A robust cybersecurity protection is significant to most public- or private-sector actions in the USA. In 2019, Govt Order 13870 said that, “America’s cybersecurity workforce is a strategic asset that protects the American folks, the homeland, and the American lifestyle.” One consequence of this govt order is an effort to foster cybersecurity schooling by means of competitions. These occasions permit contributors to sort out real-world cybersecurity issues in a timed, aggressive, protected atmosphere by means of hands-on challenges that assess and construct cybersecurity abilities. Opponents join particular person or workforce tracks or each to strengthen their talents and be examined by offensive or defensive challenges. A cybersecurity competitors is a perfect atmosphere for these professionals to dive into and discover lifelike eventualities.
The Division of Homeland Safety’s Cybersecurity & Infrastructure Safety Company (CISA) was tasked with holding a cybersecurity competitors for the federal cyber workforce. It selected to associate with the SEI to develop and run the President’s Cup Cybersecurity Competitors, a nationwide cyber competitors that identifies, acknowledges, and rewards one of the best cybersecurity expertise within the federal govt workforce.
In six years greater than 8,000 folks have taken half within the President’s Cup. In that very same time span practically 4,000 help-desk tickets regarding questions with challenges/the platform/registration, and so forth., have been created to help the President’s Cup. Whereas designing high-level challenges is crucial a part of a cybersecurity competitors, having a help workforce that may course of and resolve opponents’ issues in a well timed trend is a crucial a part of making a cybersecurity competitors profitable. On this publish we current classes discovered from six years of internet hosting President’s Cup Cybersecurity Competitions together with the need of competitors help staffing.
Help Crew Goal and Construction
Although contributors are competing, they nonetheless sometimes want the help of a help workforce. The purpose of the help workforce is to assist opponents expertise a seamless occasion. The help workforce doesn’t supply hints to the people and groups once they get caught throughout a problem; it serves as an middleman between opponents and the competitors’s platform and problem engineers every time problem questions and/or platform points come up. Typically a technical subject with a problem or the competitors atmosphere wants restore, whereas different instances a competitor seeks readability a few specific a part of the problem. The help workforce retains the wheels shifting.
Help Hours and Tiers
The primary determination when planning help for a contest is deciding when to supply reside help. Some competitions supply reside help 24/7, whereas others supply reside help for particular instances throughout the rounds. Both approach, it’s necessary to obviously talk the hours when opponents can and can’t count on reside help.
The President’s Cup Cybersecurity Competitors is run by means of Gameboard, an open supply software, the place customers entry the challenges and attain out to the help workforce by means of the Gameboard-hosted ticketing system. Earlier than tickets begin arriving, it’s a good suggestion to interrupt the help workforce into three tiers to finest triage and resolve points.
- Tier 1. In the course of the competitors, Tier 1 help employees are answerable for fielding preliminary help tickets, acknowledging motion is being taken and speaking with the opponents till the problem is resolved. The emphasis is to resolve assist requests as quickly as doable since there are time constraints throughout the aggressive rounds. Some examples of Tier 1 points embrace registration questions, profile updates, and common questions on guidelines.
- Tier 2. Typically a problem have to be escalated to builders for decision. Maybe a characteristic requires troubleshooting, or an engineer should decide if the problem is working appropriately. These engineers kind the Tier 2 a part of the help workforce. Another examples of Tier 2 points embrace issues with grading, digital machines that fail to launch, or clarification questions on wording in problem documentation.
- Tier 3. Tier-3 issues, comparable to infrastructure outages or bugs, might be essentially the most critical to deal with due to their potential severity. For instance, if digital machines for all challenges are abruptly unable to begin, the complete competitors grinds to a halt till the issue is rectified. Due to this fact, infrastructure specialists have to be obtainable or on name in case an pressing scenario emerges.
How do opponents attain help, and the way is an issue funneled to the proper tier for decision?
Help Workflow and Responses
In the course of the President’s Cup, customers submit help tickets by means of the Gameboard software. The help interface routinely captures the precise President’s Cup problem, the consumer’s PlayerID, and a help code that helps the help workforce pinpoint the problem. When the Tier 1 workforce receives the ticket, they triage the scenario both for decision or elevation to Tier 2. Both approach, the Tier 1 group communicates with the opponents that they’ve acquired their request and can preserve them knowledgeable of progress towards decision. It’s necessary to quickly talk with opponents and attempt to resolve most tickets inside quarter-hour for the reason that opponents solely have a sure period of time to participate in every spherical.
Whereas inventory solutions to typical consumer questions can function a common start line for support-team responses, it’s finest to method every help ticket individually in order that customers know their particular query is getting addressed. The purpose is to not reply questions in a rote trend however to reply to every competitor’s scenario in a passable approach.
Weekend and after-hour responses current distinctive conditions. If opponents can take part throughout instances when reside help received’t be staffed, the unavailability of help have to be communicated clearly (customers can entry the President’s Cup website 24/7 to learn the competitors’s guidelines and FAQ part, nevertheless).
Adjudication Points
Some points are uncommon sufficient (e.g., a competitor discovers an surprising method to remedy a problem) or extreme sufficient (e.g., an infrastructure outage causes a contest delay) to require fast or post-round adjudication.
