IGF 2020 Pre-Event #58 Hacking on the light side of the force - How to use CTF competitions to develop competences in security and internet technologies

Time
Monday, 2nd November, 2020 (13:30 UTC) - Monday, 2nd November, 2020 (15:00 UTC)
Room
Room Poland II
About this Session

NASK

Description

The discussion will aim to bring the CTF closer to the young people as a way to interest them in security and technology development. The target group are both young people who can use the acquired knowledge and inspiration in gaining new competences and people who decide about the professional development of others (teachers, employers etc.). The professions of Capture the Flag (CTF) consist in solving a series of tasks, which are to search for "flags". (hidden character strings). To extract the flag, you usually have to hack the program, system or device. To do so, it is necessary to quickly learn about its mechanisms. It turns out to be useful to have an excellent knowledge of standard network. The professions of Capture the Flag (CTF) consist in solving a series of tasks, finding the "flags" (hidden character strings). To extract the flag, you usually have to hack the program, system or device. To do so, it is necessary to quickly learn about its mechanisms. It turns out to be useful to have an excellent knowledge of standard network protocols used in communication, numerical processor architecture, tools for analyzing code, network traffic or electronic circuits, programming techniques, and above all to develop the ability to think outside the box and understand complex relationships. It should not come as a surprise that many CTF players are successful in their careers, taking care of the security and proper functioning of the Internet.

Moderator: Przemek Jaroszewski, CERT Polska/NASK

Reporter: Zuzanna Polak, NASK

Speakers:

  • Mateusz Szymaniec, p4/NASK
  • Michał Kowalczyk, Dragon Sector
  • Tomasz Bukowski, Dragon Sector
  • Stanisław Podgórski, The Flat Network Society
1. Key Policy Questions and related issues
Are CTFs beneficial for encouraging young people to consider a career in IT Security?
What kind of benefits could CTF bring to business?
In what way participation in the CTF could be an incentive for employee?
2. Summary of Issues Discussed

There was common agreement on the relative importance of each discussed topic.

    1. Capture the Flag (CTF) contests can be a powerful educational and motivational tool to encourage young people to consider a career in IT Security or develop professional skills required by modern workplace like team work, open mindness or working under pressure.
    2. Business can profit from both organising CTFs and providing support for employees interested in participation in CTF. From one hand it could be a method of testing and advertising of their new IT solution and from the perspective of an employer it is a career development tool and incentive for employees, since they perceive participation in CTFs as a fun activity but as well a creative learning method.
    3. CTFs is building community of skilled professionals who present high moral standards what is praised and supported by the organisers. This issue is essential in IT Security sector since trust, equality and commitment are important to build solid partnerships.
3. Key Takeaways
    1. CTFs are attractive form of bringing together a community of skilled IT Security professionals what can be beneficial for international, non-commercial sectors like governments, international organisations or sectors oriented in cooperation of different specialists like aviation however the organisers should take care of “fun factor” of the event to attract participants.
    2. CTFs are powerful educational tools for the benefits of formal education process and professional career development. It could be considered as a standard support of education.
6. Final Speakers

Speakers:

  • Mateusz Szymaniec, p4/NASK
  • Michał Kowalczyk, Dragon Sector
  • Tomasz Bukowski, Dragon Sector
  • Stanisław Podgórski, The Flat Network Society

Moderator: Przemek Jaroszewski, CERT Polska/NASK