The winners will be announced in just a moment, but first the news…
That’s right, the fifth annual running of the San Diego Mayor’s Cyber Cup was covered on television by Channel 10 ABC News who really seem to get how important this event is as a motivator for young people to consider a career in cyber security, one of the hottest job markets today and into the foreseeable future.
For those not yet familiar with the San Diego Mayor’s Cyber Cup, this annual competition, established in 2010, seeks to find and encourage the best cyber security talent in California’s high schools. The competition starts with a practice round, which this year took place in late January. There were over 50 teams participating from more than a dozen schools! The practice round was quickly followed by qualification rounds in February, all conducted over the Internet. Then the top seven qualifying teams came together on March 15 in San Diego for live, head-to-head competition.
And the winners of the 2014 San Diego Mayor’s Cyber Cup are: Canyon Crest Academy!
Well Done Canyon Crest!
The top team received a check for $2,500, presented by former Interim Mayor and City Council Member Todd Gloria, accompanied by fellow City Council Member, Sherri Lightner. Canyon Crest Academy is part of the San Dieguito Union High School District.
And well done to the runners up! In second place was the team from Westview High School, the school that won last year. In third place was Mira Mesa High School. The other teams that made it to the final round were La Jolla Country Day School, Patrick Henry High School, Ramona High School, and 2012 cup winners, Troy High School.
The winning team not only won the title and a year of hosting the very impressive cup that goes with that title, there was also a check. And there were checks for second and third place as well ($1,500 and $1,000 respectively).
But wait, there’s more….The top three teams this year will also be treated to a week of Cyber Boot Camp! Hosted in San Diego by the Internet security company ESET, the Cyber Boot Camp is a lively mix of practical, instructor-led cyber security exercises, plus classroom presentations by experts in a wide range of related fields, from law enforcement to computer forensics, malware research, and career advice. The event will take place during summer recess. Here’s a peek at a past session of Cyber Boot Camp:
Beyond winning great prizes in the Mayor’s Cup, there is a sense in which we all win from this competition. Right now, our country faces a critical shortage of cyber security expertise. One of the main goals of the project is to address that problem. Through the event and the publicity surrounding it we hope to encourage students of all ages, from all schools, to learn more about information assurance and computer security. Hopefully this will lead many more students to consider these and related STEM fields as possible career paths or courses of study in higher education.
Thanks to All!
This year’s competition would not have been possible without the volunteer work and financial support of many organizations. We will mention some here, but this list is by no means exhaustive. Thanks to Leidos for the use of CyberNEXS, the competition engine used in the event. The Mayor’s Cup is sponsored by the National Defense Industrial Association (NDIA), in cooperation with the University of California, San Diego (UCSD). With additional support from National University, SDG&E, DTI, TSG Solutions, Blue Pyramid, Minuteman Press, ISSA, TechFlow, DCS Corp, La Jolla Logic, Major Motion Pixels, Bridgepoint Education. Additional sponsors and supporters include Securing Our eCity Foundation, Computers 2 San Diego Kids, ESET, and The Ranger Group. With further assistance from Mr. & Mrs. Kurt Worden and Mr. & Mrs. Dwayne Junker.
We leave you with a photo of the very happy, and decidely cool, third place finishers, Mira Mesa High School:
Educating people about the challenges of cybersecurity is at the heart of what Securing Our eCity is all about, so it was only natural that, when the Electronic Verification Network held it’s tenth annual meeting in San Diego last week, SOeC would be involved. For ten years now, the folks at EVN have been dedicated to making sure that every vote cast in U.S. elections counts, and they are particularly concerned with electronic voting, where verification can be challenging. The SOeC foundation was happy to assist with sponsorship and speakers.
Using digital technology to process votes might sound like a good idea, but it raises a lot of security questions. These were addressed in several sessions over the two-day conference, starting with the “Fireside (Firewall) Chat” with SOeC board member Howard Schmid who was White House Chief Advisor on Cyber Security to Presidents George H.W. Bush and Barack Obama. Mr. Schmidt is now a principal of Ridge Schmidt Cyber, LLC. Although on a tight schedule with a plane to catch, he graciously found time for a quick snapshot with myself and SOeC executive director, Liz Fraumann.
Mr. Schmidt set the scene for later discussions by reviewing the current cybersecurity threatscape in conversation with Jeremy Epstein, Senior Computer Scientist, SRI International, and a member of the EVN Coordinating Committee.
