Ever wondered about the people behind Project Ares’ development? How does Circadence identify and develop learning curriculum material to benefit today’s cyber professionals? The crux of the strategy stems from the talents within our own Circadence family and is the driving force behind this “Living our Mission” article. We are sharing the unique talents of Megan Daudelin, Team Lead of Curriculum Development for our flagship gamified learning platform, Project Ares. While one might expect that a cyber background is critical to any tech-focused role in a security company, Megan would argue that having a strong understanding of learning theories, experience teaching cyber subjects, and placing oneself in the customer’s shoes equally weigh in importance to successfully build rich cyber curriculum into our products.
Blending Forensics, Hospital Security, and Cyber Education
Megan has a rich history in the cyber security industry, which started after she graduated with her bachelor’s degree, and continued as she worked full time while completing her Master’s in Digital Forensics Management from Champlain College. Prior to Circadence, she served as a Digital Forensic Analyst at ManTech and Information Security Content Analyst at Tenable Network Security. She also worked as a Network Security Analyst at New London Hospital between her stints at ManTech and Tenable, monitoring networks and medical devices in accordance with HIPPA. Those experiences helped her learn the importance of understanding an end-user’s behavior to identify and investigate digital evidence.
Her career as a digital forensic analyst revolved around gathering and interpreting data. She recalls a previous job where she was responsible for writing up a narrative around a customer by referencing only the information available in a customer’s device. She would get a sense of the day-to-day digital life the user led to understand who and how that person was using the technology.
“That’s the part I liked, taking a vast amount of information and drawing the lines through the ‘dust cloud’ of data to figure out the connections between everything and turn the ‘cloud’ into a digestible amount of information.”
As Megan embraced new skill acquisition on the job, she grew to appreciate how problem-solving played a critical role in managing threats for her employers and their customers.
It was her passion for identifying the tools and techniques that best helped harden security posture that led her back to the classroom as an Adjunct Professor at her alma mater, Champlain College, to help groom the next generation of cyber professionals. Her professional experience across multiple disciplines in cyber, from digital forensics to network security to ethical hacking and incident response, allows her to teach courses on a variety of cybersecurity disciplines—a job she still does today.
Using Teaching to Inform Cyber Learning in Project Ares
Over the last two years, Megan has taken her love for teaching and applied it directly to the innovation within Project Ares. She is able to see how her students learn best whether through direct, hands-on experiences or learning from peers, and she applies those observations within a customer’s experience in the platform. All of this comes with the understanding that she must remember not to get “too deep” into one thought pattern, to maintain the “10,000 foot view” as she puts it, so that she can build cyber learning curriculum that is cross-disciplinary and cross-functional.
Megan put her cyber and teaching skills to the ultimate test at the Microsoft Ignite “Into the Breach” cyber defense experience in November 2019. She helped design six custom-built Battle Rooms in Project Ares that were used in a competition-style activity among event registrants. The battle rooms provided a gamified learning approach to teach cyber professionals about Microsoft Security Tools. Megan used the Project Ares virtual environments to create a hands-on, experiential learning activity that focused on problem-solving using Microsoft tools. By adopting the end-user’s perspective, she was able to help the players through the maze from the home page of the Project Ares interface down to the data they were looking for to find the answers they needed.
“It was quite the adventure learning all these new security solutions and organizing them into a cohesive storyline. We weren’t asking independent questions to teach TTPs in a silo. Instead, we were walking the players through a single attack pattern. The narrative was knit together so that they could understand that the tasks in the Battle Rooms were related to the progressive arc of a full-scope attack and there were different points along the kill chain where the Microsoft tools could help to identify, analyze, and respond.”
As Megan works hard to build learning curriculum into Project Ares, she can’t help but think about what lies ahead for the cyber security industry.
“I hope the prioritization of training and education continues to increase; I hope the prioritization of security as a pillar of someone’s organization continues to get recognition. I think we’re coming out of a phase where organizations felt that they could just ignore the elephant that’s stomping around their data center.
