In June, my team and I represented Argentina in the Ibero-American cybersecurity challenge. TrendMicro and the Organization of American States (OAS) organized the event.
We were tasked with solving various challenges that businesses around the world face every day. We used incident detection and response techniques to first find the problem and then stop the attack from a person who could penetrate a system and then either steal it or make it unavailable.
Teams representing twelve countries participated virtually, due to pandemic restrictions. Through the group-chat platform, Discord, this edition of the event brought together all national winners of the #CyberWomenChallenge held during 2020.
How we did
In the first round of the event, we faced challenges on topics ranging from containers, microservices, and infrastructure. With some great teamwork, we achieved first place in the Argentine nationals. With this, our team comprising Alejandra Lavoure, Andrea Chill, and myself, had the opportunity to represent our country in the Ibero-American competition.
In this second round, the competition was more challenging and more extensive. The topics requiring technical knowledge also changed.
I am proud to say that, representing Argentina, we obtained first place, placing ourselves at the top of the women who practice cybersecurity in the region.
Unfortunately, I can’t reveal too many details about the competition at the regional level, as it was a test pilot for future competitions. However, I want to share some high-level insights. We were presented with the hypothetical situation of suspicious events occurring at a technological level in an organization, following an employee publishing a photo where confidential information could be read. We were challenged to investigate and solve various challenges. Below I go into more details about some of the techniques we used.
SOCMINT – Social media intelligence
This is a technique that uses information available on social networks. The information is generally published by the users themselves. We can correlate, analyze and convert it into useful information for a specific purpose. These purposes range from profiling a person, a police investigation, a cyberwar or even perpetrating computer attacks.
Incident detection & response
Incident detection and response is a practice that aims to have an action plan for the moment that an anomaly or an attack on a system is detected, so that you can respond as quickly as possible in order to recover. With this, there should be minimal impact on the operations of an organization, while also preserving the security of your data and information.
To do this many companies rely on different cybersecurity tools. One of the most advanced is XDR.
This tool allows you to implement incident detection and respond to them in multiple targets, such as endpoints, emails, workloads, and files. Not only is it a tool that collects events, it also has a correlation system that allows more refined and exhaustive searches, resulting in more precise results in less time.
We combined both techniques during the 6-hour-challenge. As mentioned, we used it to investigate how a company had been attacked after an employee had published a photo on social media with compromising information.
In a historical context, there have not been many women involved in cybersecurity, nor more generally in the technology industry. I believe that having diverse teams is incredibly important because we can then build teams that consider a variety of different perspectives, and obtain results where the final sum is greater than its parts. It’s for this reason that events such as the #CyberWomenChallenge are so important, as they help promote and encourage more female participation in the industry.
I was very proud to represent my country, and it was also great to see such incredible female cybersecurity talent amongst our competitors. Opportunities like these allow us to be disruptive and invite us to discover paths not yet explored. I’m already looking forward to the next event.by