Cybersecurity in Singapore. PHOTO: Cybercrime Magazine.

First Capture The Flag Competition For Girls In Singapore Reinforces Diversity In Cybersecurity

CTF events are a great way to provide employers an excellent opportunity to find skilled new talent and encourage newbies to enter the industry

Magda Lilia CHELLY, Ph.D., CISSP

Singapore — Jul. 26, 2019

As cybercrime and cyber-attacks become more popular and gain in complexity, there is an absolute talent and skill gap within the security arena to manage the substantial amount of attacks, for all organizations out there. The industry has also been known for an important gender gap with only approximatively 20 percent of female professionals. Even though the number has increased slightly during the last years, it remains small. 

One strategy that can immediately reach results and provide practical support is Capture the Flag (CTF) competition.

What are Capture the Flag events?

CTFs are information security competitions where participants are challenged with several scenarios, requiring various skills with different levels of complexities. Common types of CTFs include Jeopardy style, attack and defend, or a mix of both. In most cases participants are looking for “flags” — user flags or root/admin flags — in vulnerable systems to prove they have exploited certain vulnerabilities. These competitions are usually played with a team of people, but oftentimes individuals participate as well, looking to gain the most points during the competition.

While a number of these competitions are geared towards skilled hackers, new professionals and individuals who are passionate about learning are also afforded the opportunity to participate. CTF events are a great way to provide employers an excellent opportunity to find skilled new talent and encourage newbies to enter the industry.

What happened in Singapore on July 13, 2019?

On July 13, Singapore saw its first CTF For Girls event organized by Dr. Magda Chelly, managing director of Responsible Cyber and founder of the Women in Security (WoSEC) Singapore Chapter. With the support of the Cyber Security Agency of Singapore and industry players, more than 40 attendees participated to include 25 female players. This CTF event was organized to bring together female excellence and to ensure we promote egalitarian opportunities in the cybersecurity industry.

The CTF was hosted on a private lab sponsored by Hack The Box, an online UK based hacking platform. Players were expected to hack into 10 machines of varying complexity in just a few hours. By the end of the event, 3 ladies were victorious winning the competition. 

“This event was the first of many where women, girls and other cyber enthusiasts can come together to have a fun, enjoyable time and participate in a CTF event and learn,” said Chelly. “It will inspire and motivate younger talent to discover the cybersecurity space and relate to industry role models. The event will continue to showcase available talents, allowing organizations to build more diverse teams.” Several of the students that participated in the competition were happy to participate to showcase their skills and learn from other participants.

The CTF event not only helped the attendees to expand their skill set, but also provided a friendly environment where they could train, learn, and excel in their capabilities! It helped to bring a new aspect and approach to cyber where activities are fun, exciting, motivating, and inspiring.

CTF participants had the opportunity to hear from Ms. Sim Ann, Senior Minister of State; Ministry of Communications and Information; and  Ministry of Culture, Community and Youth, who stopped by to show her support to increasing diversity in the information and communications technology (ICT) industry and encourage more women to join.

Other distinguished guests included Selwyn Sean Scharnhorst, director, Ecosystem Development Division for Cyber Security Agency, who stated, “CSA is glad to support WoSEC Singapore’s first Capture the Flag for Girls. Women are underrepresented in the technology sector and such efforts help. As cyber threats continue to grow in scale and sophistication, Singapore needs talented, passionate, and skilled women and men working together in strong and diverse teams to tackle this issue.”

Reuben Sinclair, cybersecurity director for Asia Pacific and Japan at Micro Focus, presented the top 3 winners with prizes including credits to Azure conference tickets, free access to RastaLabs, swag, coaching sessions with Responsible Cyber and certification exam vouchers for continued education.

And the winners are:

1st Place – Ms. Chor Jia Yee

2nd Place – Ms. Chia Le Jing

3rd Place – Ms. Zheng Jia Wen

“I enjoyed myself at the CTF and am glad that the event encouraged women to come together, develop our technical skills and share our experiences,” said Ms. Chor Jia Yee.

All three winners demonstrated skill sets and abilities that directly translate to skills needed on the job. The 1st place winner hacked all 10 machines in just a few hours while the other two ladies showed a profound knowledge of understanding vulnerabilities and how to exploit them.

Reuben Sinclair added encouraging diversity and inclusion by being interviewed with Magda Chelly – WoSEC Singapore founder: “I feel that there is a much stronger technical bias than there is a gender bias. For men to believe that women are less technically skilled or qualified based on their gender is wrong. To state that there are fewer women in cyber and therefore less technically skilled women in the cybersecurity workplace (in numbers) is accurate today, but this should not be perceived as evidence that they are not capable of doing so. Simply rather, it’s evidence that they have not been encouraged and supported in doing so.”

This event would not have been possible without the support of the community including CSA, WoSEC, CyLon/ICE71, Micro Focus, RSA, Yogosha, BSides Singapore, Responsible Cyber, Secucial, WWCode (Women Who Code) Singapore, Jacq Leigh and Hack The Box. Through these partnerships, we are able to reach more women and encourage them to play!

– Magda CHELLY, Ph.D., CISSP is the Managing Director of Responsible Cyber Pte. by day, and a cyber feminist hacker by night.