Although it was IU’s first time sending students to the annual cybersecurity challenge in Washington, D.C., the team developed responses to high-risk simulations and reached the semifinal round.
When given realistic, time-sensitive scenarios, IU’s group proposed cybersecurity strategies to the National Security Council at the Cyber 9/12 Student Challenge from March 11 to 13.
They were some of the only undergraduates amidst the 44 competing teams, most of which consisted of mid-career professionals who had returned to school.
“The experience was encouraging,” said IU freshman and team member Madison O’Day. “The field of cybersecurity can be a little intimidating, especially without a sophisticated tech skill set, but we really used our understanding in policy and issues.”
O’Day began working with junior Alexzandra Smith and freshman Roger Morris weeks in advance of the competition. As a team of only three members, as opposed to a typical team of four, with only one student with a specific background in cybersecurity policy, O’Day said there were many challenges.
“There was a lot of net knowledge in our group,” O’Day said. “We just weren’t sure how much of it was applicable to the work we had to do.”
The team received information about the first part of the challenge a month before its trip to Washington, D.C. The problem involved a fictitious scenario of a data exfiltration from the U.S. Air Force.
O’Day, Smith and Morris prepared a written document and oral presentation for a panel of experts, proposing a series of solutions to the security threat.
“We all were pretty clear about each others’ strengths,” Smith said. “I have a lot of international relations experiences through Model United Nations — I’m on the exec board of the team here — and my speech writing and making skills were a big asset in the oral presentation.”
Out of the 44 teams, 15 advanced to the second round. IU was one of two advancing teams that was not an Ivy League college or defense university.
“We outlined four different strategies, each with high and low levels of payload and risk,” O’Day said. “The second round had huge time constraints since we had to have the advance ready the very next morning.”
IU’s team did not make it past the semifinal round, which featured a scenario of a federal employee compromising sensitive information, but they were allowed to stay and watch the last four teams compete.
“The most important lesson I learned is where my strengths lie,” Smith said. “I’m not a techie. I’m not going to understand the entire situation, but I know enough about policy, strategy and international affairs that I could work with the people that do to come up with viable solutions.”
Cybersecurity is a technical field, and therefore it changes rapidly, O’Day said. She said the experience of working in a fast-paced, high-risk and simulated environment helped her better understand the discipline.
“Going through this challenge motivated me to work harder, and I’m excited to recruit team members so IU can go again and do better next year,” O’Day said.
