Jack Cable, a current senior technical advisor at the Cybersecurity and Infrastructure Security Agency who joined the Defense Digital Service at 18, had just revealed to a room full of kids that the first vulnerability he ever found could have put thousands of dollars into his bank account.
It was hard for the students to believe that at 14, having identified a software bug at a bitcoin company that gave him the ability to obtain infinite money, Cable didn’t take any of the $12,814,758,696.00 he hacked into his account. Instead, he did the right thing, told the company and earned his first bug bounty. The immediate payout wasn’t as much, but Cable left with a bigger takeaway — that he could use his skills to help the world.
Cable was the opening keynote at the recent Youth Conference of Network Defendes (Y-CND). Hosted at Code in the Schools’ North Avenue headquarters, this full-day conference gave middle and high school students hands-on experience with cybersecurity concepts. Imagined as the “kids version” of “grownup” annual conferences like DEFCON and BSides, Y-CND built excitement around career opportunities in the cybersecurity field through three tracks — offensive red team technical, defensive blue team technical and green team soft skills — and culminated with a Capture-the-Flag challenge.
Y-CND is the realization of the many years that Joy Huggins spent on cyber’s frontlines as a military veteran and cybersecurity professional. Huggins is the founder of the Network Defender Academy, which teaches middle and high school students the fundamentals of cybersecurity, and Hack Joyously, a confidence-coaching program for women and minorities.
The need to grow the cybersecurity workforce is as clear and present as the threats faced by networks and nations. The National Institute for Cybersecurity Education reports that there are 714,000 jobs currently open in the US, while the 2022 (ISC)2 Cybersecurity Workforce Study notes a reported global shortage of 3.4 million cybersecurity workers.
In other words: It’s a massive opportunity for a new generation to level up economically.
But beyond skills, Huggins seeks to provide the mix of curiosity and inspiration so often key to unlocking new careers in technology. To provide it, educators must commit time and build trust. Huggins learned that lesson in 2014 when she volunteered at a second chance program with juveniles on probation.
Huggins was at the forefront of both sides of cybersecurity, serving in the military and freelancing as a pentester for gaming and mobile security applications. But the kids weren’t immediately taken. It took six months for one of them to ask her what she did for work. Only through relationship-building did she eventually pique their interest. These casual conversations evolved into a program to build cybersecurity skills.
“This all started from the impact I was making just from being present — they asked me what I did and were way more interested than I thought they would be,” said Huggins. “You know how you make cybersecurity interesting? You don’t use buzzwords like ‘cybersecurity.’ You use hard words like ‘hack’ and ‘miscellaneous’ and ‘bypassing’ and ‘social engineering’ and then explain what that is.”
After attending all of the big cyber conferences over and over again, Huggins realized a major flaw in most cybersecurity training programs focused on youth engagement: through a lecture-based approach, they miss the opportunity to get kids excited through hands-on experiences.
“What is unique in cyber is that we have the ability to affect the world while we teach it,” said Huggins. “A lot of the other industries don’t get to affect the world while teaching — a doctor has to practice on a model for 13 years before they get to do anything.”
She believes cyber must be immersive and hands-on from the start. It’s not an academic pursuit, but a trade. Training cyber professionals with the same methods as HVAC technicians or electricians would change the way schools, companies and other institutions view the opportunity and the career path.
Cable — who was recognized on Time Magazine’s list of the 25 Most Influential Teens of 2018 and did work for the Pentagon, the Marines and other agencies all before he turned 21 — agrees.
When he first started coding, he was excited about the ability to create websites, games and apps by “telling the computer what to do.” It was fun, but he also knew he was learning. Eventually, he saw a massive real-world impact beyond the screen.
“The more I got into web development and teaching myself cybersecurity, I realized that I could be finding vulnerabilities that in the wrong hands could be used to cause a lot of damage,” said Cable. “I felt I could really make an impact by telling companies about these bugs so they could fix them and better secure their systems.”
An advocate for ethical hacking, Cable had a deep discussion with the students about why doing the right thing is important. The reward, he said, wasn’t about being able to steal a lot of money by exploiting the vulnerability he found. Rather, it’s the impact of really helping people through your career.
What is unique in cyber is that we have the ability to affect the world while we teach it.Joy Huggins
“They need people like us, young people who can be technical and creative, who know where to hunt for vulnerabilities, know how to secure things,” Cable said during his keynote. “That’s how, as a nation, we’re going to be able to do a better job: They need us to help defend against what’s out there.”
Now set to be an annual conference, this year’s Y-CND had a big impact on the young people that came to participate and set the spark for more. Huggins shared that she spoke with three young girls at the end of the day who came all the way from Northern Virginia to attend.
“All they wanted to know about was what’s next,” Huggins said. “They wanted more, when were we going to host the next event — everyone participated in the Capture-the-Flag until they got all the questions. They were living my dream right in front of me.”
At the same time, Huggins sees that there is much more to do, and many more people in the growing and deeply networked Maryland cybersecurity professional community to engage.
“This is a communal effort. I’m a millennial, and as millennials our grandparents were grassrooters and we value our grandparents,” said Huggins. “Whatever you can provide, wherever you can impact the most, get involved. We can bring cybersecurity to Baltimore, we just got to get together and make it happen.”
This guest post is a part of How to Get a Tech Job Month of Technical.ly’s editorial calendar.
Before you go...
Please consider supporting Technical.ly to keep our independent journalism strong. Unlike most business-focused media outlets, we don’t have a paywall. Instead, we count on your personal and organizational support.
Join our growing Slack community
Join 5,000 tech professionals and entrepreneurs in our community Slack today!