Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

7/5/2016
04:15 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

West Point Trains Female Cadets For Cyber Branch

An internship at a Silicon Valley startup is one program aimed at helping close the cybersecurity skills gap.

United States Military Academy students Hannah Whisnant and Jayleene Perez spent the last three weeks in a summer internship program learning about cybersecurity at a Silicon Valley startup. 

The West Point Academy cadets, both rising juniors, were the first to participate in the program via security vendor Vidder, which sells a software-defined perimeter security service. West Point is home to the Army Cyber Institute, which was founded in October 2014 as part of the Defense Department's mandate to build a plan to defend the US against cyberattacks.

West Point's Silicon Valley internship program comes at a crucial time for the cybersecurity industry, which has struggled to keep positions filled with skilled professionals. A recent survey by Spiceworks found that 55% of organizations do not have a cybersecurity expert, and a majority have no plans to hire one. The same survey found that out of 1,000 IT professionals polled, 67% said they did not have any security certifications. 

And of those who do hold a job in cybersecurity, just 10% are women

A year after the ACI was opened, Junaid Islam, President and CTO of Vidder, was asked to give a lecture at West Point on Vidder’s security solution of software-defined perimeters. West Point asked Islam if Vidder would like to host West Point juniors and seniors as summer interns. This would be the first time West Point would offer an internship at a startup, let alone at a security startup. 

“It’s new for [West Point] to be working directly with Silicon Valley startups, and new to be sending their cadets right to Silicon Valley companies so they directly understand everything from how do product works, how do they invent it, how do we identify cyberattacks, how do we figure out how to stop them," Islam says. The cadets get to see "the whole lifecycle, and the idea is that this lifecycle will go back into the army’s thinking about how they should think about cybersecurity,” he says. 

Retired Major General Dan Balough, Vidder board member and a graduate of West Point, says the internship is important because it goes beyond the traditional government and Pentagon internships that West Point typically offers.

“I’m hoping this is a door opener -- it will broaden the ability of the Academy to get people out here to what I consider the heartbeat of the 21st century,” he says, referring to the tech revolution currently happening in the Bay Area and Seattle.    

For West Point's Perez, an information technology major at West Point, shipping out to the Silicon Valley for this internship was an opportunity to learn about how civilian network structures vary from a military networks. Both she and Whisnant see the program as a way for West Point to spur interest in the new cyber branch of the US Army. 

Jayleene Perez
Jayleene Perez

While a trip to Facebook headquarters and Big Basin did make their way onto the agenda, this was no vacation for the cadets. They spent three intensive weeks learning about cybersecurity and Vidder’s product, and during the final week, created a report based on their own analysis of everything they’d learned at Vidder. This report will be transmitted back to West Point to go toward an assessment of the cadets in their training to become officers and will remain in their files for the rest of their careers.

Perez and Whisnant spent three days learning how to hack into a fake internal network, which gave them the chance to practice the new skills they had learned at Vidder with hacking tools such as Metasploit and Nmap. Whisnant, a double major in math and computer science, says they also got to see a lot of hacking tools that they are not allowed to use on a Department of Defense-issued computer. That was a lot of fun, she says.

Hannah Whisnant
Hannah Whisnant

They also got a deep-dive into public key infrastructure technology beyond what you can learn in the classroom, and were also taught a little bit about business and how to market a product at a startup.

Gender Gap

Perez and Whisnant weren't fazed by the gender demographics in Silicon Valley. West Point is at about 83% male and 17% female, according to a Forbes college listing based on enrollment numbers from Winter 2014-Spring 2015 school year. 

“I’ve definitely hit a point in my life if I walk into a classroom and I’m the only girl in the room, I barely notice unless someone points it out to me,” Whisnant says.

Says Perez, “It’s just the environment we’re in, it’s normal for there to be like a 20% female and 80% male population.”

Both of these young women also agree that exposure to the cybersecurity field for women is sparse and there’s room to change that.  

“Women are present in small numbers in computer science and IT to begin with,” Whisnant says. “In my life, I've found that if just one parent or teacher takes a moment to encourage someone or suggest they would be good at something like computer science, it really can change their whole life,” she adds.

Perez knows this firsthand: “If it wasn't for my IT105 instructor,” she says, “I would have never considered information technology as my major or consider cyber as a possible [army] branch choice.”

This program is helping train young women -- and likely men, too -- for the dearth of cybersecurity jobs available. It has also opened the cadets’ eyes to new ways of thinking about cybersecurity.

“The most interesting thing I’ve experienced is it’s really broadened my idea of what cybersecurity can be,” says Whisnant. “I sort of had this very set view of like, oh, security is you have a firewall and you have to have a password to get around it -- the breadth of what it can be and what products are available has been good for me to learn about.”

Both cadets were drawn to cybersecurity because of the potential for growth and development in the new cyber branch of the Army.  

“I like that security is a very technical discipline, but also requires understanding of human nature and how people operate. A lot of security is about trying to think like a potential attacker and anticipate their actions, which appeals to me,” Whisnant says.

Perez says there are multiple dimensions to the field. “People normally think that there are two parts of cyber -- defense and offense. I think it's one of the few branches in the army in which you have very diverse jobs you can be doing in order to complete the same mission," she says.

Related Content:

 

Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada July 30 through Aug. 4, 2016. Click for information on the conference schedule and to register.

Emily Johnson is the digital content editor for InformationWeek. Prior to this role, Emily worked within UBM America's technology group as an associate editor on their content marketing team. Emily started her career at UBM in 2011 and spent four and a half years in content ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-35519
PUBLISHED: 2021-05-06
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel i...
CVE-2021-20204
PUBLISHED: 2021-05-06
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbi...
CVE-2021-30473
PUBLISHED: 2021-05-06
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.
CVE-2021-32030
PUBLISHED: 2021-05-06
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_chec...
CVE-2021-22209
PUBLISHED: 2021-05-06
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which resulted in GraphQL mutation being executed.