Wanted: Cyber Experts to Defend UK Online

26 Jul 2010

Minister for Security Declares Cyber Security Challenge UK Open: First competitions go live today

26th July 2010: The UK’s first national hunt for future cyber security professionals launches today in central London. The Cyber Security Challenge UK is a series of online and face-to-face competitions designed by leading security, education and government organisations as a response to the worrying shortage of skilled professionals in the cyber security sector, and the growing challenge of how to increase the resilience of the UK’s online presence with our existing human resources.

The Challenge will identify the most talented individuals in the country capable of becoming our first line of defence against cyber attacks now and in the future. It will excite and inspire participants to consider a career as a cyber security professional. The very latest technologies will be employed to test the mettle of everyone from teenagers to IT professionals.

More than 30 prizes are on offer for successful candidates. All have been selected for their ability to help winners progress career opportunities in the cyber security profession. They include

Bursaries for university courses – eg £3,300 funding towards an MSc Electronics & Security, Queen's University, Belfast
Places on top private-sector training courses – eg A two week placement on Detica Cyber Security Academy, places on Sans Institute training course
Access to professional expertise and resources – eg opportunities to use the CREST penetration testing rig
Memberships of professional bodies – eg annual membership of the Institute of Information Security Professionals (IISP), the British Computer Society (BCS), and the Information Systems Security Association (ISSA).

From this morning, anyone interested in cyber security can register online to participate in the 2010 Challenge and have a chance to be crowned the UK’s Cyber Security Champion at www.cybersecuritychallenge.org.uk.

The Challenge is being officially launched by The Rt Hon Baroness Neville-Jones, Minister for Security who said:

“Cyberspace is woven into the fabric of our society; it is integral to our economy, our communities and our security. Defending all of our interests in cyberspace is a relatively small cadre of talented and highly skilled public sector and private sector cyber security professionals. This pool of professionals must grow and the Cyber Security Challenge UK offers an innovative and exciting way of attracting talented individuals to take up rewarding careers in this field.”

The competitions

As part of the launch, two initial competitions are being unveiled. Each competition features:

A virtual competition where participants compete online

A face to face playoff for the most successful participants in the virtual stage.

The team or individual that performs best in the playoff will become the winner of that competition:

QinetiQ Network Defence Competition: This competition utilises QinetiQ’s exceptional knowledge of network defence and its world-class modelling and virtualisation facilities. It involves teams reviewing, administering and defending a simulated network against attacks from cyber security professionals. SANS Institute and Sophos Treasure Hunt: The SANS Institute Security Treasure Hunt is an online game suitable for all ages and all levels of experience. Run on specific dates between September and December this year, and administered by a trained gamesmaster, participants will be challenged to identify security flaws on a dummy website and answer questions based on the issues they find. The competition takes the form of multiple choice questions allowing candidates to work at their own pace. Participants simply require a web browser; some creativity; and possibly some research on the Internet. The whole process takes less than two hours and the best six participants move through to the face to face stage being developed by Sophos.

Successful participants in each of these competitions will be invited to attend the Cyber Security Challenge UK Masterclass. This climax to the UK’s first Cyber Security Challenge is being developed by HP Labs and EADS Defence and Security as an opportunity to compete with, and against, other finalists from across the three competitions for a chance to be crowned the UK’s ultimate cyber security champion. The Masterclass will challenge candidates to demonstrate their technical, strategic, commercial, and interpersonal skills as they work in teams to cope with the challenges of managing and defending a business technology network in an accurately simulated commercial environment. They will face the same challenges a cyber security professional faces in the real commercial world.

In addition to these two competitions and the Masterclass, the Challenge will also be supporting the UK category of the Department for Defense Cyber Crime Center (DC3) Digital Forensics Challenge – which is running as part of the US Cyber Challenge. 22 UK teams are currently participating. The Challenge will be providing a prize for the winner of that category and will also invite the individuals from the winning team to participate in the Masterclass.

The Challenge is being sponsored by a broad group of renowned organisations in the fields of cyber security, education, industry and public sector. They include the Open University, Sophos, EADS Defence and Security, SANS Institute, Detica, QinetiQ and the Cabinet Office.

