united kingdom

Latest News

Malware attacks from hostile states, IP theft in motor racing and ‘Stuxnet-like' attacks on high security facilities: Cyber Security Challenge UK unveils new face-to-face competitions for 2012 / 13

Published: 23/11/12

Orange, Prodrive, SANS Institute and (ISC)2 join QinetiQ and Sophos to test qualifiers from Challenge’s virtual rounds

UK cyber security heads of industry can today reveal details of the four brand new face-to-face battles that await the country’s most talented amateur cyber defenders competing to win the latest Cyber Security Challenge UK. Professional cyber teams from Orange, Prodrive, (ISC)2, the SANS Institute, QinetiQ and Sophos will test over 100 qualifiers from the virtual first-round competitions over the coming months to determine the 40 finalists for the Masterclass grand finale in March 2013.

The Cyber Security Challenge UK began in 2010 as a series of national competitions aiming to find talented people for the increasing job opportunities in cyber security. Now in its third year, the Challenge has broadened its scope to act as a source of advice, support and guidance for anyone interested in the profession. It is currently backed by over 50 organisations from across the cyber security landscapes who contribute over £100,000 of career enabling prizes each year to candidates who demonstrate potential.

The four face-to-face competitions launched today are:


  • The Orange and Prodrive Risk Analysis -held at Prodrive UK's HQ, the first face-to-face competition will see Challenge candidates come up against a real life motorsport set-up, complete with Aston Martin Racing car, pit crew, technical team and a complex ICT infrastructure that connects them all. Candidates will work as security architects to deliver a practical security solution that protects the team’s IP and confidential information from its rivals in preparation for Le Mans, the biggest date in the international racing calendar.


  • SANS Net Wars – Run by the SANS Institute, this challenge is a unique opportunity for candidates to demonstrate their skills on one of the world’s most recognised cyber training platforms. Currently used by used by professionals at some of the largest companies and government organisations in the world, this is the first time NetWars has been incorporated into the Cyber Security Challenge UK. Over two hours of gaming, participants will be tasked with recovering a number of targets from a virtual environment whilst their scores are displayed on a dynamic real-time scoreboard, showing their accomplishments.


  • Sophos Malware Hunt - Sophos Malware Hunt – This year, there will be a definite James Bond feel to the Sophos Malware Hunt. Candidates will take on the role of forensics and defence specialists working for the UK Government, and will face the nastiest creations of both cyber criminal gangs and nation states as they run rampant in a virtual environment. Their mission will be to gather and analyse evidence of attacks on the systems, and identify the attackers’ motives, skill levels and likely origins. Finally, candidates will present their findings and make recommendations on the actions to be taken.


  • QinetiQ and (ISC)2 Command and Control – At QinetiQ’s Command and Control Face-to-Face Competition teams of cyber enthusiasts will be responsible for securing the IT systems protecting a simulated ‘top-secret facility’. They must identify, fix and exploit vulnerabilities in command software systems and work to anticipate security breaches to avoid attack. The Competition promises to be challenging and will provide competitors, the software developers of the future, with first-hand experience of what it takes to secure software systems and the critical impact cyber-attacks can have on the security and safety of an organisation, its people and its assets.


Stephanie Daman, CEO, Cyber Security Challenge UK said: “This year’s face-to-face competitions have broadened the range of skills we are testing in a bid to more accurately represent those needed most by the range of employers who support us. As well as identifying talented people who can move straight into unfilled jobs, we also believe these four action filled days will open the eyes of over 100 talented amateurs who might never have considered how exciting a job in this sector could be.”

Peter Erceg, Director of Technology Security, Risk & BCM at EE said: “Through EE’s Orange brand, we believe in giving our customers the best network security so that they trust us with their digital lives. The virtual world we live in is constantly under attack from individual and organised criminals, hacktivist groups and even the curious amateur. That’s why bringing talented people into the cyber security profession is so important and why we support the Cyber Security Challenge UK.”

Michael Cloete, Prodrive Head of IT said: “Cyber Security is a growing issue in professional racing where the IP of the car and the information relayed between the team during races is vital to the performance on the track. It’s fundamental business-to-business security and risk analysis, looking at how much vulnerability you allow before you put the organisation at risk or how secure you need to be before you run over budget and impede the team.”

Tony O’Keefe, Director, Europe, SANS Institute said: “This is a unique opportunity for Challenge candidates to test themselves on the most recognised and respected training platform for this profession. NetWars is used by enterprises, government agencies, and military departments all over the world and requires candidates to use all the critical technical skills vital to this industry during their two hour live action competition. From pen testing to packet analysing and digital forensics, it should be intense, fun, rewarding, and a rare opportunity for candidates to test their skills against the benchmark of our profession.”

James Lyne, Director of Technology Strategy at Sophos said: “The search for the best talent continues to be a primary focus at Sophos and organisations like ours: we look for the best code analysts in the world to help fend off tomorrow’s malicious code attacks for our customers. In addition to a general proliferation in malicious code on the internet, we continue to see a growth in targeted malicious attacks designed to cripple systems integral to the secure running of organisations, governments and even whole geographies. Having the right security in place to prevent data theft and secure devices is therefore vital. “

Neil Cassidy, Practice Lead, Cyber Defence, Security Division, QinetiQ said: “Growing numbers of cyber-attacks are exploiting perceived weaknesses in the systems that control factories, power generation and other parts of nations’ infrastructure. Too often software developers who write these programmes are focused on usability and not enough on how easily the whole thing can be brought down or even actively manipulated through an online connection. This new competition allows us to provide the software developers of the future with a real world experience of what it takes to secure software systems and the critical impact failures can have.” 

John Colley, Managing Director for EMEA at (ISC)2 said: “Secure software development is a significant new area of focus for information security professionals with application vulnerabilities increasingly identified as the number one threat to organisations. For too long software that underpins business and much of our most critical national infrastructure has been written without enough appreciation for how easily it can be exploited or manipulated. We hope this competition will both educate software developers as to the importance of embedding security from first principles in the systems they write, and also attract some of the most gifted and security minded candidates over to work in a new exciting field where their skills are very much sought after. ”

Back to news