I’m hopeful we’re moving into a time that people are becoming more aware of their organization’s digital activity online…. not just in a check-the-box periodic program kind of way, but in the sense that cyber security readiness and training has ongoing funding and cross-function collaboration. The industry is moving toward recognition that this is where priorities lie.”
It is this kind of forward-thinking mindset in employees that helps Circadence deliver state-of-the-art products and we are incredibly proud to have Megan within the Circadence family!
After serving in the Coast Guard and learning IT, Matt Surprenant applied his technical abilities to the academic community, building out cyber ranges for students to practice their tradecraft in virtual environments. Managing virtual labs for 250-500 students wasn’t an easy job by any means, but it certainly gave him invaluable insight into how learning occurs to best train today’s cyber enthusiasts (tomorrow’s frontline defenders).
“At Champlain I grew from a student at the Helpdesk, to deploying software in physical labs, to managing virtual labs. After spending a decade at Champlain College, enjoying the collegiate atmosphere working and learning, I transitioned from creating virtual computing environments at Champlain to virtual ranges at Circadence.”
For more than 11 years at Champlain, Matt performed many cyber roles (help desk technician, imaging applications analyst, and academic service administrator) that informed his understanding of opportunities for innovation, and what is needed to train the next generation of cyber professionals. He was able to take that experience and apply it at Circadence for enterprises looking to embrace modern ways to train their own cyber teams and harden security strategies.
Creating Space for Productive Cyber Learning
For the past three years, Matt has been responsible for constructing Battle Rooms within Project Ares. Battle Rooms are the training simulation environments where users learn the tools, tactics, and procedures of cybersecurity before entering the next “level” of activities in Project Ares called Missions. Battle Rooms allow users to train and hone their skills before entering a simulated scenario environment with multiple components, narrative backstory, and where deeper application of skill comes into play.
Currently, Matt manages the logistics for Battle Room development, guiding his team on project priorities week-by-week and acting as a liaison for the Content / Cyber Curriculum Team. Alongside the Curriculum team, he works to determine what the training outcomes are in each of the Battle Rooms. On the technical side of Project Ares, Matt ensures that the automation of environments and the logistics are working correctly. He enjoys developing content that guides a player along a cyber learning pathway, so they learn multiple skills from performing reconnaissance to enumerating networks. The Battle Rooms are particularly fun for him to build out because he sees them as “small spaces that teach specific concepts” and help inform a cyber work role a player might want to learn more about.
Since Project Ares’ debut, customers have greatly informed the kinds of Battle Rooms Circadence develops. After all, it is about the customer having the ability to train according to their specific cyber needs, so this strategy works out well for team members like Matt.
“I’ve really enjoyed developing the CTF (Capture the Flag) content for our customers. The customer gave us a walkthrough of their expectations, showed us some pre-made content, and shared ideas of how to configure the different pieces of technology. We [the BR team] worked up a functional configuration and validated playthrough based on our understanding of the customer’s expectations. It was incredible to see how successful the team could be playing to each other’s strengths in order to meet a customer’s request. The icing on the cake was that the content was very well received by the customer.”
Observations from Microsoft Ignite
Matt was able to lend his cyber expertise at the Microsoft Ignite “Into the Breach” cyber defense experience in November 2019. Five custom-built Battle Rooms in Project Ares were used in a competition-style activity among event registrants. The battle rooms provided a gamified learning approach to teach cyber professionals about Microsoft Security Tools.
“I was really excited to see how well the content in the Battle Rooms blended into the background as the purpose of the event was really to introduce registrants to Microsoft Security tools using a gamified environment.”
Matt noticed registrants were curious to understand how to use these cyber tools in their own profession. The capability for Project Ares to deliver this educational experience to end-users, Matt reflects, was a huge benefit to see how learning unfolded.
Advice for the Next Generation of Cyber Professionals
“Trust but verify.” Those are the simple words Matt says he would tell any aspiring young professional interested in entering the field of cybersecurity.
