homepage
Open menu
Talk with an expert

Terms of Service

Please read these terms and conditions and our Privacy Policy and Cookie Policy carefully before using this site or registering for the 2024 Governor’s High School Cyber Challenge (“Program”). These terms tell you the rules for using this website https://www.sans.org/mlp/ghscc-michigan/ and the rules and eligibility criteria for participating in the Program

Our terms of service are backed by our policy framework, including our privacy and cookies policy. This document will be updated as the site and services it provides access to are changed.

By using this site and choosing to register for the Program you agree to these terms and associated policies referred to above. If you break the rules outlined below and in the detailed policies referred to above, we may suspend your access to the Program and its associated third-party services, and, in severe cases, refer information to the relevant legal authorities.

We may amend these terms and our policies from time to time. If the changes are significant, we will notify you by email if you have already registered for the Program

Who can Participate in the Program

To participate in the Program as a student:

  • You must be at least 13 years of age as of the date of your registration.
  • You must attend a U.S. public or private secondary school located in the state of Michigan (or the homeschool equivalent)
  • You must have completed the student registration form by no later than September 25, 2024

Agreement

By registering an account and agreeing to these terms. You will be directed, as part of round 1 of the Program to register and create an account with Try Hack Me. Try Hack Me is a third-party online service provider who has partnered with SANS Institute for this Program. Once registered they will provide you access to training material, challenges and games.

Post-registration you will be provided with material and tools that, applied unethically or without consideration, could result in violation of (among others) the Computer Fraud and Abuse Act of the United States or the Computer Misuse Act 1990 of the United Kingdom. By registering for this Program, you agree that you will not use any of the information provided, tools or techniques against other individuals or organizations without consent to do so.

By registering for the Program, you agree that you will comply with our Policies and Terms & Conditions, and that failure to do so could result in termination of your access or sharing of your information with the relevant legal authorities. Examples of abuse include, but are not limited to, launching a denial of service, or purposeful attempts to disrupt the service.

Your Progress through Program
Important Note

Round 1 includes the online challenges and games delivered by Try Hack Me.

Try Hack Me will inform SANS Institute of all candidate scores. The top 30 students will then be invited to advance to round 2.

Please note only 30 high performing students will be able to advance to round 2.

In round 2 of the Program ten (10) teams will move forward to participate in SANS Institute’s cyber range competition known as NetWars, where students will put their knowledge to the test through hands-on exercises and compete at an in-person, live championship event.

This structure is the plan for the Program as of July 22, 2024. Based on actual participation results and participation engagement, DTMB may direct SANS Institute to adjust the Program structure.

If Successful, Where Round 2 will be Held

Round 2 will take place in-person at the 2024 Michigan Cyber Summit to
be held Wednesday, October 16, 2024, at the Suburban Collection Showplace in Novi, Michigan.

What will I get if I Win

Winners at the championship will be awarded  scholarships  to  take  SANS Institute  training and Global Information Assurance Certification (“GIAC”); the same courses taken by cybersecurity  professionals globally.

Acceptable Use

As part of this Program, and subject to eligibility criteria and enrolling and agreeing to the terms on the Try Hack Me platform, you may be granted a temporary licence to Try Hack Me. Try Hack Me provides educational material and security related puzzles or challenges. As part of these challenges, you may be required to apply unusual tools or use patterns to services to uncover logic flaws or issues. As covered in the product-specific licences and user guides, it is not acceptable to attempt denial of service attacks, or to purposefully attempt to cause damage to the infrastructure or data. It is also deemed a violation of acceptable use to identify flaws and to purposefully attempt to damage or disrupt other platform users, or their data.

Uncovering security flaws and learning about cybersecurity vulnerabilities will require use of certain tools that can only be used in a context where permission has been given by the target party, as is provided here. In severe circumstances where error cannot be blamed, violation of these terms could result in rejection from the Program, or prosecution.

How Your Data will be Used

An outline of what data we will collect and how we will use it is included in our Privacy Policy below. The data will be held by the Michigan Department of Technology, Management and Budget, Try Hack Me and SANS Institute for the purposes of running the Program.

How You may use Program Material

Works and materials supplied to you during your participation in the Program works are protected by copyright laws and treaties around the world. All such rights are reserved.

You must not modify any paper or digital copies you make of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences, or any graphics separately from any accompanying text.

You must not use any part of the content on the sites you visit as part of this Program for commercial purposes without obtaining a licence to do so from us or our licensors.

