Date post: | 21-Feb-2017 |
Category: |
Technology |
Upload: | mleepresentations |
View: | 296 times |
Download: | 2 times |
Leveraging Cyber Competitions to Build Skills and Recruit Cyber Employees
MissionConnecting the World,
One Cybersecurity
Practitioner at a Time.
VisionThe WIS SIG is committed
to developing women
leaders globally, building a
stronger cybersecurity
community fabric, and
enabling success across
the globe.
Creating Leaders Together ISSA WIS SIG embraces a spirit of collaboration within its organization
and throughout the industry. We partner with organizations to provide leadership programs and services, and challenge these companies to create
cybersecurity-oriented professional advancement opportunities for women.
3
• Foster the recruitment, retention and promotion of women within the cybersecurity industry
• Enhance women’s career growth by providing professional development events, career path information, mentoring and coaching services, and networking opportunities
• Cultivate leadership and technical competencies for women within the cybersecurity field
• Provide a global cybersecurity forum which recognizes women's professional contributions
• Continuously improve the ISSA WIS SIG's value proposition and ability to attract, develop, and retain a diverse community of women worldwide
WIS SIG Goals
Team WIS SIG
4
Rhonda Farrell
Leah Retting Lewis
Janice Toney
Carleen Miller
Extended Team WIS SIG
5
Betty Burke
Domini Clark
Mary Daggett
Kim Kowalewski
Sonia Dela Cruz
Barbara Hewitt
Rini Fredette
Marcelle Lee
Extended Team WIS SIG
6
Joy Pemberton
Susan Richards
Amber Pham
Leila Smith
Lurleen Sargent
Bernadette Marks
Maureen Preemo
Jordan Lombard
WIS SIG Advisors
7
Andrea Hoy
Candy Alexander
Anne Rogers
Debbie Christofferson
Jean Pawluk
Sandra M. Lambert
8
We Want You!• Leadership & Professional
Development• Mentoring• Scholarships• Volunteer Opportunities• Strategic Partnerships
Be BRAVE, Be BOLD, Own Your FUTURE!
9
Registration Info for our WIS SIG Portal
• Non-members:
https://www.issa.org/general/register_member_type.asp?
• Members: [email protected]
10
Presenter: Ms. Marcelle Lee
• Co-founder of Fractal Security Group, LLC
• Adjunct professor at Anne Arundel Community College
• Competition Lead for Women’s Society of Cyberjutsu
Leveraging Cyber Competitions to Build Skills and Recruit Cyber Employees
11
Professional Background
Ms. Marcelle Lee, Co-founder of Fractal Security Group, LLCMarcelle Lee is an analyst with the federal government and an adjunct professor at Anne Arundel Community College. Marcelle is also the lead for competitions for the Women’s Society of Cyberjutsu. Additionally, Marcelle is a regional director for the Information Systems Security Association Women in Security Special Interest Group. Marcelle is also co-founder of Fractal Security Group, LLC.Marcelle transitioned to the field of cybersecurity after working in operations and project management in both the public and private sectors. She holds multiple degrees and is currently working on her MPS in Cybersecurity at UMBC. Marcelle has also earned several industry certifications including GCIA, CSX-P, GCIH, GCCC, CEH, CCNA, Security+, Network+, and ACE. She is a cybersecurity competition enthusiast, an active volunteer in outreach to students and the community, and a member of several industry associations.
13
Leveraging Cyber Competitions to Build Skills and Recruit Cyber Employees
14
Types of Competitions
Challenge/PuzzleDefensiveOffensiveHybrid Capture the Flag (CTF)
15
Challenge Competitions
Involve a process of solving multiple challenges in a wide variety of topic areas:National Cyber LeagueUS Cyber ChallengeHacky Easter
16
Defensive Competitions
Competitors are defending their boxes or networks from attackers:● CyberPatriotCCDC
17
Offensive Competitions
Competitors are attacking other boxes (usually seen in hybrid format):Maryland Cyber ChallengeVarious hackathons, e.g. Altamira SCRAMSploitNet
18
Hybrid Competitions
Include many different competition aspects and usually involve a sophisticated platform:SANS NetWars
19
Examples of Skills
Password crackingWireless key hackingExploiting remote hostsHardening boxesHash crackingSteganographyNetwork traffic analysis
20
Cracking Passwords
21
Wireless Key Hacking
22
Exploiting Remote Hosts
23
Hardening Boxes
24
Hash Cracking
25
Steganography
26
Network Traffic Analysis
27
Who Can Play?
Short answer - anyone!Target audiences:StudentsProfessionalsBeginners to Advanced Technologists
28
WSC Team
29
What Do You Need to Know?
EverythingNothing
It’s a learning experience, don’t be distracted by a perceived lack of skills/knowledge
30
How to Prepare
● Find like-minded individuals
● Find focus areas and hone your skills
● Develop your toolkit
31
Build a Home Lab
Build an intentionally vulnerable virtual machine. Or a few.
Build an attacker VM.Plant flags.Practice attacking and
defending.
32
Benefits For Competitors
● Build technical skills● Learn how to work in a team● Learn how to work under pressure● Build your resume● Networking
33
How Else Can Competitions Help You?
Answer technical interview questions
Discuss “experience” Expand upon your
competition roles, e.g leader, linux guru, DB expert...
And then I SSH’d into the box with the creds I discovered...
34
Benefits For Employers
● Access to individuals with:○ Technical skills○ Ambition and drive○ “Soft” skills
35
Leveraging Competitions
Savvy recruiters are onto this…● Build a competition● Open it to the public● Recruit the winners
36
Contact Information
www.linkedin.com/in/marcellelee
www.twitter.com/marcelle_fsg
Connect with us!
WIS SIG Subgroup of ISSA (Group 6562017) #ISSAWISSIG
ISSA PORTAL: http://www.issa.org/members/group.aspx?id=107122