If you were anywhere near Kennesaw State University (KSU) the week of April 6th, you might have heard a lot of unusual noises.
Fake hacking. “Rubber ducky” and “dirty cow”* managing. If stress sweating makes a noise, you’d have heard that, too. You definitely would have heard of a lot of teamworking.
That’s because, for two nail-biting days, KSU was the site of the Southeast Regional Cyber Defense Competition. There, cybersecurity college students from all over the Southeast battled it out against each other and against a relentless round of cyberattacks from “hackers.”
Posing as the internal cybersecurity team of a commercial enterprise, the students worked together as a team to keep the faux threats at bay and then presented their findings and reports to the judges at the end of Day 2.
Simeio was thrilled to sponsor this event (with our wonderful friends at EC Council) and we even rewarded almost $20,000 worth of complimentary training for industry leading certifications to the winning team.
The winning team from the University of South Alabama.
But we attended the event for reasons beyond just handing out a huge foamcore check! We wanted to find out more about these future cybersecurity professionals. Why they were there, what drove them to compete, what they thought future hackers might be up to.
So here is the first of three profiles of what we’re fondly calling “Next Gen Cyber Warriors.” First, let’s meet Heather…
Education: BS in Computer Engineering and is pursuing PhD in Computer Engineering with a focus on computer security.
Favorite Movie: Johnny Mnemonic
Most Stressful Thing About the Competition
Getting the business injects in on time. Particularly this year – versus last year – there were a lot more 30 minute injects. Everyone has to stop what they’re doing to triage. It’s like putting out fires every 30 minutes.
Why Heather Decided to Enter the Competition
I like to compete with my friends! We go to a lot of competitions together and they’re not just all defensive competitions, either. We do offensive ones, too. For the last two years we went to a social engineering competition. Basically, you get to social engineer a company and try to get deeper and deeper into their infrastructure. We looked at their website and found that they were running a food drive. So we called them and said “can I get a list of your employees so I can coordinate the food drive?” And many of them just gave the names to us!
Heather’s Dream Job
I want to do data science with a cybersecurity twist. Eventually, I want to run my own company because I’m absolutely tired of hearing about these companies with toxic cultures. I feel like maybe with a woman leading a company, you won’t get as much of that.
Future of Cybersecurity
Attackers are getting smarter and the cybersecurity professionals are plateauing out. We are busy playing catch up and the field needs to stay more current and ready for new threats. Some of the really critical infrastructure SCADA/ICS networks are very vulnerable.
I’d also advise people new to cybersecurity to try to prevent burnout. The field is very dense in material, there’s always so much more information to learn. New people to this field can feel very overwhelmed and burnout can happen quickly. So it’s a challenge: learning all this material and still making sure to take time out to take care of yourself. Learn what your boundaries and limits are early on. Find a way to take a break and refresh yourself. Then you can jump back in again and keep learning!
*Cybersecurity geek speak alert! A “Rubber Ducky” is USB flash drive device which resembles a regular USB flash drive, but actually helps hack into the device it’s connected to. A “Dirty Cow” is a new vulnerability discovered in Linux kernel.