A Word With The Student Cyber Security Star

The 2012 UK Cyber Security Champion was crowned yesterday, as first-year Cambridge University student Jonathan Millican took the top prize.

The final Cyber Security Challenge Masterclass event took place in Bristol over the weekend, pitting teams of budding information security pros against one another in competitions designed by HP labs.

Millican wasn’t even part of the winning team, but his technical and leadership skills helped him come out on top in the individual contest. Over the past six months, the 19-year-old computer science student has been battling through each round of the Cyber Security Challenge, tackling on and offline tasks, whilst getting plenty of valuable experience from industry professionals along the way.

TechWeek Europe caught up with Millican in the middle of a busy university timetable today to chat about how he came to be champion and what his plans are for the future.

So, have you had any job offers yet?
There has been some suggestion from organisers of the Challenge that there might be offers of internships. Nothing official has been said yet so I won’t elaborate too much on that.

How does it feel to have so much attention placed on you now?
Very strange. I was on the train home and I got a text from my brother saying ‘you’re number five on the BBC homepage.’ I was just like ‘what?’

I got back to college quite late in the evening and my friends had the article up on their computers. I was getting texts all day, people writing on my Facebook. It was surreal. It’s quite nice though, it hasn’t changed anything. It just means people are more aware of me, I guess.

Did you find the competition tough? Were you feeling the pressure at any point?
The first round I wasn’t really expecting to get anywhere, so I wasn’t too stressed about that anyway. At the Masterclass, there was a lot more riding on it, but again I’d pretty much resigned myself to the fact that I wasn’t going to win, so I was just quite relaxed about it. I saw it as a chance to get away for a nice weekend, away from the hectic university life.

I’d hoped I’d learn something and obviously it went better than I’d expected. I’d say the middle round was the hardest in the sense that it was the first time there was a TV crew there so the pressure was on a bit more there.

A change of career?

Do you think this will change your career aspirations? Or had you always wanted to be in security?
I had dabbled a little on my home network, playing around with wireless security and trying out the hacking tools to see if all the risks really are there. It was really basic stuff. I set my home network to WEP encryption and then loading up BackTrack [a tool to access any network secured by WEP] found online instructions to see if I could get in and it turned out I could.

I hadn’t seriously considered cyber and network security. I’d always been thinking I’d go down the software root but obviously this competition has changed my perception a little. I’ve met a lot of the sponsors, made some more contacts both from the teams and the sponsors. It’s opened the door, it’s validated me as someone who could potentially go into this industry.

How did you find working alongside security professionals, did they get you intrigued about a job in the industry?
It was actually intimidating. Not because of the people, all the people were really approachable, but particularly on the Cassidian [security company] network simulator where you get given this network diagram and you think ‘what do I do?’ They give you Cisco routers, various switches and Windows Servers and things, all this stuff I had no experience with. It was quite intimidating with people who really knew what they were doing.

Obviously the Challenge is designed to fill the IT security skills gap in this country. What did you make of the other contestants? Does it look like the UK has a healthy group of potential security pros ready for employment?
Yes, definitely. There were people like me, who just hadn’t necessarily thought about cyber security careers so much, but they really did seem to know what they were doing. If all the guys I met in the competition, and some more who maybe didn’t enter the competition for whatever reason, if they all went into cyber security it would definitely help.

A good challenge…

And how well did you think the Challenge was run?
I thought it was run really well actually. I was always kept up to date with what was going on, if I ever had any questions I’d email and get very prompt replies. They’re obviously doing very well. It’s been just two years and they’ve got some massive sponsors.

The only negative feelings I had have more been related to the competition rather than about it. That’s just because of the quite intense workload in the university term and having to leave for a couple of weekends. I’ve had no complaints about it at all. It’s been brilliant.

What does the future look like now you’re the UK’s Cyber Security Champion?
Well, I have two and a half more years of a degree to do. I’ll be focusing on that most of the time. But I’ll definitely try to learn more skills and get up to date. Obviously, I’ll try to get internships and do all the training courses I’ve been offered.

Think you could be the next Cyber Security Champion? Test your knowledge with our security quiz.