Carnegie Mellon University

National Cyber Analyst Challenge

November 14, 2016

CMU wins 2016 National Cyber Analyst Challenge

National Cyber Analyst Challenge

By Jessica Corry

Pittsburgh, PA  – A team of Carnegie Mellon University (CMU) graduate students won the 2016 National Cyber Analyst Challenge (NCAC), a three-month competition developed to fill the ever-growing need for cyber analysts.  

The Carnegie Mellon team consisted of four H. John Heinz III College Master of Science in Information Security Policy and Management (MSISPM) students – Jennifer Urgilez, Sara Mitchell, Krishna Chirumamilla, and Daniel Widya Suryanata –and one Information Networking Institute (INI) Master of Science in Information Security (MSIS) student, Jennifer Burns.

After advancing to the NCAC final round on October 27-28, Carnegie Mellon’s team had six hours to analyze 80GB of data and find out what happened in a real-world, cybersecurity-breach scenario. 

“We were put in a room for 6 hours and 15 minutes and provided with incident response artifacts,” explained Urgilez. “We were told to identify what the Advanced Persistent Threat did on the fictitious company’s network, analyze the incident and present it to the C-suite.”

The “C-suite executives” were in fact a panel of industry experts, including a former advisor in the Bush and Obama administrations. Carnegie Mellon’s team scored highest in technical proficiency, judgment, and communication, and was awarded $25,000 as the winner of the second NCAC.

“Carnegie Mellon was definitely considered the team to beat by many during the challenge,” said Burns. “I am extremely glad, but not surprised, that our team was able to live up to the Carnegie Mellon name and come together to secure the school's first win in this competition!”

Fostering Cyber Talent 

The multi-phased competition – powered by Leidos and administered by Temple University’s Institute for Business and Information Technology (IBIT) – culminated in the real-time practical challenge involving teams from 10 universities. 

According to Chris Kearns, senior vice president of enterprise and cyber solutions at Leidos, the Carnegie Mellon team demonstrated amazing skill to connect the dots in this real-world scenario.

“The skills required to win these contests mimic those needed by governments and businesses alike to anticipate and prevent cyberattacks on a variety of technologies – including those in critical infrastructure,” said David Brumley, director of Carnegie Mellon CyLab.

An Interdisciplinary Approach

For Chirumamilla, one of the key takeaways was the opportunity to analyze real-world data.

“The challenge is not entirely based on the technical end, it’s more geared towards analysis,” he said. “The NCAC’s philosophy is that there are a lot of great technical tools out there but very few analysts who can quickly analyze the data.”

“I wanted to test more than my technical abilities,” added Mitchell. “Being able to explain what you did and why you did it to key decision-makers is much more significant.”

Indeed, the team’s advisor Joseph Mayes, an adjunct professor at Heinz College, explained the NCAC competition is not just a ‘capture the flag’ or ‘my hack is better than your hack’ type of event. 

“What business and government are looking for these days is someone who can take the technical information about cybersecurity incidents and explain it in a way that non-technical people can use to decide what to do about the attack,” said Mayes, who is also a technical staff member in the Software Engineering Institute’s (SEI) CERT Division.

Collaborating Across the University 

The interdisciplinary nature of the NCAC is exactly what made it an ideal fit for Carnegie Mellon students. With a team drawn from two colleges at the university, CMU’s students had a diversity of skills that proved advantageous in the competition. 

“What set our students above the rest was the team’s possession of both technical skills and business and management expertise,” said Dena Haritos Tsamitis, director of the INI. This was exemplified by the team’s ability to explain, in plain English, what happened in the cyberattack to the company’s top leadership.

In addition to providing a platform on which to develop their cyber analyst skillsets, the competition also enabled students to flex their leadership and teamwork abilities.

“I’m really proud of the work that our students did on a tight deadline,” said Andy Wasser, Associate Dean of Heinz College’s School of Information Systems and Management. “The students effectively diagnosed the breach and discovered the root cause of the threat. They then prioritized a set of remedies to best address the risk and minimize future incidents.”

 “To be able to do all of that, and then present that information to C-suite executives, is reflective of the skills that all of our students learn here at Heinz College."

Building the Cybersecurity Workforce 

Three team members will soon be applying these skills in the ranks of the federal government’s cybersecurity corps. Mitchell, Urgilez and Burns are recipients of the CyberCorps Scholarship for Service (SFS), which offers a full-tuition scholarship, funding for professional development, books and a generous stipend for living expenses in exchange for government service upon graduation. 

“Success in the NCAC competition is just one example of how the INI and Heinz programs develop cybersecurity experts well-positioned to tackle the challenges faced by government,” said Tsamitis, who leads the SFS program at Carnegie Mellon as principal investigator. 

Photo Caption: (From left to right) Krishna Chirumamilla, Daniel Widya Suryanat, Jennifer Urgilez, Jennifer Burns and Sara Mitchell.

Leidos/Temple University Press Release: Carnegie Mellon University Wins National Cyber Analyst Challenge

About the National Cyber Analyst Challenge

The National Cyber Analyst Challenge, in its second year, is sponsored by Leidos, in conjunction with the Institute for Business and Information Technology (IBIT) at Temple University. For more information see