If you breach any of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

Contact Information

If you have any questions about these terms or any associated policy, please contact privacy@sans.org.

Privacy Policy

The Program, is committed to protecting your privacy and complies with the principles of the relevant data protection regulations, including the General Data Protection Regulation (GDPR). We commit to holding the minimum amount of data that we can from you, and we are committed to ensuring that your data is handled properly and any information we hold is stored securely and used in a lawful and ethical way.

This Privacy Policy explains how we collect data, why we collect it, how it is used, who has access to it, and how long it is kept for. By using this website or registering for the Program, you consent to the Program partners processing your data. The Program follows GDPR standards in our collection, handling, and storing of your data.  You may have

We may need to revise this Privacy Policy from time to time. If the changes are significant, we will notify you by email.

You may have additional data protection rights afforded to you by the state or country where you reside, including but not limited to, in the United States, European Union member state, the United Kingdom or other jurisdictions. Please click here for additional information regarding data protection rights that may be afforded to you by your state or country of residence.

Who is holding my personal data?

Your information is being collected by the Program partners, detailed below. This is required to allow us to run and deliver information security talent assessment and training programs. The Program is delivered by:

  • Michigan's Department of Technology, Management and Budget (DTMB), a state government department, based in the United States of America at Elliott-Larsen Building, 2nd Floor, 320 S. Walnut Street, P.O. Box 30026, Lansing, MI 48909
  • The Escal Institute of Advanced Technologies, Inc. (SANS Institute), based in the United States of America at 11200 Rockville Pike, Suite 200, North Bethesda, MD 20852
  • Try Hack Me (THM), based in the United Kingdom at 128 City Road, London, United Kingdom, EC1V 2NX
  • Republic based in the United States of America at 100 Blue Ravine Road Folsom CA 95630

SANS Institute is the Controller of your data. DTMB, THM, and e.Republic are Processors of your data.

This Program and the prior mentioned parties will maintain information that you provide to us, and data collected during your interaction with the provided services. This is collected for the operational purposes of security and safeguarding, but primarily for the running of the talent identification and training outlined on this website.

We use Amazon Web Services to host our registration service and store data. We use Tableau to analyse and report on Program registration, progress, and outcomes data.

We will always ask for your permission before sending your information to any other organization, or for any use case other than what is outlined above. We may on occasion offer you invitations to access or join third party services and/or platforms that may be of interest to you as a participant of the Governor's High School Cyber Challenge. Your use of these services is entirely optional and will not affect your access to or eligibility for Governor's High School Cyber Challenge. We may send you information related to our programs and further suitable opportunities for you, which you may terminate at your discretion.

What information do you collect about me?

The types of information we hold about you include:

  • When you register for the Program as a student, we collect your first name, last name, email address, school information, state information.
  • Information on how you use and experience this website and its forms, including server logging that may contain basic data such as IP address, date and time, the URL or path of the resource or file accessed, browser information, or error information.
  • Marketing Information, including tracking and cookie data that we collect when you use our website.

With whom are you sharing my personal data?

When you register for Round 1 of the Governor's High School Cyber Challenge, we will request you visit the Try Hack Me website at tryhackme.com to create your account. They will then provide you with a licence to the content on the Try Hack Me product.

Your registration information and scores and details of your progress in Try Hack Me will be shared with SANS Institute and DTMB for the purposes of selecting students to invite to Round 2.

If you are selected to progress to Round 2, the Program organizers will contact you with details of how to register for Round 2, including signing up to use the SANS Institute NetWars platform. Any further information provided for the purpose of running the event will be held and processed by e.Republic, DTMB and SANS Institute.

Consent

We get your information from your registration form, from your use of the website and materials, and from details of your progress in the Program. For us to process your data we need to get your consent or permission to use your information on behalf of all those involved. We can't enroll you in the Program and keep you up to date without your registration information, and we also need to monitor your progress.

Whether you choose to join or leave the Program is entirely up to you. The only effect of asking us to delete your information would be that you are no longer able to be a member of the Program. You are entitled to do this at any point in support of your GDPR right to be forgotten.

We've tried to make this notice easy to read, but you can always contact the Data Protection Officer via privacy@sans.org who will help explain things further and will answer your questions.