Later in the day, I was privileged to participate in a panel titled “Cyber Security Crossover: Leveraging Cyber Security Best Practices in the Realm of Elections”. Fellow panelists included David Dill, Professor of Computer Science at Stanford University, and Gary Hayslip, the CISO of the City of San Diego. The moderator was Pamela Smith, President of Verified Voting Foundation.
Two points became clear to me during these two days of great content and conversation. First, America is very lucky to have EVN keeping an eye on electronic voting. Second, as one expert put it, when it comes to Internet voting, “there is no way to guarantee that the security, privacy, and transparency requirements for elections can all be met with any practical technology.” Not now and not in the foreseeable future.
Recent discovery of longstanding flaws in Internet encryption protocols like SSL and TLS are a stark reminder of the practical impossibility of ensuring secure Internet interactions of the type required for a secret ballot, not to mention the widespread distribution of state-sponsored malware.
In 2008, Verified Voting founder and co-panelist, David Dill, organized the creation of a document that spells out the unique nature of secure voting: the Computer Technologists’ Statement on Internet Voting. The document warns against “pilot” Internet voting projects, which already exist in some states in the form of email ballot submissions, and describes “the severe challenges that must be met if an Internet voting system is to justify public confidence.”
I was very grateful to have the chance to participate in this tenth anniversary meeting of EVN, and proud that my employer, ESET, was a sponsor. It’s not every day that you get to hang out with esteemed experts such as David Jefferson, the author of the one paper on Internet voting that everyone should read: If I Can Shop and Bank Online, Why Can’t I Vote Online? David is a Computer Scientist at Lawrence Livermore National Laboratory, a member of the Verified Voting Foundation Board, and serves on the board of the California Voter Foundation.
If you are still wondering “what could possibly go wrong?” when it comes to Internet voting, consider the following slide. It comes from the very interesting presentation on Internet voting experiences outside the U.S. by former Technical University of Denmark professor Joseph Kiniry, now Principal Investigator at Galois. He highlighted actual code from an Internet voting program that was used in national elections in one European country.
If you are familiar with computer programming, this slide speaks for itself, and apparently it speaks volumes. When I tweeted the above photo it was re-tweeted almost 200 times, reaching over 220,000 Twitter accounts!
In this year of mid-term elections in the U.S. there will be renewed interest in electronic voting and Internet voting in particular. Hopefully the warnings from technology and cybersecurity experts will be heeded.
Did you know that San Diego, the birthplace of Securing Our eCity, is seeking recognition as a nationally recognized center for cybersecurity excellence? This move has widespread backing from multiple sectors, from cities and county and chamber of commerce, to defense agencies and contractors and security companies.
One example of the enthusiasm behind this initiative is the terrific call to action from San Diego Security.
Getting San Diego nationally recognized as a center for cybersecurity presents some terrific opportunities for investment and job opportunities because right now, and well into the foreseeable future, cybersecurity is a major concern for most Americans. Says who? Says the average American, as recently polled by the highly respected Pew Research Center, which found “cyber attacks from other countries” were second only to”Islamic extremist groups like al Qaeda” in a table of answers to “what do you think is the greatest threat to the U.S.?”
Maybe this is not surprising after 2013, the year that saw Snowden’s revelations about NSA cyber-surveillance and an unprecedented breach of payment card data from one of the country’s largest and best known retailers. Cybersecurity has gone from an esoteric subject, studied and discussed mainly by computer geeks, to a serious concern for 70% of Americans.
At Securing Our eCity, we are proud of the work we have done so far to raise public awareness of cybersecurity threats and to help people deal with them. We are adding our voice to the calls for national recognition of San Diego’s unique role in tackling cyber threats, and look forward to helping even more people enjoy and employ cyber technology more safely than ever in 2014.
With the growth of powerful new threats to the security of the online experience, more and more Americans are discovering that their digital experience must be conducted with a new found awareness of safety and caution. We are pleased to help lead a charge to help expand awareness of the importance of being smart online. On October 10 at CyberFest, the SOeC will be presenting the CyberFest2013 awards to some of the best and brightest in San Diego, visionaries who are helping ensure the web is a safer place to work and play.
