For the last six years, soldiers, officers, and reservists of the US Army National Guard (ARNG), Air National Guard (ANG), and US Army Reserve from across the country have come to Cyber Shield with one goal in mind: to expand and test their defensive cyberspace operations skills.
This year, Focal Point Data Risk’s Academy division was privileged to play a role in this important initiative. Our team of cyber security instructors traveled to Camp Williams, Utah, to provide over 150 guardsmen and reservists with hands-on training in network traffic analysis, malware analysis, and malicious network traffic analysis.
Although we came to Cyber Shield 2017 to teach others, we found ourselves learning from the students and their leadership. Here are three things we took away from Cyber Shield.
1. The Future is bright for our nation's Cyber Warriors.
With breaches making headlines on a daily basis, it’s easy to get discouraged about our cyber defenses. But in spending time with our nation’s best and brightest, we were reminded again about the inspiring, hard-working, and remarkably talented cyber professionals working behind the scenes every day to secure our country.
We were fortunate to lead three courses at Cyber Shield, plus several additional breakout sessions. During these courses, we spent time with students from different branches of the military, from nearly every state in the US (and a couple of territories), and at various levels (ranging from network engineers to colonels and majors). But despite these differences, everyone at Cyber Shield had a single objective – to expand their cyber security skills and use them to better defend our nation.
The students in our trainings were remarkably focused, constantly asking questions, pushing breaks back, and working together as a team to complete labs. It was inspiring to watch these students from all different backgrounds work together to build a stronger cyber security force.
2. Asking Questions is the best way to learn.
Interaction is the key to beneficial training – and we’ve never believed that more than after Cyber Shield 2017. Our instructors love getting tough questions from students, but we were blown away by the level of discussion and classroom interaction at Cyber Shield. Students asked pointed, thoughtful questions and engaged in complex conversations about today’s challenges and tomorrow’s threats. They dove into lab exercises head-first, working in teams of two or four, to solve critical, real-world challenges. Some even wanted to skip breaks, just so they could glean as much as possible from the sessions.
When reviewing the feedback we received, we saw a number of comments about how this collaborative format gave students the opportunity to discuss course material with instructors and really dissect and digest everythingl they were learning and exercising. This was a great reminder that taking the time to answer questions and collaborate with students can make all the difference.
3. Hands-On Skills Development may be more valuable than certifications.
We know we’re a cyber security training company, so this may sound biased, but Cyber Shield 2017 provided some pretty good evidence for our central hypothesis: the best way to learn is by doing. In our courses, 70% of students’ time is spent performing hands-on lab activities. This means our students aren’t sitting in lectures all day, and our instructors don’t “teach to the test.”
Cyber Shield was no exception. We grouped students together, so each lab required teamwork. We brought the tools they use every day into the labs, so they were building new skills that directly apply to their current jobs. These labs gave our students the opportunity to tackle the problems they’re going to face on the field with an expert instructor standing by to answer questions and provide guidance.
While certifications have their place in the industry, skills training prepares students for the work they’ll be doing every day. We watched students work with their teammates to come up with creative solutions to our challenges – an opportunity certification tests can’t provide. Cyber Shield 2017 was a good reminder that taking a hands-on approach to learning is often the most beneficial.
Cyber Shield is a two-week-long exercise. Week One provided attendees with training, and then Week Two was all about exercising this training. Last week, attendees were split into two teams – offense (Red) and defense (Blue) – and battled to infiltrate or defend a mock network. Our training helped to prepare the Blue team for this exercise, and we are incredibly grateful to have the opportunity to play a part in strengthening our nation’s cyber force. We hope to be back in 2018, and wish all the students we met at Cyber Shield 2017 the best of luck this year.