2. Playing capture the flag

For games of cybersecurity capture the flag, students use their knowledge of IT security to collect points, instead of running for physical flags. Often, teams pick challenges displayed in tiles like on the quiz show Jeopardy, with subjects like forensics or cryptography. Typically, contestants are searching for a specific string to enter into an answer field, showing they answered the question or solved a problem, picking up a “flag.” The competition is designed to allow organizations to test contestants’ practical knowledge in an accessible format, according to Arizona State University. That university has organized an annual capture the flag event for the annual Defcon conference since 2018.

Cybersecurity groups, higher education institutions and companies use the format. Purdue University Global is running a capture-the-flag competition for cybersecurity awareness month in October. Carnegie Mellon offers picoCTF, a free cybersecurity education program available year-round.

Colin Wood

Written by Colin Wood

Colin Wood is the editor in chief of StateScoop and EdScoop. He’s reported on government information technology policy for more than a decade, on topics including cybersecurity, IT governance and public safety.

Latest Podcasts