Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:15 PM
Connect Directly

West Point Trains Female Cadets For Cyber Branch

An internship at a Silicon Valley startup is one program aimed at helping close the cybersecurity skills gap.

United States Military Academy students Hannah Whisnant and Jayleene Perez spent the last three weeks in a summer internship program learning about cybersecurity at a Silicon Valley startup. 

The West Point Academy cadets, both rising juniors, were the first to participate in the program via security vendor Vidder, which sells a software-defined perimeter security service. West Point is home to the Army Cyber Institute, which was founded in October 2014 as part of the Defense Department's mandate to build a plan to defend the US against cyberattacks.

West Point's Silicon Valley internship program comes at a crucial time for the cybersecurity industry, which has struggled to keep positions filled with skilled professionals. A recent survey by Spiceworks found that 55% of organizations do not have a cybersecurity expert, and a majority have no plans to hire one. The same survey found that out of 1,000 IT professionals polled, 67% said they did not have any security certifications. 

And of those who do hold a job in cybersecurity, just 10% are women

A year after the ACI was opened, Junaid Islam, President and CTO of Vidder, was asked to give a lecture at West Point on Vidder’s security solution of software-defined perimeters. West Point asked Islam if Vidder would like to host West Point juniors and seniors as summer interns. This would be the first time West Point would offer an internship at a startup, let alone at a security startup. 

“It’s new for [West Point] to be working directly with Silicon Valley startups, and new to be sending their cadets right to Silicon Valley companies so they directly understand everything from how do product works, how do they invent it, how do we identify cyberattacks, how do we figure out how to stop them," Islam says. The cadets get to see "the whole lifecycle, and the idea is that this lifecycle will go back into the army’s thinking about how they should think about cybersecurity,” he says. 

Retired Major General Dan Balough, Vidder board member and a graduate of West Point, says the internship is important because it goes beyond the traditional government and Pentagon internships that West Point typically offers.

“I’m hoping this is a door opener -- it will broaden the ability of the Academy to get people out here to what I consider the heartbeat of the 21st century,” he says, referring to the tech revolution currently happening in the Bay Area and Seattle.    

For West Point's Perez, an information technology major at West Point, shipping out to the Silicon Valley for this internship was an opportunity to learn about how civilian network structures vary from a military networks. Both she and Whisnant see the program as a way for West Point to spur interest in the new cyber branch of the US Army. 

Jayleene Perez
Jayleene Perez

While a trip to Facebook headquarters and Big Basin did make their way onto the agenda, this was no vacation for the cadets. They spent three intensive weeks learning about cybersecurity and Vidder’s product, and during the final week, created a report based on their own analysis of everything they’d learned at Vidder. This report will be transmitted back to West Point to go toward an assessment of the cadets in their training to become officers and will remain in their files for the rest of their careers.

Perez and Whisnant spent three days learning how to hack into a fake internal network, which gave them the chance to practice the new skills they had learned at Vidder with hacking tools such as Metasploit and Nmap. Whisnant, a double major in math and computer science, says they also got to see a lot of hacking tools that they are not allowed to use on a Department of Defense-issued computer. That was a lot of fun, she says.

Hannah Whisnant
Hannah Whisnant

They also got a deep-dive into public key infrastructure technology beyond what you can learn in the classroom, and were also taught a little bit about business and how to market a product at a startup.

Gender Gap

Perez and Whisnant weren't fazed by the gender demographics in Silicon Valley. West Point is at about 83% male and 17% female, according to a Forbes college listing based on enrollment numbers from Winter 2014-Spring 2015 school year. 

“I’ve definitely hit a point in my life if I walk into a classroom and I’m the only girl in the room, I barely notice unless someone points it out to me,” Whisnant says.

Says Perez, “It’s just the environment we’re in, it’s normal for there to be like a 20% female and 80% male population.”

Both of these young women also agree that exposure to the cybersecurity field for women is sparse and there’s room to change that.  

“Women are present in small numbers in computer science and IT to begin with,” Whisnant says. “In my life, I've found that if just one parent or teacher takes a moment to encourage someone or suggest they would be good at something like computer science, it really can change their whole life,” she adds.

Perez knows this firsthand: “If it wasn't for my IT105 instructor,” she says, “I would have never considered information technology as my major or consider cyber as a possible [army] branch choice.”

This program is helping train young women -- and likely men, too -- for the dearth of cybersecurity jobs available. It has also opened the cadets’ eyes to new ways of thinking about cybersecurity.

“The most interesting thing I’ve experienced is it’s really broadened my idea of what cybersecurity can be,” says Whisnant. “I sort of had this very set view of like, oh, security is you have a firewall and you have to have a password to get around it -- the breadth of what it can be and what products are available has been good for me to learn about.”

Both cadets were drawn to cybersecurity because of the potential for growth and development in the new cyber branch of the Army.  

“I like that security is a very technical discipline, but also requires understanding of human nature and how people operate. A lot of security is about trying to think like a potential attacker and anticipate their actions, which appeals to me,” Whisnant says.

Perez says there are multiple dimensions to the field. “People normally think that there are two parts of cyber -- defense and offense. I think it's one of the few branches in the army in which you have very diverse jobs you can be doing in order to complete the same mission," she says.

Related Content:


Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada July 30 through Aug. 4, 2016. Click for information on the conference schedule and to register.

Emily Johnson is the digital content editor for InformationWeek. Prior to this role, Emily worked within UBM America's technology group as an associate editor on their content marketing team. Emily started her career at UBM in 2011 and spent four and a half years in content ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
7 Ways VPNs Can Turn from Ally to Threat
Curtis Franklin Jr., Senior Editor at Dark Reading,  9/21/2019
Security Pros Value Disclosure ... Sometimes
Dark Reading Staff 9/19/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I wish they'd put a sock in it.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-09-23
Multiple classes used within Apereo CAS before release 6.1.0-RC5 makes use of apache commons-lang3 RandomStringUtils for token and ID generation which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong.
PUBLISHED: 2019-09-23
The SAML identifier generated within SAML2Utils.java was found to make use of the apache commons-lang3 RandomStringUtils class which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong. This issue only affects the 3.X release of pac4j-saml.
PUBLISHED: 2019-09-23
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.
PUBLISHED: 2019-09-23
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221.
PUBLISHED: 2019-09-23
Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny se...