Often a consumer’s help ticket reveals an unknown drawback or infrastructure subject. If, after investigation, directors decide that an issue with the problem or different competitors infrastructure was the trigger, they could award further time within the participant’s session or factors for solutions that the participant discovered.
Additional time is awarded to a competitor when an issue with a problem or competitors infrastructure prevented the competitor from making progress on a problem. The additional time is usually awarded based on how a lot time directors imagine the competitor misplaced because of the error.
Awarding factors as a part of an adjudication is uncommon. Factors ought to solely be awarded if directors decide that gamers submitted a solution that must be thought of right however was graded as incorrect by the problem. This may occur in rare circumstances when a problem inadvertently has a number of right solutions that weren’t accounted for throughout problem design, QA, and grading.
The President’s Cup Gameboard reporting options present useful knowledge to the help workforce. Help experiences summarize details about the help tickets dealt with throughout the competitors. They are often filtered for a particular spherical, a particular problem and/or different parameters comparable to labels. Labels are tags added to particular person tickets that permit the help workforce to simply determine, classify and search all tickets. Tickets might be labeled by spherical, subject (e.g., VM-outage), or any parameter the help workforce decides to make use of. As soon as tickets are tagged with labels, it’s straightforward to run experiences. Experiences permit the help workforce to focus on competitors drawback areas or points that have to be addressed earlier than an ensuing spherical. Experiences may also function a place to begin for the planning of future competitions.
Six Classes Discovered in Supporting Cybersecurity Competitions
- Perceive Your Limits. Think about your plan for help when providing a cybersecurity competitors. If 24/7 help will probably be provided, don’t promote that to potential opponents and assume you may fill the help schedule later. It’s more durable than you suppose to safe staffing for each time slot, particularly in a single day. Remember that for those who comply with a tiered-support technique, at the least two folks have to be scheduled for each shift. Be sure you have sufficient workforce members who possess the talents and availability to deal with help assignments.
- Analyze Knowledge. Use your help website’s reporting options throughout and after a contest to have a look at knowledge. With the President’s Cup, CISA and the SEI use Gameboard’s in depth, built-in reporting options to glean key details about competitors challenges and logistics (comparable to growing help employees throughout sure hours or realizing help isn’t wanted as a lot as initially thought throughout in a single day hours). Utilizing reporting knowledge might help decide a contest’s staffing wants.
- Guarantee a robust challenge-review course of. A robust problem testing-and-review course of as highlighted within the Designing Nice Challenges for Cybersecurity Competitors weblog publish is integral to a profitable competitors. The purpose right here is to determine and repair any problem points earlier than the competitors even begins. Consider this course of as providing help earlier than help is even needed. Extra challenge-testing earlier than a contest leads to
- Fewer challenge-specific help tickets throughout the competitors,
- happier contributors,
- and a extra passable buyer expertise for the competitors proprietor.
One other space the place a contest website’s reporting capabilities can present helpful data is problem growth. Examine what challenges drew essentially the most help tickets. Are there frequent threads to among the issues highlighted within the tickets? For instance, if Safety Onion takes a very long time to begin when used within the problem atmosphere, it is likely to be useful to future opponents to focus on that actuality within the problem documentation in order that they know the challenges that make the most of Safety Onion are working as anticipated.
- Preserve an lively backup staffing plan. Have backup plans in case somebody in your help workforce is unable to deal with their shift. Whether or not it’s a proper backup schedule or an on-call record, have a plan useful for when life interferes together with your competitors.
- Have a simple communication methodology that your help workforce can use. In in the present day’s work atmosphere it’s not going your help workforce will bodily be in the identical room throughout aggressive rounds (particularly after enterprise hours and on weekends). Collaborative instruments comparable to Mattermost and Microsoft Groups are perfect for permitting real-time communication amongst your workforce members. Video-communication platforms like Zoom are additionally helpful for emergency conditions that require impromptu conferences (comparable to a sudden drawback together with your competitors’s cloud supplier).
- Hold a operating support-team classes discovered record all through the competitors that can assist you evolve your help course of for upcoming rounds and future competitions. Method any feedback or inner ideas about your help methodology by means of the eyes of your opponents and prospects. Hold the next questions in thoughts:
- How can we enhance our competitors to raised fulfill our buyer’s wants?
- How can we make our help course of higher for opponents?
It’s additionally a good suggestion to maintain “classes discovered” monitoring in thoughts not simply to your help course of however for all facets of your cybersecurity competitors.
Help Audiences – Who Advantages?
These help practices are the results of the SEI’s expertise working with CISA’s President’s Cup Cybersecurity Competitors. Help technique works in tandem with problem growth when planning a cybersecurity competitors, so support-team concerns usually are not incidental to reaching the strategic purpose of creating and strengthening America’s cybersecurity personnel. A help workforce that’s in a position to deal with points that come up throughout a contest whereas serving as concierge to opponents satisfies three audiences: competitors contributors, competitors stakeholders, and people who need the USA to have a superior cybersecurity workforce.
