is completed on time and to specification, and when an automated scoring engine checks the status of any normal business services/apps," Santell said.

 However, the CCDC offers a lot more than just the enticement of winning. It presents the opportunity for students to continue to learn and grow in this field, for institutions of higher education to evaluate their programs, and for corporations to acquire more highly skilled and talented young professionals.