This was my second year as a participant in the DOE’s Cyberforce Competition, but my first as a team captain for CCSO. Placing third the year before, our team felt a lot of pressure to perform. Cyberforce is fairly unique in its format and multifaceted approach, requiring a significant amount of preparation before competition day, and different varieties of deliverables ranging from Executive Briefs to a day of CTF.
Format#
Cyberforce is a unique competition due to its varied format. Cyberforce utilizes an assumed breach model in which competitors are provided with access to various machines supporting mock energy infrastructure in advance of the competition. While we’re provided free access to secure the majority of the machines, some of them are left untouched until competition day. Competitors are expected to deliver a comprehensive report of vulnerabilities found, steps taken to remediate them, and additional measures implemented on the non-assumed breach machines. Additionally, we had to deliver a C-Suite briefing video that outlined the highlights of our report.
Experience#
Placing 3rd for the second year in a row cemented PSU as a meaningful competitor in the Cyberforce competition. Although our team was very strong with incident response, and technical remediations, we were weaker when working with the client. Our C-Suite brief got too technical, and we didn’t place enough of an emphasis on protecting the bottom line. Overall, it was a great experience and I’m excited to take the feedback we received to build a stronger team next year.