By Damian Cristodero
The most important part of being a cybersecurity professional is keeping your instincts and skills sharp, George Mason University alumnus Joseph Workman said.
“It’s like any other professional career,” he said. “You always need to be learning. But in this one, if you don’t keep learning, you can make mistakes, and those mistakes can have serious consequences.”
With that in mind, Workman enrolled in the U.S. Cyber Challenge Eastern Regional Camp at Virginia Tech. After a week of classes and workshops on subjects such as intrusion detection and penetration testing, Workman and two teammates bested five other three- and four-person teams in a competition to exploit a computer system’s security weaknesses.
The prize: a $1,000 scholarship from U.S. Cyber Challenge and a certification test voucher from ISC2, a nonprofit organization that educates and certifies security professionals.
Not bad career burnishing for Workman, 28, who in 2013 earned his master’s degree in information security and assurance from George Mason University and is a network analyst at the Department of Defense.
“As a winner,” camp spokesman Rudy Pamintuan said, “he’s easily identifiable as one of the best in the industry.”
And that, Pamintuan said, is the bottom line for the exclusive camp that lists Lockheed Martin, Microsoft and Homeland Security among its sponsors and invited just 22 participants through an online competition organizers said drew 1,200.
In the camp competition, teams were given 150 questions, the answers to which were buried deep in the computer system to be hacked.
“You had to find individual computers,” Workman said, “scan those computers for vulnerabilities and leverage those vulnerabilities to break into the system and elevate your permissions so you could access things you’re not supposed to.”
To do that, Pamintuan said, competitors “had to go through elaborate mazes from a coding perspective or from a network systems perspective.”
And to do that, they needed to be creative and analytical thinkers, aptitudes Workman showed Damon McCoy, an assistant professor in George Mason’s Department of Computer Science who taught Workman in a network security class.
“He was always engaged and interested in exploring security,” McCoy said.
“One thing I enjoyed was the security laboratory class,” Workman said of his time at Mason. “That kind of hands-on experience is what’s missing from a lot of theoretical degrees and classes. If you’re not typing on a keyboard and getting that experience, there’s just a level of knowledge you don’t have, and that makes the companies you are responsible for more vulnerable.”