The Cyber Security Challenge UK, now in its second year, is backed by a consortium of local commercial, academic and public sector organisations, and aims to attract and identify raw information security talent to help meet the demand for cybersecurity skills.
The QinetiQ Network Defence Competition, which kicks off today, and the SANS Packet Capture Analysis competition, which goes live next week, will test the ability of challengers to identify vulnerabilities in IT networks and protect systems exposed to simulated cyber attacks.
Both will be run online and hope to identify the most talented individuals from the hundreds that registered to play.
Network defence competition
The QinetiQ Network Defence challenge requires candidates to critique a technology network, or design a completely new one from scratch against a brief typical of those given to security professionals.
Unlike last year's competition, entry has been opened up to individuals rather than teams to fill the 500 places on offer. The competition has also evolved to reflect recent developments in the cybersecurity arena, to keep it relevant, current and aligned to the threats faced by UK industries today.
"We are not just looking for technically competent people," said Charles Hodgson, director of the Network Defence competition at QinetiQ. "Cybersecurity requires a rounded skillset with team players who can utilise everything they have at their disposal to deliver innovative solutions to difficult situations. The skills we are testing with these competitions are in demand across the whole sector right now, especially in areas such as managed services, penetration testing, digital investigations, information assurance consultancy, network administration and development of cyber strategy."
Data analysis competition
The SANS Packet Capture Analysis challenge is a brand new competition that tests candidates' digital forensics skills. It asks them to investigate technology networks, spot things that should not be there, and highlight the activities of network users that are putting the whole system at risk.
To complete the test, competitors will be presented with a file containing data captured from a theoretical computer network and a piece of analysis software called Wireshark. They will be scored on their ability to answer questions on the data they are presented with, and the time they take to complete the competition.
"There is major demand in the industry for the advanced intrusion analysis and digital forensic skills tested by this competition", said Terry Neal, EMEA director at SANS Institute.
"While this initial stage is aimed at the intermediate players you find in colleges and universities, we believe these games can inspire a group of already proficient amateur talent to focus their further education and career development down this particular path," he said.
Assessing a broad range of skills
Jay Abbott, head of the challenge's competitions group, said the competitions typify a new approach to the Cyber Security Challenge programme.
"We have selected the best aspects from the previous programme and improved them, while widening the scope of the skills we can assess with brand new ideas such as the SANS Packet Capture Analysis competition," he said.
The winners from both these competitions will take their place in the next round of the Challenge programme, which brings successful candidates together for a series of in-person face-offs at the start of 2012.
Successful candidates in the Network Defence Competition will be invited to one of QinetiQ's secure facilities to work in teams to defend networks against a series of realistic cyber attacks thrown at them by QinetiQ's experts. For the SANS winners, the Sophos Malware Hunt awaits, where they will need to assess and nullify a range of real malicious codes from the vaults at SophosLabs in a bid to prevent data theft and system failure.
- Anyone interested in signing up to one of the remaining Cyber Security Challenge competitions should go to www.cybersecuritychallenge.org.uk to register.