2025-08-06 –, Siena
This talk explores the design and creation of two cybersecurity competitions: WRCCDC (Western Regional Collegiate Cyber Defense Competition) and CIRCUS (Collegiate Incident Response Competition for Undergraduate Students). This brief talk will go over challenges, best ways to gain interest, grow competitions. In addition we will discuss how to build interest in different cyber-security based fields using competitions. Drawing on proven examples, we’ll offer actionable guidance for competition organizers, coaches, and academic programs aiming to bridge the cybersecurity skills gap.
As new security challenges arise, hands-on competitions are vital for training the next generation of defenders and responders. Collegiate cyber competitions like WRCCDC and CIRCUS serve dual roles: they test students’ technical skills under pressure and expose them to real-world operational and legal contexts. WRCCDC places teams in the role of network administrators defending “commercial” infrastructure against persistent red-team attacks, while CIRCUS challenges participants to perform deep forensic analysis and defend findings before legal professionals. This talk will go over operation insight and technical challenges in running different structured competitions. You will gain insights into competition architecture, work involved in creating realistic scenarios, custom software development work, scoring mechanisms, red-team integration, and team development strategies that foster collaboration and technical proficiency. We’ll also delve into role assignment (e.g., network, system, application, forensics, reporting), and training regimens, culminating in a blueprint for both organizers and competitors.
Educator, hands-on hacker, and Blue Team strategist exploring the frontiers of embedded systems, AI, academic research, and competitive challenges. Previously spoken a number of conferences including DefCon, SCALE, BSides LA, and ShellCon to name a few.