In its second year of competing, UNM’s team won the Rocky Mountain Regional Cyber Defense Competition. It failed to place last year.

The team informed the Daily Lobo of their victory, which had not been officially announced as of press time. UNM’s victory breaks a winning streak by the Air Force Academy, which won the regional competition in 2011 and 2012, its first two years of competing.

The competition was a role-playing scenario in which teams composed of students managed a business network, and teams of network-penetration testing professionals attempted to compromise the network, at random times disable systems or steal private information.

The competition forced the student teams to meet the technical demands of maintaining network security while satisfying “clients” and providing business services.

Professor Alex Seazzu, director of the Center for Information Assurance Research and Education in the Anderson School of Management, which offers the information assurance concentration for MBA students, worked closely with UNM’s team.

“We tried to emphasize lessons learned from the past. The team had more resources and experiences to draw from than from the first time we participated,” he said in an email. “They clearly were very good at adapting, which is a key element in cyber security.”

Members of the team said they were surprised by how well they did.

“We were pretty worried going into it, especially on the first day,” said Ruth Karkiewicz, an MBA student with concentrations in information assurance, management information systems and management of technology. “But the competition organizers came to us afterward and told us that we were the most calm and flexible and then we ended up winning.”

Members of the team said the role-playing nature of the competition created many novel scenarios.

“I really wasn’t expecting any of what they threw at us,” said Haile Shannon, an MBA student with concentrations in information assurance and management information systems. “We would also get phone calls from ‘customers’ about our services while managing the network attacks. We even had our ‘company’s CIO’ come in and scold us from time to time.”

The sole undergraduate member of the team, Colin Williams, a computer science major with a minor in business, said the technical side of the competition was just as varied.

“They hit us with denial-of-service attacks and changed the settings of our printers, to name some things,” Williams said. “One time they even made the LCD screen on one of our printers display an Aggie.”

Despite its win, UNM’s team will not be allowed to participate in the national competition, to be held in San Antonio next month. To be eligible, the teams can’t have more than two graduate students, and UNM’s team has seven graduate students and one undergraduate.

“We knew going into it that we wouldn’t be able to advance,” Karkiewicz said. “But we still went and gave it our all, did our best and got some very good experience from it.”

Melissa Berghmans, an MBA student with concentrations in information assurance, management information systems and management of technology, said she was excited about the employment opportunities she discovered while participating.

“The (competition) is very prestigious and well known, and just having it on our résumés will help with future jobs,” Berghmans said. “Of course, having a win to add to that is even better.”
Seazzu said the competition is important for employability in information assurance fields.

“A few years back, the team that won the nationals was hired on the spot by Boeing, so it’s also a great opportunity to show potential employers what you can do,” Seazzu said.

The information assurance program has been in place at the Anderson School of Management since 2007, when the National Security Agency and the Department of Homeland Security designated UNM a Center of Academic Excellence in Information Assurance.

According to its website, the Collegiate Cyber Defense Competition was created to give students a chance to practice information assurance and network security in a controlled, competitive environment. It has been running annually since 2005.