As technology continues to advance, new cyber threats unfold every day, each more sophisticated than the last. The need for skilled professionals has never been greater and it all starts at the beginning – developing the skills and building the capability of emerging cyber security talent.
The Challenge
Kicking off on October 13, the event brought together 115 aspiring cyber security TAFE students who made up a total of 27 teams.
Each team acted as third-party incident responders, tasked with managing a critical security incident impacting a fictitious organisation. Over ten days, teams immersed themselves in a functional (hands-on) cyber security exercise, designed to simulate the multi-faceted nature of incident response.
Participants were tested on their various skills as they faced situations often encountered in a real-life incident response operation. As they would attest – there’s much more to it than just the technical aspects (although there’s a lot of that too!).
Participants were assessed on their ability to:
- Forensically analyse real artefacts and piece together the events of the incident
- Construct network diagrams and security briefings
- Respond to the media
- Consider legal and privacy implications
- Brief executives and make recommendations
Their findings and submissions were then evaluated by our judges.
The Judging Panel
Our judges were responsible for assessing team submissions across key domains of incident response. These scores were then used to determine team rankings.
We'd like to say a big thank you to each of our judges below for getting involved and generously volunteering their time and expertise. Their contributions were invaluable and they played a vital role in making this event a success!
The Closing Ceremony
Of course we then had to gather everyone together for the closing ceremony – not just to announce the winners, but also to celebrate what an achievement it was to make it through the event.
Starting with a recap of the event, we then heard from each of the judges as they introduced themselves and outlined what they were looking for in the submissions. It was evident that everyone's hard work paid off as we learnt that the scores this year were the closest we’ve ever seen in a competition!
"Overall, every team produced some really high quality, exceptional work. I would say some of the work is comparable to what I’ve seen from experts in the field - and this is coming from students."
Sumeet Yadav, Executive/C-Suite Judge from Melbourne Polytechnic
Not only that, but incident response also requires a high level of teamwork, co-ordination, and collaboration – attributes we saw demonstrated across the teams and more. Let’s not forget that everyone was juggling this challenge amongst all their other commitments – families, work, studies and even assignments!
The Winners
Congratulations to Data Daemons from South Metropolitan TAFE for taking out first place in this year's challenge!
We also took the opportunity to ask the Data Daemon team members about the event and here's what they had to say:
"Definitely get involved! I learnt so many skills! Exposure to the incident response tools were invaluable and provided a great foundation for future incident response studies."
- Christine Hall
"This challenge would have been worth the time and energy, whether we placed or not. We thoroughly enjoyed the forensics and chasing that 'gotcha' moment. It also made me realise that you don't know what you don't know until you're looking for that needle in a haystack. You must adapt - perhaps even teach yourself new tools as I did - and persevere. Interested in a cyber career? This would be a great way to find out if cyber forensics and incident response is for you."
- Matt Lilly
"As difficult and technical as it all may seem, perseverance is paramount. Our team was almost ready to give up at one point, but we stuck it through and even managed to come out of it as the top team of the competition!"
- Ronan Caunter
But wait - there’s more!
The Guest Speaker
We also had the privilege of hosting a guest speaker, James Kotsias - a senior advisor with a very extensive background in cyber security. After throwing to the TAFE students to find out what they really wanted to hear about from an industry expert, we (virtually) huddled around for a casual and candid chat with James.
James imparted some insightful and valuable advice as we covered topics ranging from the different types of roles in cyber and who they might suit, what students should consider when applying for their first job, to learning about how James’ philosophy background comes in handy in cyber and hearing about his own journey and experiences. It was a thoroughly enjoyable session with fantastic energy and conversation for sure!
The Deep Dive
Finally, to close out the event, Retrospect Labs led a technical deep dive session, with the aim to provide participants with insights into the challenges they faced and enhance their overall understanding of the technical components in the exercise. We started with an overview of the exercise design and adversary backstory, before breaking it all down, delving into the tasks and artefacts, and getting into the technical nitty-gritty.
The Wrap Up
As we wrapped up the TAFEcyber Incident Response Challenge 2023, we naturally reflected on the impact that an event like this has. If we’ve learnt anything, it’s that by working together, building others up, and harnessing individual strengths, we can achieve a lot and make a difference.
No matter which path into cyber our future defenders decide to take, we’re confident they’re armed with the skills to navigate the unknown, the challenging and the ever-evolving realm of cyber security.