Quotes

"We are calling on students, graduates and anyone with an interest in cyber security, to come forward and test their skills. The variety and excitement of the cyber security industry is one of the UK’s best kept secrets, it faces new, dynamic challenges everyday. The Challenge will demonstrate how important and exciting this profession is and help the nation's best, undiscovered talent achieve their cyber security career ambitions.”
Judy Baker, Director, Cyber Security Challenge UK

"The security of computer systems has never been more important - not just to companies, but to the many workers whose livelihoods depend upon them. The Cyber Security challenge gives everyone with an interest in computer security the opportunity to demonstrate and enhance their skills in a fun way. Our hope is that it will drive more talented people to join the security industry, as IT companies today are finding it difficult to find the right talent. Sophos hopes that initiatives like this will help build a pipeline for future security experts to join us in protecting against internet threats and hackers."
James Lyne, Senior Technologist at Sophos.

“QinetiQ has teams of experts providing cyber security advice and services to governments and commercial organisations. One of the biggest challenges is to understand current and likely future threats in order to protect our customers. We also know how important it is to encourage the UK’s next generation of cyber security experts, so we’re delighted to be involved in the Cyber Security Challenge to identify new talent and help young people to pursue their career aspirations.”
Alasdair Rodgers, Security Lead, QinetiQ Consulting

“We are extremely excited to be a part of the Cyber Security Challenge UK. As founding sponsors we wanted to showcase UK expertise in cyber by collaborating in a Masterclass to ensure the challenge identifies new talent to further increase the UK’s capability. I relish the opportunity to see what the UK’s best can bring to the competition and I hope that EADS Defence & Security will be able to help support their career aspirations. If I’m impressed with what I see I will be offering them a job.”
Bryan Lillie, Head of EADS Defence & Security’s Cyber Security Centre UK

“The Cyber Security Challenge UK deals with issues spanning both education and technology. We see it as an excellent opportunity to continue our long-standing partnerships with industry to address the national challenges facing our workforce. Education institutions can only offer cutting edge skills to their students when they understand what the current challenges are, and the skills required by industry to address them. The Open University is committed to helping organisations to find innovative ways to deal with these skills gaps.”
Kevin Streater, Executive Director - IT&Telecoms, The Open University

“Cyber Security Challenge UK offers immense opportunities for students and professionals to make a significant and lasting contribution to our security and resilience. We are delighted to lend our support to the launch of such a competition at the Institute for Security and Resilience here in UCL. The Challenge so clearly attracts a rich diversity of talent, ready to innovate in order to sustain our resilience in an uncertain world.”
Rt Hon John Reid (Lord Reid of Cardowan), Chair of the Institute for Security & Resilience Studies

"Our use of cyber space has increased to the point where it forms a key part of the critical national infrastructure - a reality that is being exploited for malevolent purposes with increasing sophistication and frequency. Detica’s security specialists are constantly innovating new approaches and technologies to ensure that the UK is well placed to address these determined cyber attacks, with our Security Academy fundamental to this work. It is vital that future cyber security professionals have the skills and tools to ensure the UK has the most resilient and robust cyber infrastructure possible. We are delighted to be involved in this important national initiative."
David Garfield, Chief Technology Officer, Detica

For more information please contact our media team:
media@cybersecuritychallenge.org.uk
0845 680 1866

Information for editors:

The following organisations are helping in varying ways to establish the Cyber Security Challenge UK and make it a success

QinetiQ
Open University
Sophos
Detica
SANS Institute
EADS Defence and Security
Cabinet Office, Office of Cyber Security
Royal Holloway, University of London
The Digital Systems Knowledge Transfer Network
Council of Ethical Security Testers (CREST)
Institute of Information Security Professionals
Metropolitan Police e-crime unit
Dtex Systems
HP Labs
Dstl
PriceWaterhouseCoopers
Field FisherWaterhouse LLP
The Information Assurance Advisory Council (IAAC)
The Information Security Awareness Forum (ISAF) , ISSA, BCS and others
An industry group representing businesses in the banking, energy and technology sectors
Memset
Trusted Management Ltd
Queens University Belfast
Institute for Security & Resilience Studies at University College London
Link to cyber security challenge site
QinetiQ People Who Know How
Wanted: Cyber Experts to Defend UK Online