Feds to compete for cyber glory at fifth annual President's Cup

As the 2023 President’s Cup cybersecurity challenge registration is nearly complete, officials running the contest talked about the goals of the competition and the role it plays in recognizing burgeoning cybersecurity talent within the existing federal workforce.

Mandated in 2019 by former President Donald Trump’s executive order on cybersecurity, the fifth iteration of the Cybersecurity and Infrastructure Security Agency-hosted competition is underway, with team registration closing Jan. 24 and individual registration closing Feb. 6. Federal employees compete individually or with a team to complete a series of games designed to simulate common cybersecurity threats. 

Michael Harpin, the competition's section chief at CISA, described the objectives of the long-running challenge as a unique opportunity to recognize federal talent.

“So that's what the competition's main goal is…to really highlight those individuals that are within the federal workforce,” Harpin told Defense One sister publication Nextgov/FCW. “That gives them that opportunity to recognize their skills and just be put on a pedestal that they don't typically get to just by the nature of the work.”

In addition to highlighting talent with the government, the challenge also aims to continue educating public sector employees about cybersecurity fundamentals, modeled after CISA’s Workforce Framework for Cybersecurity. While the game mimics cyber attacks and system vulnerabilities, Harpin said that it is designed to be playful and engaging, citing examples of hacking into a casino or defacing movie review websites. 

“It's not just going in and hacking into a machine, there's also what are some of the best practices that are within the cybersecurity workforce, you know, and that's some things we can check in that makes us a little unique, because we can focus on those defensive skill sets,” he said. 

All federal employees, other than contractors, are eligible to compete. Harpin said that teams from the Department of Defense—specifically within the Air Force, Army and Navy—often compete, but noted that recently other agencies like the FBI and Postal Service have entered. 

“We do want to have some fun with the participants and not to make it too regimented,” Harpin said. “But we do also want to focus that these are real-life skills and tasks that they would have to do within a cybersecurity workforce.”