Chris Haller loves capture the flag competitions (CTFs). The University of Maryland Global Campus (UMGC) graduate, who received his B.S. in Computer Networks and Security in 2017 and M.S. in Cybersecurity Management and Policy in 2020, frequently enters these cybersecurity events where individuals compete in security-themed challenges for the purpose of obtaining the highest score.
“They are a huge plus for my career,” he said. “They allow me to hone my skills and they compel me to apply what I’ve learned.”
Haller, the director of Professional Services at Centripetal Networks in Portsmouth, New Hampshire, added that cybersecurity competitions are one of the biggest things he looks for when he hires for his company. “CTFs can help bridge the experience gap for new grads trying to break into cyber,” he said.
Haller’s passion for cybersecurity started young. Driven by his own curiosity, he was always interested in computers and video games. “I was lucky enough to find a position with the Navy to provide formal training,” he said.
Haller’s early enthusiasm for computers, combined with his professional experience in all things cyber, has paid off. He recently captured first-place in the National Cyber League Individual competition, a twice-a-year performance-based collegiate cybersecurity competition that draws more than 6,000 participants.
The National Cyber League, a mission-driven organization that focuses on preparing the next generation of cybersecurity professionals, is known in the competition world as offering some of the most challenging events. For Haller, the biggest challenge is time management and accuracy.
“Entrants are required to answer questions across a three-day period, so it requires a significant time investment,” he said.
Haller’s competition experience has led to on-the-job success, as he and his team address some of the biggest challenges of the day, notably to proactively block advanced threats before they can damage networks.
“At Centripetal we’ve found a way to do this by ingesting cyber threat intelligence, which tells us which IPs and domain names are malicious, and we stop it at the perimeter,” he said. “By stopping attacks at the reconnaissance stage, we prevent malicious attacks downstream.”
Haller believes more cybersecurity teams need to adopt this approach of blocking known malicious threats before they reach the perimeter. “
Every organization that manages a security information and event management system (SIEM) can see millions of alerts every day about the attacks launched against their environment. There is simply no way for a human to review them all,” he said. “Blocking with intelligence about known malicious activity on the internet reduces the number of alerts in the SIEM to manageable levels, making it easier to investigate for malicious activity.”
With billions of threat alerts bombarding defense organizations every day, Haller believes that the industry should be more proactive in its approach—using designated hit lists to block known bad actors from the web and free up time and energy to go after as-yet-unidentified threats.
When he’s not honing his skills in cyber competitions or researching nation-state bad actors damaging organizations around the world, Haller enjoys providing value to customers through professional services, such as penetration testing and incident response. Down the road, he hopes to give back.
“I would like to see myself in a teaching position as well, helping others understand the things I’ve learned on how to protect networks from attacks,” he said.