Just released are four of the top winners for 2013 – Lifetime Achievement to Andrew Lee, CEO of ESET North America; Community Leadership to Jessie J. Knight, Jr., SDG&E chairman and CEO; Exemplary Service to the Honorable Mitchell D. Dembin; and Volunteer of the Year to Roger Fraumann of PBResilience. Award finalists for Thursday’s ceremony include San Diego’s law enforcement, educational, corporate, military, infosec and emergency responder communities.
You can still register to join the award ceremony and the day long event, CyberFest2013, focused on “The Truth About Cybersecurity” at:http://www.securingourecity.org/cyberfest2013
It is widely acknowledged that our country needs more computer security experts, and that requires more young people taking a greater interest in computer security. Enter the San Diego Mayor’s Cyber Cup, a competition in which teams from dozens of high schools all over San Diego County compete in tests of cyber-defense, protecting computer systems from attackers.
After several rounds of competition, the winning team emerges, and this year it was Westview High School, pictured here with their coach, Ms. Tammie Neuhaus, and the check they earned for their school, thanks to generous sponsors like SAIC, Bridgepoint Education, NDIA, ESET, SOeC, and many others.
In addition to that check, the winning team got to attend Cyber Boot Camp at the offices of Securing Our eCity in Little Italy, spending five days in a custom computer lab where they expanded their knowledge of cyber attacks and defenses under the guidance of ESET security researcher Cameron Camp, a Certified Information System Security Professional, seen on the left below.
Below is another shot of students exploring the network in the lab, where they were able to hone their cyber-defense skills by becoming familiar with attack strategies and tools used by cyber criminals and white hat hackers alike.
In addition to lab time, the boot camp provides context and guidance to students through a series of lectures in ESET’s San Diego conference room, many by leading experts in the area, such as U.S. Magistrate Judge, the Hon. Mitchell Dembin, who has been successfully prosecuting computer crime cases since 1991.
Students were also introduced to the many educational and career opportunities available in the field of information security. Dr. Gordon Romney, Professor of Security at National University, impressed students with war stories from the early days of computing as well as his recent installation of Kali on Raspberry Pi (if you know what that means, you’ll know it’s very cool). The huge demand for skilled security professionals in both the government and private sectors was made clear by several presenters.
This is the third time that ESET has hosted Cyber Boot Camp for the Mayor’s Cup winners and this year’s event attracted considerable media attention, reflecting increased public awareness of cybercrime and the growing need for computer security education. Reporters from NBC, U-T San Diego, and NPR spent time with the students, instructors, and guest speakers (although some of the material presented by the three computer security specialists from the FBI were off limits to the press). Here’s a link to the NBC coverage and video.
By the end of the week, students professed themselves well-pleased with the event, which included a points-based competition among students administered by lead instructor Cameron Camp. According to Camp, who tailors the content and pace of the sessions to each year’s participants, all of the Westview students made significant advances in their security knowledge over the five days of intense learning.
The Mayor’s Cyber Cup will start up again in the Fall semester and, according to Liz Fraumann, Executive Director of the Securing Our eCity Foundation, attendance at Cyber Boot Camp will again be among the prizes awarded to the winning team.
The winners of the 2013 San Diego Mayor’s Cyber Cup received part of their prize this week, participation in Cyber Boot Camp, orchestrated by SOeC at the North America headquarters of global cybersecurity company ESET, sponsored by ESET and Bridgepoint Education. Cyber boot camp is five days of intense cybersecurity education that combines hands-on experience in a computer lab with presentations from subject matter experts, including a U.S. magistrate judge and members of the FBI’s cyber squad.
At the heart of boot camp is a computer lab affectionately known as “The War Room”. The lab enables students to practice both computer defense and system penetration in a safe environment and was created by ESET Security Researcher, Cameron Camp, CISSP. But defending computer systems is not just about digital strategies. Here we see students from Westview High School engaged in a mock investigation of a security breach.
By the end of the week the students professed themselves greatly enriched by the whole experience, enjoying both the practical exercises and the guest speakers.
While some of the students have now graduated and are on their way to college in the Fall, some of the younger students will participate in the Mayor’s Cup competition next year and are likely to be formidable opponents.
This year was notable for the high level of media interest in the event, which was covered this week by NBC7 and U-T San Diego. We expect further coverage next week from Marketplace on NPR and others.