“It seems like a simple statement, but I’ve found many security professionals don’t necessarily practice what they preach. Develop personal habits that help you professionally. A simple one is to constantly validate or fact-find when you’re told something. Ask questions! Does that update process actually work as you think it should? Should that application actually make web requests? Develop an inquisitive nature that will allow you to bolster claims with factual findings.”
For Matt, that inquisitive mindset occurred in high school when he found system administration was an interesting discipline.
“I started a high school club where one day a week we would “re-image” a writing computer lab with images that had games pre-installed and have a “LAN (local area network) party”. Club members (mostly my friends) would get together and play video games on the freshly reconfigured computers for a couple of hours. At the end of the event, we would reset the lab back to a writing lab. Sometimes there were minor hiccups that users (other students) would run into afterward. I enjoyed helping those users fix the issue, but I also enjoyed identifying how we could make it better next time we re-imaged the lab. That’s kind of what information/cybersecurity is for me – identifying weaknesses in configuration, policy, or procedure and making a change to mitigate that weakness.”
It is that kind of curious approach to building cyber learning into our products that helps Circadence deliver state-of-the-art learning tools today. We are incredibly proud to have Matt as part of the Circadence family!
As state and local governments shift operations to the cloud, it is more important than ever to stay on the front lines of cyber defense as cyber pros figure out how to secure cloud-based applications being used by employees.
Speaker Wade Walters will discuss:
- Why government agencies are adopting cloud computing
- What security challenges governments face when shifting to the cloud
- Top security strategies to consider to encourage persistent cyber skills development
What You’ll Learn
- Why cloud-based training is the future of cyber learning for government security professionals
- How the cloud shift will impact cybersecurity in the government sector
- How leveraging Project Ares in the cloud scales departmental security training
Who Should Attend?
Government sector cyber professionals, defenders, and team managers/leaders looking to embrace cloud-based cyber training to prepare against threats that emerge from rapid adoption of the cloud.
To celebrate National Cyber Security Career Awareness Month in November, we’re highlighting the many ways that aspiring cyber security professionals and career changers alike can enter the field with confidence and competency.
To start, join us as we share tips and recommendations for learning cyber at every stage from basic comprehension to skills application.
Speaker Dr. Dan Manson will discuss:
- Current landscape of cyber workforce (from the skills gap to diverse work roles)
- Where to start learning about cyber security (resources, tools, experiences)
- How to develop the technical and hands-on skills needed for any cyber job
What You’ll Learn
- How to find resources for learning cyber at any knowledge-level
- Where to develop basic and advanced cyber skills using digital and on-demand platforms
- How to develop a holistic cyber skill set to impress prospective employers
Project Ares Demo with Brian Sheridan
Interested in learning more about our gamified, immersive cyber learning platform Project Ares?
Join Brian Sheridan, Sales Engineer at Circadence, to watch an in-depth overview of our flagship product and start your journey to improve cyber skills!
What You’ll Learn
- What the Project Ares platform looks and feels like from a cyber learning perspective.
- How Project Ares training activities progress learning with cyber games, battle rooms and team-based missions.
- How you can incorporate Project Ares into cyber training for yourself, your organization, or your team.
“Cyber for All” philosophy whereby everyone can and should learn cyber concepts, topics, and skills. To start, join us as we overview our cyber security family of products suitable for virtually any department in your organization. Stay proactive, perceptive, and protected against looming threats – because successful security awareness can’t be siloed to the IT team anymore.
Speaker Brian Sheridan will discuss:
- What today’s cyber challenges are and how they impact Security and HR professionals
- How cyber learning can be more-readily embraced across departments
- Why persistent security awareness training is the go-to strategy to combat threats
What You’ll Learn
- How to build a strong cyber posture across all departments
- How gamification can engage cyber learners of all knowledge levels
- How the ever-changing cyber landscape is impacting business’ security strategy