What’s the No. 1 ranked college in the National Cyber League?

Hint: It’s not a school you’ve likely heard of unless you live in California or you’ve competed in the NCL competition.

It’s Chico State, officially, California State University – Chico. For three semesters – the last two consecutive — the university in the far northern part of the state has come in at the top of the Cyber Power Rankings.

To achieve that distinction, Chico’s student team had to trump teams from more than 450 other colleges and universities in performing real-world cybersecurity tasks. Annually, some 10,000 students (including some still in high school) enter the National Cyber League competition, testing their skill at identifying hackers from forensic data, pentesting and auditing vulnerable websites, recovering from ransomware attacks and more.

Registration for the Fall 2020 competition is now open. Practice sessions begin Sept. 14 with the individual games starting Oct. 23 and the team competition set to begin Nov. 6th.

Besides the competitive aspect of the games, it’s a learning experience for the participants who are assigned a coach to advise them and help them through the tough practices. Competitors become part of a community lead by Cyber League “Ambassadors” who are experienced players. Some are working professionals; others are students.

Of special value are the scouting reports each player gets. These reports are detailed metrics of a participant’s performance in the competition, listing their national rank and percentile, bracket rank and percentile, performance score, accuracy and completions in each of the 9 categories, as well as the national and bracket averages.

cyber rankings.jpg

Job candidates often include these reports and rankings in their resume and applications. Employers can also source candidates from these reports. As one of the Ambassadors explained in a blog post, “Companies pay NCL to produce these scoring reports so that they can scout the best of the best collegiate cyber-athletes.”

The Cyber League was born in 2011 when a group of cybersecurity professionals and academics from several public agencies came together to create “an innovative way for students to apply what they were learning in class.” So they designed the competition to be both an exciting “game-meets-edutainment” and a learning opportunity.

Individuals can participate in the competition even if they don’t have a team. This is how many of the high school students are involved. In the preseason part their fundamental skills are tested so they get placed in the appropriate bracket. In the individual games, participants compete against others of the same skill level. The team game follows.

The power rankings are developed from the individual competition and team competition scores.

Photo by FLY:D on Unsplash


Affective Computing Is Making AI More Human

One of the leading trends in IT that not even many technologists know much about is “affective computing.” It’s adding EQ to AI’s IQ,

The idea of computers that can engage and effect human emotions is as old as the first sci fi robots. A more modern example are video games that immerse players in environments designed to trigger a variety of emotions.

Today’s affective computing seeks to recognize human emotion and respond to it, not simply to evoke it. At MIT’s Media Lab, the mission of the affective computing group is to “bridge the gap between human emotions and computational technology.” The goal is to develop “new software tools to help people gather, communicate, and express emotional information and to better manage and understand the ways emotion impacts health, social interaction, learning, memory, and behavior.”

These are no mere high-minded aspirational hopes. Tools like these already exist, and not just in the lab. Many models of cars come equipped with sensors that detect drowsiness, warning the driver and urging them to take a break. At New York’s Fashion Week in September “Experience Management” technology analyzed attendees to customize drinks and fragrances just for them. McDonald’s is using technology to tailor drive-thru menu features based on weather, trending items and what the current restaurant traffic is like.

Deloitte report says uses like these are just the beginning: “Using data and human-centered design (HCD) techniques — and technologies currently being used in neurological research to better understand human needs — affective systems will be able to recognize a system user’s emotional state and the context behind it, and then respond appropriately.”

Human experience platforms employ a range of AI technologies like sentiment analysis, eye tracking, facial recognition and natural language processing to recognize and understand human emotion and, most significantly, respond to it in a natural, human-like way.

Deloitte gives us a practical example of how this could work:

“Imagine if you could walk into [a clothing retailer] and a bot appearing on the screen recognizes you and addresses you by name. This bot has been observing you walk around the store and has identified jackets you might love based on your mood today and your purchasing history. In this moment, technology engages you as an individual, and as a result, you experience this store in a very different, more human way. AI and affective technologies have scaled an experience with very human-like qualities to encompass an entire business environment.”

Each of these capabilities exists now in some form. Assembling them into an experience platform isn’t far off. Deloitte found that companies focusing on the human experience are already twice as likely to outperform their peers. They grow revenue 17 times faster than competitors that do not focus the human experience.

“The ability to leverage emotionally intelligent platforms to recognize and use emotional data at scale,” Deloitte predicts, “Will be one of the biggest, most important opportunities for companies going forward.”

Image: Deloitte Insights


A More Benign Approach to Shadow IT

Shadow IT is one of the (many) things that keep system admins awake at night.

Right now, someone in every organization with more than a handful of workers is using an app they got from the internet that the IT department knows nothing about.

Unapproved technical tools – apps, cloud services like Dropbox or Google Drive, and personal devices – present potential and very real security concerns. They also come with not insignificant costs when multiple business groups buy duplicate solutions. By some estimates, 40% of spending on software and tech services occurs outside the IT department.

So common is it for a computer user to use a cloud service or download an app or tool to help them do their job that Microsoft says the average number of apps being used in an organization is around 1,000.

“80% of employees use non-sanctioned apps that no one has reviewed, and may not be compliant with your security and compliance policies,” Microsoft says, introducing a tutorial for using one of its products “to discover which apps are being used, explore the risk of these apps, configure policies to identify new risky apps that are being used, and to unsanction these apps.”

Hunting down and shutting off these apps and unapproved services does help with the security risk. But relying entirely on that approach is a never-ending policing effort that only contributes to the “Department of No” perception of IT.

A recent CompTIA article on the subject says imposing ever greater restrictions may even be counterproductive. “Enhanced rules may cause workers to venture outside of approved IT more, rather than less — especially if they feel their pain points are being ignored.”

The article suggests a more benign approach that actually allows some types of shadow IT uses while also educating workers about the risks and providing them with the functionality they want.

The latter is the approach the US Department of Veteran’s Affairs is taking.

“You have to give your customers options. If they don’t feel like they’re getting serviced properly from the central IT function, they’ll go find their own way, because they’ve got a mission to execute,” Dominic Cussatt, the agency’s principal deputy chief information officer, says.

He explained that the VA is developing portfolios of services from which customers can shop.

Reporting on Cusatt’s comments at a conference, FedScoop reported, “The idea is that these portfolios are ready to deploy, checked out from a security standpoint and with buys already in place.

“Said Cusatt, ’That ease of access helps them and helps them avoid seeking other options.’”

Photo by Christina @ wocintechchat.com