This week, Securing Our eCity stakeholder National University became the first school in San Diego, and only the eighth in California, to achieve the coveted National Security Agency and the Department of Homeland Security designation of “National Center of Academic Excellence in Information Assurance Education“.
The San Diego university’s cybersecurity program is somewhat unique in that it teaches both theory and the hands-on skills needed to identify and defend against threats. The program uses an innovative Virtual Education Lab (VEL) where professors create scenarios on multiple machine platforms for students to assess and defend in role-playing exercises.
“This national recognition provides tremendous validation for what we are doing at National University,” said Dr. John Cicero, dean of National University’s School of Engineering, Technology and Media in the announcement.
“Nearly every aspect of our lives is susceptible to Cyber Attack and our students are the future Cyber Warriors who will be defending the integrity and security of our national, business and infrastructure data online.”
According to Program Lead, Dr. Ron Gonzales, “MSCSIA students completing this unique and specialized area of professional training are well prepared with both counter defense, and penetration measures associated with computing security”.
We applaud National for its great work and commend all of those who worked so hard to achieve this elite designation.
And what an evening it was, as the Securing Our eCity Foundation hosted another excellent opportunity for businesses in the San Diego area to hear from, and meet with, a recognized thought leader in cybersecurity. Last night it was Scott Charney, VP of Trustworthy Computing at Microsoft.
Few people in America have their finger on the pulse of cybersecurity like Mr. Charney does (he had been at a White House briefing the day before coming to San Diego). An impressive speaker who was very generous with his time, Mr. Charney took on a wide range of questions after spending an hour or so sharing his observations on many aspects of cybersecurity, such as data security and cloud computing.
Clearly, both Mr. Charney and Microsoft see further migration to the cloud as inevitable, prompting questions about cloud security, and a great answer. Mr. Charney said that, when faced with the question “is the cloud secure?” his answer is a different question: “compared to what?” In other words, the cloud looks relatively secure if you are currently doing IT in house, where you’re probably having a hard time keeping up with system and application patching, and can’t really afford 7×24 monitoring, redundancy, backups, diesel generators and armed guards.
The evening was not without its lighter moments. Mr. Charney was introduced by SOeC board member Hon. Mitchtell Dembin, U.S. Magistrate Judge (seated on the left in the photo below). In his remarks, Judge Dembin said “I’ve known Scott and his wife for a long time, in fact I married them.” (As in presided over their wedding.)
The judge was in turn introduced by Andrew Lee, CEO of one of the evening’s main sponsors, San Diego-based ESET North America, seen on the right in the photo. Other generous sponsors of this SOeC fundraising event were Qualcomm and SDG&E.
As with February’s excellent evening with Howard Schmidt, former Cyber-Security Coordinator of the Obama Administration, the venue was the charming University Club, with it’s wonderful views of the city and bay. Keep an eye on the SOeC News & Events page for further evenings like this (sponsorships are available).
(Photos courtesy of JP Graf Photography)
In addition to playing Cyber Feud, visitors to the SOeC booth at last week’s San Diego Festival of Science & Engineering also had the opportunity to learn more about SOeC’s mission and activities.
Those visitors who signed up to learn more were eligible for a drawing for a prize bundle and we are delighted to announce the winner: Gary D. of San Diego, seen here with Liz Fraumann, Executive Director of Securing Our eCity Foundation (on Gary’s left) and Pamela Richardson, Securing Our eCity Administrator (on Gary’s right).
That sharp-looking SOeC backpack in the middle is also a rollerbag and is stuffed with cyber security goodies.
On a sunny Saturday in San Diego the crowds turned out in their thousands at PETCO Park to explore science exhibits at the San Diego Festival of Science & Engineering. Securing Our eCity was there, as a sponsor and as an exhibitor, raising cyber security awareness with the very popular Cyber Feud game. Here you can see a session in progress, led by ESET’s Brent Curry, closely watched by a crowd of onlookers.
Some 280 people participated in the game, competing for prizes by answering cyber security questions. Many more observed from the sidelines.
The event was a great opportunity to spread the word about Securing Our eCity and numerous requests for follow-up contact were received. As you can see, there was no shortage of attendees, which bodes well for the future of science and engineering and STEM education in San Diego.
Securing Our eCity also participated in other events during the week-long San Diego Festival of Science & Engineering. On Tuesday, SOeC volunteer Stephen Cobb gave a talk about privacy and social media as part of Science speed Round on the campus of UC San Diego.