Cyber Security Challenge UK
Cyber Security Challenge UK's Judy Baker gives an update
I spoke to CT Review when we officially unveiled Cyber Security Challenge UK to the industry, last April at Infosec. As we approach the end of the calendar year it seems appropriate to be coming back to you to offer a review of what has been an incredibly successful nine months.
For those of you that don't know what the Challenge is and why it exists, let me explain: 90 per cent of companies have difficulty recruiting people with the cyber security skills they need now. Nearly 60 per cent of these companies plan to create more jobs in cyber security in the next few years (SANS Institute survey). So we have a skills shortage, an increase in demand and also, there is a reduction in the numbers going in to IT (E-Skills).
Why is it that we have such a dangerous situation at a time when graduate unemployment in the UK is at its highest for 17 years and the threats to networks and systems has increased?
Some of the answer lies in the general lack of understanding about what cyber security jobs are and how to get them. They sound boring, though in fact there is huge variety, interest and challenge. The profession remains immature; job titles are inconsistent across businesses; some jobs are highly technical; others need more soft skills. It is not clear how to get on to the cyber security job ladder. Some employed people have seen how good the jobs are but have been unable to transition.
Cyber Security Challenge UK was set up as a not for profit company in March 2010 to address these issues and bring more talented people into the profession. We run a series of national online games and competitions that test the cyber security abilities of individuals and teams from every walk of life. They are designed to excite and inspire anyone considering a career in the cyber security industry, focusing on the skills needed by employers. This year's competitions include a network defence team challenge run by QinetiQ; an on-line game for individuals dealing with website vulnerabilities, called Treasure Hunt, which is run by SANS with Sophos; and a UK category for a digital forensics challenge run by the Cyber Crime Unit in the US.
There are lots of career enabling prizes. They include internships, mentoring in large companies, private sector training courses, assistance with fees at some universities, places on Open University courses, and memberships of professional bodies.
Progress has been swift. We launched to industry in April; built the business in May and June; and launched to candidates in July. Since then we have been busy running competitions. Here are some useful numbers:
· More than 20 sponsors have signed up to support our initiative. They include Detica, Sophos, Sans, Cassidian, QinetiQ, Open University, the Office of Cyber Security, PWC and Dtex Systems. A list is on our website under "Who's involved". We are extremely grateful for the way they have all played a critical role in the development and promotion of the Challenge.
· There is clearly a national appetite for the competitions and within only a few weeks of the launch nearly 4,000 people had registered to enter, despite limited marketing and no paid advertising. The number of teams entering the digital forensics challenge rose from 22 to 155. The first stage – a series of virtual competitions – is nearly complete and we are about to announce the best candidates who will go through to the next round – a series of face to face Challenges at QinetiQ and Sophos sites in the UK.
· Key to our reach to market was the publicity surrounding our launch, led by the Security Minister, and a public cipher challenge, written by PWC. The latter drew in about 1,000 enthusiasts, primarily from social networking sites.
Early indicators are that candidates are aged from 16 to adult but that the largest group is male and in their mid to late twenties. They are demonstrating the excitingly high level of UK talent in cyber security, but most of them are not yet working in cyber security. We believe that our career-enabling prizes, combined with information we are building into our website about where and how to start a cyber security career, will help make this happen and that our sponsors will find the recruits they are searching for.
This success in 2010 has led to big plans for growth in 2011. We will run more competitions, covering a broader range of the skills employers need. The Government continues to give us much valued and useful support but they do not fund all our efforts and we rely on further sponsorship from private sector and academia. We enjoy many valuable gifts, from the running of competitions to the donation of prizes and hosting of events, but in the last nine months we have grown to a size that requires professional management and a properly financed business structure. So we need real money too. Existing sponsors are delighted with the benefits they have derived from marketing, (sponsors appeared on Breakfast TV, Today Programme and were quoted in leading publications), brand association, networking and recruitment.
We are embarking on a new sponsorship drive to fund our ambitious programme, and some well thought out opportunities for organisations to gain advantage from working with us are on the table. We are also looking at several proposals from those who would not only like to contribute money but would like to run next year's competitions or host events for us. If your company is interested in getting involved please contact us at queries@cybersecuritychallenge.org.uk.
Judy Baker - Director Cyber Security Challenge UK Ltd
