One drawback to cybersecurity competitions is that they're not terribly realistic, contended Stackpole. "The time frame is very limited," he said. "That requires those who are trying to break into the infrastructure a little more overt and little less covert."
"If this were an actual player -- someone really interested in breaking into your infrastructure -- the chance of them being 'loud' if they're trying to remain undetected is very low," he said.
Realism is less important for these kinds of exercises than communication, contended security guru and author Bruce Schneier. "The goal isn't be realistic; the goal is to be an exercise," he said in an interview. "I'm glad they're doing it. This is how we learn stuff."
"The fact that they're talking to each other is great," Schneier said.
Sign up for CIO Asia eNewsletters.