Cybersecurity is more than a game at national collegiate competition Nov. 3–5

Share Article

Sixty of the nation’s top cybersecurity college students will face off this November at an offensive hacking competition at Rochester Institute of Technology.

News Image

Sixty of the nation’s top cybersecurity college students will face off this November at an offensive hacking competition in Rochester, N.Y. But for these future data defenders, cybersecurity is more than just a game.

“As the various corporate breaches keep coming to light, I’ve realized over the last five years that there is already enough despair and hardship in the world and that people shouldn’t need to constantly worry about identity theft and bank accounts being hacked,” said Lucas Christian, a fourth-year computing security student at Rochester Institute of Technology. “I decided that a career in cybersecurity would be both fulfilling and give me the opportunity to shape society for the better.”

After making their way through regional competitions in October, the top 10 college teams in the U.S. will now have the chance to use their offensive hacking skills for good at the national competition, which is sponsored by several top tech companies, including IBM Security as the premier sponsor. The National Collegiate Penetration Testing Competition (CPTC) will be held Nov. 3–5 at RIT.

Teams will attempt to break into computer networks that were created for the competition, evaluate their weak points and offer plans to better secure them. The competition allows students to experience a day in the life of a penetration tester—the security professionals hired to test and evaluate an organization’s computer systems and networks to ensure that malicious hackers can’t get in.

“The demand for workers skilled in penetration testing significantly outweighs the supply,” said Bill Stackpole, professor of computing security at RIT and director of the competition. “Student competitors are learning how to add value to a business, by helping the company better understand its computing infrastructure and improve its security posture.”

During the competition, teams of up to six students will interrogate a mock-company’s network. The following morning, they will present a report to the judges on their findings and offer their suggestions for mitigating risk. The whole event is set up to mimic how penetration testing consulting happens in the real world.

Participating teams at the national competition include:

  • Rochester Institute of Technology
  • University at Buffalo
  • University of Central Florida
  • Pennsylvania State University
  • University of New Haven
  • Dakota State University
  • Missouri University of Science and Technology
  • California State Polytechnic University, Pomona
  • Stanford University
  • City College of San Francisco

Judges and sponsors from the security industry will evaluate the performance of the competitors while under fire. Students will have the opportunity to meet experts and hand out résumés. Sponsors include IBM Security, Uber, Crow Horwath, Hurricane Labs, IEEE Cybersecurity Initiative, Eaton and Indeed.

“Pentesting is one of the biggest security skills in demand right now, as companies are looking for people who can find security loopholes in their systems before cybercriminals have the chance to take advantage of them,” said Bob Kalka, vice president at IBM Security. “This competition is particularly valuable as it allows contestants to demonstrate not only their technical abilities, but also to relay that knowledge into practical steps and guidance for business, which is also a critical skill in this role.”

Outside of coursework, student competitors often spend a few nights during the week and most weekends practicing for the event. Practice includes breaking into fabricated networks and computers, independent research and working on their technical writing.

For Alex Lynch, a fourth-year computer science at University of Central Florida, organization is a significant factor in success at CPTC.

“The challenge is staying organized, communicating effectively, and then taking all the technical data and boiling it down into a coherent report under extreme time restraints,” said Lynch, who is captain of the UCF team. “Once the about nine-hour technical portion of the competition is over, the report must be drafted and finalized overnight, which leaves little time for sleep.”

The Collegiate Penetration Testing Competition, now in its third year with nationals held in Rochester, is the premier offense-based computing security event. It is an effective counterpart to the Collegiate Cyber Defense Competition (CCDC)—with its national competition held annually in San Antonio—which is the premier defense-based event, requiring students to defend an infrastructure while performing typical business tasks.

For more information on the Collegiate Penetration Testing Competition, go to nationalCPTC.org.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Scott Bureau
@RITNEWS
Follow >
Rochester Institute of Technology
since: 02/2008
Like >
Visit website