Latin America's chance to participate in the great international cybersecurity challenge
What if we could turn cybersecurity learning into a game? What if that game not only taught the skills needed for a career in cybersecurity, but also inspired young adults around the world to participate in this ever-growing field? Perhaps we can do it.
Jessica Gulick & Ioannis Agrafiotis
The soaring popularity of the Internet and the digital transformation of our society provide us with multiple benefits, while at the same time exposing us to an ever-increasing cyber threat landscape. According to Kaspersky's Latin America Threat Landscape 2021, in Latin America alone, cyber-attacks grew by 24% over the first eight months of this year. The report took into account the 20 most popular malware programs, which accounted for more than 728 million infection attempts in the region, 35 attacks per second on average.
The infection attempts by country were: Argentina 10 million, Brazil 481 million, Chile 8 million, Colombia 30 million, Mexico 103 million, Peru 33 million, Ecuador 30 million, Panama 5 million, Guatemala 5 million, Venezuela 4 million, Dominican Republic 2 million and Costa Rica 2 million.
This threat jeopardises not only the privacy of individuals but also national security through attacks on government agencies. It is also worth noting that cyber-attacks can be used to increase the leverage of certain countries or even to encourage confrontation between nations.
In view of this reality, it is imperative to work towards developing greater capacities to tackle risks and threats. To this end, education and training of future generations is essential to build an increasingly safe cyberspace.
In her opening address at the sixth edition of Cybersecurity Summer 2021, organised by the National Cybersecurity Institute (INCIBE) and the Organization of American States (OAS), the Executive Secretary of the Inter-American Committee Against Terrorism (CICTE), Alison August Treppel, noted that Latin America has had one of the fastest growth rates of Internet users since the beginning of the century and currently more than 60 percent of the region's population has access to the Internet. Furthermore, over the years there has been a worldwide rise of cyber-attacks, which are becoming increasingly sophisticated.
On the other hand, according to the International Information Systems Security Certification Consortium (ISC2), there are currently more than three million unfilled cybersecurity job vacancies globally and in the Americas alone, there is a shortage of more than 600,000 qualified cybersecurity workers.
This growing activity and reliance on digital platforms, coupled with a shortage of cybersecurity manpower, illustrates the importance of promoting both cybersecurity awareness and cybersecurity training in the region.
In order to address this reality, the European Union Agency for Cybersecurity (ENISA) has organised the ICSC Athens 2022 - the International Cybersecurity Challenge - to be held next June.
The aim is to develop cybersecurity skills, promote learning among young adults and place cybersecurity at the service of humanity. In addition, to contribute to bridging the gender gap, this international competition seeks to attract female talent to the world of cybersecurity. The need for public and private policies to recruit more women in the sector is reflected by the Latin American applicants' gender gap: 75.8% of the total number of candidates are male and 24.2% are female.
The Latam Steering Committee will select and train a team of fifteen participants and five backup members up to 26 years of age, amateurs or students of cybersecurity, with diverse skills to face the challenges they will have to address, such as the use of applications and web systems, cryptography, reverse engineering, hardware issues and forensic analysis, among others. In the first edition of the ICSC, the teams will attack and defend each other in a pre-defined network structure.
The Latam Steering Committee hopes to attract the best cybersecurity talent in Latin America and expects the ICSC to become one of the world's leading incubators of cybersecurity companies and future top level security experts.
To proceed on the road to Athens, the pre-selection of Latin American applicants includes, among others, the following stages:
A workshop stage to assess the competencies and skills of all applicants.
A skill and competence test to select the best fifty participants.
A CTF preparation workshop.
The last stage will consist in the selection of the final fifteen members of the Latin American Team, to which five backup players will be added.
A 2021 ESET security report for Latin America states that cyber threats are growing in number, complexity, and diversity, which together with the pandemic have increased the risk of suffering an incident. In this context, in order to achieve information security goals, not only technological controls and management practices, but also education and awareness of security issues are of paramount importance. Informed and trained users have more tools to make better decisions.
In this scenario of escalating danger, generating greater interest in the professionalisation of the sector is the best way to turn cyber threats into opportunities.
Gladys Martinez is a Specialist in Data Mining and Knowledge Discovery and a Specialist in Computer Security. She teaches at the University Degree in Cyber Defence Management at the Armed Forces War College, collaborates with the Argentine Observatory of Cyberspace, and currently serves in the General Board of Research and Development of the Argentine Air Force, with the rank of Major. She is a volunteer for Argentina Cibersegura and is responsible for the Gender Commission of Proyecto Aurora.