High school and college students joined business and industry leaders and government officials for a weekend of learning and competition at the inaugural Maryland Cyber Challenge and Conference (MDC3), which was held last month at the Baltimore Convention Center.
The nonprofit MDC3 event was founded by a host of organizations that are heavily invested in developing Maryland as a cybersecurity epicenter. Founders include SAIC, the University of Maryland Baltimore County (UMBC), the Tech Council of Maryland, the National Cyber Security Alliance, the Maryland Department of Business and Economic Development and Gov. Martin O’Malley.
During the conference, industry leaders spoke on a range of cybersecurity issues affecting both large and small businesses.
What set the conference apart, however, was its one-of-a-kind cybersecurity competition in which high school, college and professional teams faced real-world games and exercises designed to test their critical thinking skills.
In his endorsement of the event, CEO Chris Mills of Elkridge-based CyberCore Technologies said he was hopeful it would raise public awareness of the importance of cybersecurity. “This event is … a great way to encourage people of all ages to get involved and help combat this real and everyday threat,” he said.
It’s Academic
Following two rounds of intense competition before the event, the list of six-person teams competing for more than $84,000 in scholarships, $18,000 in cash prizes and internship opportunities were whittled down to eight finalists in each Cyber Challenge category.
Local competitors in the high school category included the ghostsec team fielded by Centennial High School, while college team finalists included three teams from the University of Maryland College Park (UMCP), one team from UMBC and a team fielded by Capitol College.
Each member of the teams placing first in the high school and college team competitions received a $5,000 scholarship to support their higher education, sponsored by the National Security Agency (NSA), as well as an internship with SAIC.
Each member of the second place high school and college teams received a $2,000 scholarship.
Professional teams competed for cash prizes, with members of the winning team each receiving $2,000 and members of the second place team receiving $1,000 apiece.
In addition, the Information Systems Security Association (ISSA), a nonprofit international organization of information security professionals and practitioners, awarded a one-year membership to first-place winners in all divisions, as well as to second-place finishers in the high school and college divisions.
High school team winners were the Sherwood Cyber Warriors from Sherwood High School in Rockville, with second place going to the PHS Falcons of Poolesville High School.
First place in the college division was secured by Towson University, with the Cybersecurity Club of UMCP taking second place.
Teams were judged on their ability to secure and administer networked computer systems and their ability to recognize and defend against computer misuse using SAIC’s Cyber Network EXercise System (CyberNEXS) as a competition environment.
Overlooked Topics
Conference speakers included NSA Deputy Director Chris Inglis; Dr. Ernest McDuffie, director of the National Initiative for Cybersecurity Education; Internet Security Alliance President Larry Clinton; and Ira Winkler, author of the book Spies Among Us.
One benefit of the conference was to present aspects of cybersecurity that haven’t received much attention at past cyber-oriented conferences. Among the topics discussed at MDC3 were the financial management of Cyber Risk, presented by Clinton, and agile secure supply chain management, presented by Mills.
One of the most basic and wide-reaching cybersecurity issues, however, is that of financing. Art Jacoby, managing partner of Maryland Cyber Investment Partners and CEO of the Catonsville-based Jacoby business growth agency, moderated a panel that looked at the issue of investment in cyber companies.
“Cyber is a mature industry in the .mil space … but .gov, .com, .org and .edu are not very well protected at all,” he said. “We are openly saying to the tech community, ‘We need to look at your innovative ideas,’ and there is recognition that we need government, academia and commercial business working together to fight these cyber-threats.”
Financing the Future
The demand for new and better security technologies is good news for small companies, and for investors, Jacoby said.
“There are so many niches within cybersecurity,” he said. “Current areas of particular concern are those related to mobile computing, moving and protecting large sets of data and situational awareness, but we really have to get to the point of predictive tools that can analyze threat indicators and respond before the attack takes place.”
Getting the right kind of funding — differentiating between long-term and short-term needs — should be paramount to companies looking to raise capital.
The biggest obstacle?
“Cyber is pretty technical, which means it’s hard to get money from people who don’t understand it,” Jacoby said. “Investing in cyber is a real stretch for someone who made their money in real estate. Getting money is one of the most difficult things a business owner can do, so my advice is to get help from professional investment advisers.”
As cyber becomes more important to Maryland’s economy, MDC3 organizers are looking to the new program to serve as a link between cyber employers and the pool of talent being developed in high schools and colleges that they need.
“It’s a demonstration of our state’s commitment to advancing science, technology, engineering and mathematics (STEM) education and to building a more capable and committed cybersecurity workforce,” said Richard Forno, director of UMBC’s Cyber Security Program and co-director of the Cyber Challenge. “Just as importantly, MDC3 also seeks to raise public awareness of cybersecurity and stress the need for diligence across personal, commercial and national levels.”
