The truth is incidents will happened and systems will get compromised. You need to be an expert on how to handle these incidents. The best way to learn is through experience, such as the Collegiate Cyber Defense Competition.

1. Tom Kopchak
Competitive Cyber Security:
The Ultimate Training
Experience

2. •Who Am I?
•Why Am I here, and what
got me here?
•Why I am passionate about
computer security?
About the Presenter -
Who am I?

3. How many of you have
experienced a cyber-attack?

4. System intrusion?

5. Malware Infestation?

6. Rushed project?

7. Mysterious network?

8. •Hopefully, most of you can relate to several of these
scenarios
•If you have not experienced anything, at least some of
you are lying, misinformed, or new
•If you aren't worried about attacks, why are you here?
Cyber-Attacks!

9. •Incidents will happen
•Systems will be compromised
•Applications need to both work and be secure
•People will break things
•You will need to be an expert on something
you've never seen before
Truths

10. Top Skills
•Fundamental
understanding of security
concepts
•Technical skills
•Direct experience

11. •Personal experience/on your
own
•Technology-specific training
•Formal education
How do I get skills?

12. •Nothing beats practical experience
•How do you get practical experience?
• Production systems
• Personal equipment
• Labs
• Simulated production systems
Practical

13. •Hands on, practical experience
•Simulated Production systems
•Types
• Defense
• Attack
• Attack/Defend
Competitive Security Events

14. Collegiate Cyber Defense
Competition (CCDC)

15. •National Collegiate Cyber Security Competition
•Focuses on both business and technical aspects
Collegiate Cyber Defense
Competition (CCDC)

16. • Pre-qualifying (state) events
• Regional events
• Growing every year
• Winner goes to national competition
• National Competition
• San Antonio, Texas
• Top 9 teams in the nation
Competition Structure

17. • Competing teams have just been
hired as the IT staff for a company
• Everyone was fired
• Teams must secure their network,
while completing a multitude of
business tasks (injects)
• Red team = bad guys
Competition Premise

18. • DNS
• Mail (SMTP and POP)
• Web
• Secure Web (ecommerce)
• FTP
• Database
• SSH
• VoIP
What types of applications?

19. • Cisco IOS (Router, Switch, ASA)
• Windows
• Linux
• MacOS
• Printers
• VoIP Phones
• Wireless
What types of systems?

20. • Investigate a database breach
• Deploy McAfee security software
• Upgrade clients to Windows 7
• Provide a list of top attacking IPs
• Install and configure Splunk
Potential Injects - Technical

21. • Block social networking websites
• Develop an IT policy
• Create user accounts
• Recover lost e-mail
• Create a job description for HR
Potential Injects - Business

22. • Unplug everything, secure it, and bring it back online
• Services are not available
• Customers are not happy
• Mitigate security issues while keeping services alive
• The red team is everywhere
• Run away, crying
Potential Strategies – Day One

23. • Number of issues/systems/tasks greater than
available manpower
• Unexpected difficulties/limitations/business rules
and policies
• Uptime & SLA requirements
Challenges

24. EMC Training Center: Franklin, MassachusettsTopology – 2011 Regionals

26. Topology - 2011 Nationals
San Antonio, Texas

28. •Storytime with Tom (time permitting)
•CCDC experiences
•Red team attacks
•Strange tasks
Personal Experiences

29. •CCDC = NCAA of Computer Security
•US Cyber Challenge
•Private Events
• RIT Information Technology Talent Search (ISTS)
• Hurricane Labs Hackademic Challenge
• Hack for Hunger
But wait, there's more!

30. •Many opportunities/needs exist
•Gain experience yourself, and help others get involved
Get involved,
and encourage others!

31. Wrap Up/QA