Leaving the Program and Removing your Information

If you change your mind about allowing us to use your information, you simply need to tell us by emailing privacy@sans.org. We will then take you through a couple of quick steps to confirm you want to delete your information and leave the Program

We'll update you when this has been done, or in exceptional circumstances if we can't do this.

Why do you need my information anyway?

We need it to run the Program outlined on this site. Try Hack Me Limited, DTMB and SANS Institute will need your data to run the Program and to assess eligibility.

If you don't want us to hold your information, you will no longer be able to participate in the Program, and we will delete your records from the system.

What security measures are you taking?

We carry out regular security assessments to make sure your information is secure. We follow all the standard industry practices to make sure we hold your information as securely as possible.

Security Incidences

As per GDPR standards, we will always inform you as quickly as possible if we discover any security incidence that has affected your data. We will take all action that we can to reduce risks and we will let you know if you need to take any action to protect yourself as a result.

How long will the information be held?

We keep your information for seven years or until you ask us to delete it, if this is sooner, and you wish to leave the Program. If the circumstances arise where we need to keep the data longer, we will tell you and explain why.

What about my other rights?

You have a right to have a copy of the information which Governor's High School Cyber Challenge holds on you or to transfer your information. You can make a request for a copy of your data through support by emailing privacy@sans.org.

What if I want more information or want to complain?

If at any time you want further information, or you need help understanding what you can and cannot request, or if you want to make a complaint, the Data Protection Officer can help you with this.

You can be asked to be put in contact with our Data Protection Officer via our support channels. Please email privacy@sans.org and ask to be put in contact with the Data Protection Officer.

If you still aren't happy with our response you can complain to the Information Commissioner’s Office.

Cookies Policy

The Governor's High School Cyber Challenge uses cookies as part of the delivery of the service. By using the service, you agree to the use of Essential Cookies that are a requirement for the platform to operate.

Additional cookies may be used to optimize the site experience, help us understand where we can improve the Governor's High School Cyber Challenge, and for certain marketing activities, but this is undertaken only with your consent when you visit the site. You do not need to accept these optional cookies to use Governor’s High School Cyber Challenge, and we provide you with an opportunity to opt out of these optional cookies.

What are cookies?

Cookies are small pieces of text sent to your web browser by a website you visit. A cookie file is stored in your web browser and allows the service or a third-party to recognize you, makes your next visit easier, and renders the service more useful to you.

Cookies can be either 'persistent' or 'session' cookies. Persistent cookies may remain on your hard drive until you erase them or they expire. Session cookies are temporary cookie files, which are erased when you close your browser.

Essential Cookies

When you visit the website, we will ask you to set your cookie preferences. In order to access the Governor's High School Cyber Challenge there are some cookies that are essential and you will need to agree to their use if you wish to access Governor's High School Cyber Challenge. We use these cookies:

  • To enable certain functions of the service to operate
  • To provide analytics and store your preferences
  • To understand which of our partners referred you to the Program

To allow you to opt-in or opt-out of optional cookies, provided by Civic Cookie Control.

We use both session and persistent cookies on the service and we use different types of cookies to provide these Essential Cookies. Blocking our Essential Cookies may prevent you using our service or may cause problems with your experience of our service.  Please see our Cook Policy for more information.

Optional Cookies

Cookies are managed through our cookie banner that will allow you to 'opt in' or 'opt out' of non-essential cookies. At present our non-essential cookies are limited to selected third parties that we work with to provide us with information about the use of our site and to help improve the Program.

Our non-essential cookies belong to third-party companies and are used to track how people find and use this website. These companies include:

  • Conversion tracking for marketing activities with Facebook, Snapchat, Instagram, Twitter, and Google Ads
  • Analytics and screen recordings with HotJar of how you interact with this website so we can make improvements to the usability and experience of the site
  • Google Analytics for marketing purposes

You do not have to agree to any non-essential cookies, and if you do not consent it will have no effect on your ability to participate in the Program. If you previously opted in to non-essential cookies, and then later decide to opt-out of those non-essential cookies, you may need to manually remove those third-party cookies using your browser’s cookie preferences and clearing settings; due to how third-party cookies work, we are not able to delete or remove these cookies for you from your browser after they have been previously set.

You can delete cookies or instruct your web browser to delete or refuse cookies. To do this you should visit the help pages of your web browser. There are lots of tools and plug-ins available to manage or restrict cookie behavior.  Please see our Cookie Policy for more information.

Support

Require further help? Send us an email and we'll get back to you as soon as possible.