A cyber security challenge has been launched this morning in order to address the shortage of appropriate IT security skills in the United Kingdom.
The challenge was first mooted at the Infosec Security Show in April and is modelled on the US Cyber Challenge, but for UK citizens. It will set tasks, such as treasure hunts or network break-ins, for people who want to establish their information security skills. Winners will get prizes, but will also be up for real jobs in the industry.
“It is about enriching the pool of talent in the UK,” said Judy Baker, Challenge Director. “90 percent of the industry are telling us they cannot recruit the people they need with the necessary skills. We have a problem here getting the right amount of people and the right calibre of people,” she told eWEEK Europe UK.
“We are looking to pump up talent in the most diverse ways, but it is not just about skills, but also the ability to communicate about it,” she said.
According to Baker, these challenges will include a lot of technology but also hopefully will be fun as well. She said that the prizes awarded would be tailored for each individual and could include free places on Open University courses, free membership of a professional organisation, intern opportunities etc.
Baker said that initially there would be three main competitions. “We are anticipating running a lot of competitions, but to begin with we are focusing on three,” said Baker.
The first competition is a ‘network defence challenge’ which is a team challenge divided into two strands. The first strand is for small networks such as small businesses or school), and the second strand is for medium networks. It hopes to offer an enterprise network strand next year. Ten teams will compete in the small networks strand and ten in the medium network strand. “Teams will be given business problems to work on over a couple weeks, and the best two answers will go to two playoffs, and will a winner will be selected from these two strands,” said Baker.
The second competition was been dubbed a treasure hunt, where individuals will play an online game which will take about two hours to complete, looking for website vulnerabilities. “They will also be asked questions, and we expect a number of these games to run from September to November this year, depending on how many people want to play,” Baker said. The six best players will be invited to the playoffs and the winner and runner up will be invited to the masterclass.
The third competition is a digital forensic challenge. This is written by DC3, the cyber crime unit of department of defence in the US. There are an unlimited number of teams that can compete here (22 teams are already competing). The challenge covers 20 different areas of forensics. “However DC3 has agreed to create a seperate strand to the international competition and will now have a UK winner,” said Baker.
“Registration forms will be on the new website on Monday morning, and the competitions will playoff during the remaining months of this year,” said Baker. “By mid January we will have the face to face competitions (i.e. the playoffs) and by the end of February we will have the masterclass and awards ceremony.The next round starts after that, with more competitions added.”
Baker also said that there will be a teaser challenge, which is essentially a coding challenge, available on the website on Monday. The first person to come up with the right answer will win a “mystery prize.”
“The main reason that the Open University is participating in this is that there is a recognised skills gap in the market at the moment,” said Kevin Streater, executive director for IT and telecoms at the Open University. “There is a disconnect between what the industry needs and what is going on in academia. Hopefully eduction can be a major filler for these skills gaps.”
“The Open University hoping that it can bring industry and academia much closer together and we think that the cyber security challenge is where we may see this happen and kill the major skills gap in the industry,” said Streater. “Universities are not delivering the necessary skills at the moment, and students are failing to see the opportunities from IT security or understand how to grasp these opportunities.”
“We are doing both, as we are encouraging people to get involved in the challenges, and we are putting in up prizes, and offering free courses for cyber security. Most of courses are aimed at people already in work (70 percent of our students are already in work),” said Streater.
The Open University already offers two core courses in this regard, namely computer forensics and information security management. These six and nine month courses offer different qualifications. A third course covers ‘managing the software enterprise’.
“This is a growing area of the curriculum for us, so we are working of new courses at the moment, said Streater. “The core aspect for us to provide the link between industry and academia and show that it can work.”
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
View Comments
If this is true - why can I not get a job in IT Security, yet I am a qualified CISSP? Is it because at 45, I am to old?
I been trying since February, and not one response!
Or is it because, although I have over 25 years of IT experience, and have recently passed the CISSP (requiring 5 years of valid experience in multiple security disciplines, and passing a 6 hour exam) the fact that I have worked in other fields for the last 5 years, and my previous experience is now not valid?
Has IT Security really changed that much in the last 5 years?
The basics are the same, the flaws are the basically same, the mistakes and errors are the same. All thats changed is the lanscape, the name on the solution providers "tin"or the "exploit number"
By the way these magic wrinkle creams are useless - I still look over 40!
Anyone else struggling to find IT Security work, yet have the qualifications?
Regards
Andy
@Andy - this is part of the mythical 'IT skills shortage' which has two main causes:
a) people demanding unreasonable combinations of qualifications/experience and 'dynamism', i.e. unstated age limits
b) people selling 'qualification x' doing surveys that highlight a desperate need for people with 'qualification x'.
Getting a Minister to say something doesn't make it true.
I know a lot of highly capable IT people who have had to go and do something completely different (and a fair few who had simply had enough of it) and this includes a few who probably fit the needs of this particular challenge. From the looks of it this seems to be talking about needing competent coders and sysadmins (like me!) rather than anything else (part of the competence is the ability to recognise when you *do* need a specialist). Even if this were not the case, it's a statement of the flippinobvious that it is hard to find people for a highly specialised role, though your experience would seem to indicate that the ratio of applicants to posts is somewhat divergent from what is being suggested.
P.S.
a) bonus points for having a *real* qualification.
b) if you have not already done so, you may find some amusement in doing an assessment of the challenge website which even at my 'grasshopper' level is not entirely favourable.