The Cybersecurity and Infrastructure Security Agency is receiving reinforcements just as their fight against cyber attacks is ramping up.
CISA announced Nitin Natarajan has joined as its deputy director, Eric Goldstein as its executive assistant director for Cybersecurity and Dr. David Mussington as its executive assistant director for infrastructure security.
But the real muscle may come later this week during the finals of the 2nd annual President’s Cup Cybersecurity Competition. On Feb. 25, the top five teams and the top 20 individuals will compete to be named the best in federal cybersecurity.
“This year we’ve made some tweaks to the format and how we are delivering it. This year it’s more of a ‘save the world’ scenario,” said Harry Mourtos, an information security IT specialist at CISA and project lead for the President’s Cup during a CISA video. “The audience we are reaching is different and the limitations of hardware and software in certain cases, we wanted to make this competition as open as possible. By providing this competition in a virtual manner and using virtual machines for all of the challenges, there is no hardware or software limitations. Our competitors don’t have to download anything or run any hardware or software on their native machines. This allows us to really broaden our reach to identify the best and brightest in the federal workforce regardless of where they may be found.”
Matt Karr, a team lead and cyber exercise developer for Carnegie Mellon’s Software Engineering Institute, said the scenario focuses on a storm that took down the critical infrastructure using remote activated robots. Teams can earn points by bringing systems back online.
CISA says the teams are all from various parts of the Defense Department, and the individuals include experts from DoD, the Justice Department and another independent agency.
CISA says the competition consists of three rounds, each increasingly difficult, that are focused on real-world scenarios. Participants will use their technical skills to solve a problem or complete a task. Each of the challenges are mapped to tasks and work roles from the NICE Framework and categories listed in Executive Order 13870, which established the competition.
Both individuals and teams compete in each of the three rounds. This year, there are two tracks available within the individual competition. Each participant can take part in one or both tracks.
Round one of the competition started in August with 249 teams and more than 600 individuals in each track.
CISA says 20% of the teams and the top 100 individuals — and everyone tied for 100th place — from each track made it to round two based on their scores.
Round two took place in September and from there the top teams and individuals are competing for the championship.
“The team competition is really all encompassing. We identified eight NICE work roles,” Mourtos said. “We are looking to identify the best well-rounded team to bring to the competition. We really wanted to try to identify a way to challenge the teams in addition to their cybersecurity knowledge, their ability to work together and solve complex cyber problems.”
For the 2019 competition, the contest focused on the first two rounds on remotely answering Jeopardy-like questions that required contestants to solve the challenge in a virtual environment. The third round included two competitions. The first was an escape room challenge for each team or individual, and then a capture the flag contest.
The President’s Cup Cybersecurity Competition comes as the Department of Homeland Security Secretary Alejandro Mayorkas said the agency will double-down on its efforts to mitigate cyber risks and expand its investment in the infrastructure and people required to defend against malicious cyber attacks as part of a whole-of-government effort.
“DHS plays a key role in protecting the American people from threats in cyberspace,” Mayorkas said in a statement on Feb. 22. “The department’s Cybersecurity and Infrastructure Security Agency (CISA) is charged with securing federal civilian government networks and our nation’s critical infrastructure from physical and cyber threats. Congress, in the recent National Defense Authorization Act (NDAA), further empowered CISA to execute this mission, including by providing authorities for CISA to ‘hunt’ for cyber threats in federal agency networks and to more effectively identify vulnerable technologies used by critical infrastructure sectors.”
Congress included the provision in the NDAA on the recommendation of the Cyberspace Solarium Commission, which called on appropriators to increase funding for more hunt and incident response teams. This would help agencies find real and potential threats sooner and expand the current bug bounty and similar programs.
Mayorkas is scheduled to speak at the President’s Cup Cybersecurity Competition finals where he will “issue a call to action to build a diverse cybersecurity workforce and leverage DHS’s partnerships to tackle the growing risk from ransomware.”