DOD Dominates CISA’s President’s Cup Cyber Competition
The competition featured real-world scenarios such as the LastPass major attack in 2022 and incorporates emerging technology.
Leaders from the Defense Department dominated the winner’s list of the Cybersecurity and Infrastructure Security Agency (CISA)’s fifth annual President’s Cup Cybersecurity Competition April 19.
The contest, which began in January, tested federal employees’ cyber skills through offensive and defensive challenges following the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework and included real-world scenarios such as the LastPass major attack in 2022 when a hacker accessed user data through an exploit on a company engineer’s computer
“We wanted to test the defensive nature. … Did you mitigate ransomware properly? The challenge server can constantly check that you prevented reinfection from the ransomware,” said CISA Competitions Section Chief Michael Harpin in an interview with GovCIO Media & Research. “Sometimes it’s properly accessing backups. We built a challenge this year based off the LastPass incident.”
The President’s Cup consists of three separate contests: two for individuals and one for teams. After competing in the first two rounds, the top 10 participants from individual tracks and the top five teams advanced to the final rounds, which were held at CISA’s headquarters in Arlington, Virginia.
More than 1,400 individuals registered for the competition this year. Army Maj. Nolan Miles won Individuals Track A, which focused on defensive work roles and tasks. The runner-up, Marine Corps Staff Sgt. Michael Torres, won Individuals Track B, which dealt with offensive challenges. Torres also finished in second place in the Track A competition and is the first winner to repeat having won President’s Cup competitions.
The winners were able to harness “foundational skills” needed for stronger cybersecurity teams in government within even emerging technologies, Harpin noted.
“We also want to use some new technologies that are being used more in the environments our competitors are part of. We had some challenges this year about obtaining root access into a Kubernetes cluster,” Harpin said. “We’re seeing a lot more of that in cloud deployments of infrastructures. We incorporate those into our challenges as well, so that the participants are going to have to understand new technologies that are out there.”
A group known as Artificially Intelligent won the team competition, which featured both defensive and offensive challenges. The winning team, which competed against over 300 other groups, consisted of members of DOD, the Army and the Air Force.
“This competition is an exciting way to highlight the talents of cybersecurity professionals throughout the U.S. government and military, and these competitors showcased the depth of talent we have in this important field,” said CISA Director Jen Easterly in a statement.
The competition space gives individuals another outlet to prove their worth and to develop skills, said Harpin.
“We’re very proud of being able to give these really knowledgeable and highly skilled individuals the chance to be rewarded and highlighted for the expertise that they have,” he said.
The President’s Cup winners will be honored at an awards ceremony at the White House May 20.
Federal employees can visit CISA’s President’s Cup page to learn about the competition and play through previous challenges. Additionally, a workshop at the NICE Conference & Expo in Dallas June 3 will show how the challenges are constructed.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Looking Back at the First Trump Administration's Tech Priorities
In his first term, Donald Trump supported cybersecurity, space policy and artificial intelligence development.
4m read -
Securing the Expanding Attack Surface in Cyberspace
Agencies undergoing digital transformation face a more intricate threat landscape and a wider threat target for adversaries looking to exploit vulnerabilities. This panel dives into strategies agencies are undertaking to safeguard these complex environments, including zero-trust architecture, vigilant monitoring and robust cybersecurity training.
30m watch -
Elevating Cybersecurity in the Intelligence Community
The Intelligence Community is developing strategies to protect data and strengthen resiliency against emerging cyber threats.
30m watch -
AI Revolutionizes Cybersecurity by Doing What Humans Cannot
Leaders from NSA, GAO and industry say that artificial intelligence can augment the cybersecurity workforce, but the work must be auditable and explainable.
4m read