Getting youth excited about cyber good for everyone, experts say
WASHINGTON -- The Army offers a number of cyber programs tailored for youth, even those with no interest in being part of the military, said Col. Andrew O. Hall, director of the Army Cyber Institute.
Hall said it's important that all Soldiers, particularly junior officers, get a grasp of the cyber domain in order to be effective on the battlefield. Additionally, he said that growing a cyber workforce benefits all Americans, since cybersecurity in government and industry is inextricably linked to national security.
Hall and others spoke at an Association of the U.S. Army-sponsored forum on cyber issues, Dec. 13, where they outlined various cyber entry points for youth.
CYBER LEADER DEVELOPMENT
Several years ago, the Army Cyber Institute, or ACI, developed and implemented the Cyber Leader Development Program, or CLDP, for cadets at the U.S. Military Academy at West Point, New York.
Hall said that program has now been extended to ROTC programs at colleges across the country for all military services.
The CLDP is not just a cyber course given in isolation, Hall said. It's a multidisciplinary effort cutting across coursework from math and engineering to legal and ethical topics. That means teachers and students collaborate across domains.
Researchers at ACI are on hand to provide support to those students, wherever they might be, he added.
Retired Army Col. Dr. Daniel Ragsdale, director of the Cybersecurity Center at Texas A&M University, said his 2,500 ROTC cadets are among the beneficiaries of CLDP.
The program, he said, goes well beyond classroom learning and involves internships with industry, extracurricular activities and cybersecurity competitions.
"We're preparing young officers to rapidly acquire skills," he said. "Half won't seek a commission, but the knowledge and skills they acquire will contribute to federal, state and local governments, nonprofits, the private sector, wherever they're employed."
Hall said cyber competitions fuel a tremendous amount of interest in cyber among young people. One example, he said is the All-Army CyberStakes for those in a military service pre-commissioning program. Challenges include binary exploitation, reverse engineering, forensics, cryptography, and web exploitation.
Another example, he said, is CyberPatriot, a national competition involving kids at middle school and high school levels. Students are tasked with finding cybersecurity vulnerabilities in various systems.
In that program, teams compete at multiple levels in an effort to make it to a national competition involving an all-expense paid trip to Baltimore. There, the winning team earns national recognition and scholarships, according to the USCyberPatriot website.
Ragsdale noted that cyber competitions started as far back as the 1990s, with the National Science Foundation leading the charge. The Army took notice, he said, and the NSF effort led to the Army creating CyberPatriot.
A concern with CyberPatriot, he said, is that as students participate in "capture-the-flag" type cyber competitions that involve offensive aspects, they might become attracted to some of the more criminal cyber activities.
However, that hasn't happened yet, Ragsdale said. And for now, the benefits of such competitions have so far outweighed any perceived drawbacks.
OTHER CYBER ENTRY POINTS
Ragsdale said the National Security Agency has a National Centers of Academic Excellence in Cyber Defense, which is an accredited program offered at over 200 universities, leading to degrees in cyber security, cyber defense research and cyber operations.
Col. Robert Kewley, head of the Department of Systems Engineering at West Point, said that the Department of Defense has what is called a Collaborative Research and Development agreement.
He explained that this agreement involves the military, academia and private industry.
For example, he said the Army has such an agreement with universities and Lockheed-Martin, involving missile defense, lasers and cyber. That collaboration has been mutually beneficial to all three, with students providing their own research into new innovations that could further advance cyber technology.
Hall said U.S. Army Cyber Command at Fort Gordon, Georgia, is reaching out to universities across the country, particularly in Georgia, to collaborate on a number of cyber research initiatives.
REAL-WORLD PROBLEM SOLVING
Kewley said that while learning theory and doctrine in a classroom setting is valuable, nothing substitutes like hands-on learning that competitions can bring with real-world challenges. "That reinforces students' understanding of the value of their education and the value of skills they're learning and gets them fired up."
Timothy D. Bloechl, a retired Army officer who now works in the private sector, said it's important for youngsters get on keyboards and do operations. "People get excited by that."
He added that everyone experiences cyberattacks, not just the military. The experience students gain will contribute to national security, whether or not they chose to go into the military, government or the private sector.
Tyson B. Meadors, director for cybersecurity policy on the National Security Council, said there's a shortage of about 300,000 cybersecurity experts across the U.S. in both government and private industry.
With these competitions and an increasing cyber focus in universities, "we're trying to bridge that gap," Meadors said.
All-Army CyberStakes award presentation at the 2017 International Conference on Cyber Conflict U.S. took place in the Ronald Reagan Building, Nov. 7, 2017. Pictured here at the event are: (left to right) 1st Lt. Christian Sharpsten, 780th Military Intelligence Brigade, (1st overall); 2nd Lt. Matthew Shockley, U.S. Army Cyber School (2nd overall); and, 2nd Lt. Edward Woodruff, 780th MI Brigade (3rd overall). They are seen with (from left) Lt. Col. Josh Bundt, an instructor of digital forensics and research scientist with the Army Cyber Institute, U.S. Military Academy; Daniel Ragsdale, director of Texas A&M Cybersecurity Center and a professor of practice in the Department of Computer Science and Engineering; and, Dr. David Brumley, the Bosch Security and Privacy professor at Carnegie Mellon University.