# Action Plan for Team bi0s First of all a big thanks to Vipin Sir for giving me this oppurtunity to be a part of GCC 2024 event. The following document would highlight the changes I would like to bring in team bi0s so that we being the #1 CTF team and the progressors of student cybersecurity research can start conferences like the one I witnessed at GCC 2024, Thailand. ### My Observations and Viewpoint I have being attending various conferences in India like Nullcon, Null meetups and Bside Bangalore Conferences, meeting new people and sharing knowledge. However the things which are different are as follows: <br> - 1. The humbleness and hospitiality the staff, the trainers and the students bring from different countries is something I have not being able to find in the setups present in our country. Generally, folks in our country keep somekind of a bubble around them and I have students often having difficulties in approaching the speakers/trainers for getting a detailed idea about the topic and their interests. <br> - 2. The quality of trainings provided at GCC is great, the materials and the labs are very much detailed. On an average the classes was for about 5 ~ 7 hours approximately, but the content was like for 5 days and each day should have (5-7 hours). The trainers have given their best in preparing the slides, and somebody beginner like me can easily have a detailed walkthrough and understand the topics. <br> - 3. Sponsors and support for the student cyber research community in different countries is huge. The sponsors of Japan was almost as big as for the GCC event itself. It feels sad that we being a great cybersecurity community is not able to get sponsors from our country. <br> - 4. The projects we did as a part of groupwork was very interesting, it covered various topics from industry viewpoints. ### Changes - 1. We have seen students freely interacting with the speakers in our meetup, and many have been in touch with the speakers after the talks. However in the club we should also start doing the same. It is often seen that there has been riffs between seniors and juniors and it had eventually hampered the progress of the whole team. One reason for these riffs among peers is because of the internal competiton which is good and definitely required, however we should always remember that "**Competition is good but collaboration is even better"**. Something that I would like to propose a solution for resolving conflicts or distances in teams is by doing certain non-technical activities with the team which would eventually be the ice-breaking session and help them open up and start sharing their problems and thus keeping our community becoming better. <br> - 2. Our trainings and talks in our meetups have been setting up a mark. We have brought good quality in the talks and the trainings we have provided in our sessions. However, one thing which is missing is the PPTs and the material sharing to the community. We have been failing for the last 3 meetups in getting the materials from our speakres and then sharing the same to our community. I believe this can change if we can set up a review board whose main job will be to scan through the materials of a talk before the main meetup. We should also start hosting quality trainings on a regular basis on the current trends of cybersecurity demands in the industry. <br> - 3. As mentioned earlier it is a very sorry state to see that we being the top student cybersecurity club in our country, we are not able to pull sponsors to support us in these big events. According to me, the main reason for the same is the companies not knowing and understanding the worth in the investment for cybersecurity followed by the talent pool our team is bringing. It is very true that we have our alumni in all the top cybersecurity firms, which shows that companies are only looking to squeeze the best out of our talent and use it for their benefit. It is not the same in countries outside. They understand the need to support their youth especially in the domain of cybersecurity. At this point it time what I think the main reason is that companies in india do not really understand the worth of cybersecurity, and then again we are also not very good at marketing our achievements. The second point is something we are trying to work upon and try to publicise the meetups. We should be trying to hype about our trainings, talks and achievements in various platforms to expand our reach. As for sponsorors and sponsorship, I would be needing little assistance regarding how to approach the companies and would definitely like to speak with companies about sponsorship from a student point of view. <br> - 4. From the perspective of projects, I would say every lead should find out about the latest cybersecurity research out there and plan out atleast 1 project per month, and a maximum of 2. What I learnt from Shota Shinogi, trainer for LLM web apps was that there is a huge market for tool development out there, and that is something interests me a lot. I would like to proactive take a part in running various projects relating to tool development for various purposes. Other than that the practice of documentation and blogging is very very very very important for a big and talented team like us. It definitely creates a huge impact at these international conferences and also helps to prove the worth of our work. Also writing helps in making the tougher concepts easy for folks out there, eventually helping the cybersecurity community. <br> Chatgpt Summarization # Action Plan for Team bi0s I'm grateful for the chance to contribute to GCC 2024 with Team bi0s, thanks to Vipin Sir. Here are some thoughts and plans: Observations and Insights: #### 1. International Humility and Hospitality: • Other countries show more humility and hospitality among staff, trainers, and students. • Locally, there's a barrier hindering students from approaching speakers/trainers. #### 2. Quality of Trainings: • GCC's detailed and extensive training is appreciated. • Suggest keeping the same depth but optimizing class durations for better retention (e.g., 5 days with 5-7 hours each). #### 3. Sponsorship Disparity: • Other countries have more significant sponsorship for student cybersecurity research. • Recognize the need for more local sponsors to support the cybersecurity community. #### 4. Project Diversity: • Engaged in interesting group projects covering various industry perspectives. Proposed Changes: #### 1. Enhancing Team Dynamics: • Use non-technical team-building activities to address internal conflicts and distances. • Encourage collaboration over excessive internal competition. #### 2. Material Sharing and Review Board: • Set up a review board for timely and quality collection of materials for talks and trainings. • Share PPTs and materials with the community to enhance knowledge sharing. #### 3. Improving Industry Visibility: • Use a simple marketing strategy to showcase the team's achievements and activities. • Promote trainings, talks, and achievements on various platforms to expand outreach. #### 4. Sponsorship Strategy: • Develop an approach to educate companies about the value of investing in cybersecurity initiatives. • Seek assistance on how to approach companies for sponsorship, emphasizing benefits from a student perspective. #### 5. Project Planning: • Assign each team lead the responsibility to identify and plan at least one project per month, with a maximum of two. • Explore tool development projects, considering market demand highlighted by Shota Shinogi. #### 6. Documentation and Blogging Emphasis: • Emphasize the importance of documentation and blogging for impactful international representation. • Stress the role of writing in simplifying complex concepts and contributing to the broader cybersecurity community. In summary, these changes aim to create a more collaborative team, improve material sharing and community engagement, enhance industry visibility, and address the sponsorship gap through strategic education and outreach efforts