The third annual iteration of the Sanford - Palo Alto Cyber Cup is scheduled for October 19 - 23, 2022. Participants should anticipate the following schedule:
- Wednesday October 19, Noon - Scenario Distributed
- Friday October 21, 7pm - Memo Due
- Saturday October 22, Morning or Afternoon - First Round Presentations
- Sunday October 23, Morning - Final Round Presentations (if selected)
Questions? Contact Spencer Reeves at firstname.lastname@example.org.
The second annual iteration of the Sanford Palo Alto Cyber Cup was held from October 23-24, 2021. As the university community took advantage of Duke Cyber Week to learn about cybersecurity and tech policy and its role in a wide array of disciplines and social debates, undergraduate and graduate students were invited to participate in a public policy cyberattack response simulation.
The Sanford Palo Alto Cyber Cup is a partnership between the Sanford School of Public Policy and Palo Alto Networks, a leading incident response, risk management, and digital forensics firm.
This annual competition challenged teams of students to develop and present policy recommendations designed to address a hypothetical, high-stakes cybersecurity scenario. Competitors grappled with both the immediate response to the cyber incident and the social and political fallout the event created. The winning team earned $2,000 and first-round interviews for a cybersecurity internship with Palo Alto Networks.
The inaugural Sanford-Crypsis Cyber Cup was held in October 2020 as a new partnership between the Sanford School of Public Policy and The Crypsis Group, a leading incident response, risk management, and digital forensics firm (now part of Palo Alto Networks).
The competition is designed to challenge teams of students to develop and present policy recommendations designed to address hypothetical, high-stakes cybersecurity scenarios. The 2020 competition centered around a cyber incident targeting Duke Health system days before a high-ranking cabinet official was scheduled to undergo an operation.
Competitors were asked to develop a policy response drawing from federal, state, private sector, and military resources. Uncertainty about the actor behind the attack, adequate response strength, and proper authorities led to a complex scenario that forced teams to think outside of the box and innovate new policy responses.
Finalist teams advanced to a second round, where new developments revealed the actor behind the attack and drastically expanded the risk to US critical infrastructure. Teams had less than 30 minutes to develop a response to the rapidly-evolving scenario, simulating the uncertainty and short response time of an actual cyber incident.
You can read a Sanford article on the winning team here.