A GCHQ-backed ethical hacking competition for university students is set to return in March, as the government launches a new fund designed to address the cybersecurity skills crisis.
Now in its third year, the Inter-ACE competition is touted as the largest of its kind in the UK, featuring over 130 students from 18 of the UK’s top universities.
Over the course of two days, the 34 teams will face over 20 challenges set by experts from the University of Cambridge and sponsors including Context IS and Palo Alto Networks.
Competitors will be required to hone their pen testing skills — including binary reverse engineering of malware, breaking into a web application, decoding secure communications and piecing together intercepted data — in a number of simulated scenarios.
These include working to prevent a cyber-attack on the infrastructure of a fictional city, and the tapping of an undersea data cable.
Those that succeed in the competition, to be held on March 17 and 18, will receive £10,000 in cash prizes and the chance to compete against their American counterparts in a 'Cambridge2Cambridge' competition later in the year.
“Inter-ACE gives future cybersecurity professionals the opportunity to test their skills against the best and meet others in their field and future employers. This is about engaging with the next generation of cybersecurity talent, and raising awareness of this vital, interesting and exciting career choice,” said Inter-ACE founder, Frank Stajano.
“It’s also about making the good work of cybersecurity professionals much more visible. Like other initiatives such as NCSC’s CyberFirst program, the interesting experiences of the university students taking part in this year’s event will help to inspire those currently at school to consider a rewarding career in this field.”
The competition comes as the government this week announced a new initiative also designed to address the cybersecurity skills “cliff edge” facing the UK.
The Cyber Skills Immediate Impact Fund (CSIIF) pilot is designed to incentivize organizations like charities and training providers to “develop, scale up, or refocus cybersecurity training initiatives."
Andy Kays, CTO at UK-based cybersecurity company, Redscan, welcomed the initiative.
“Too many organizations seem to think that their cybersecurity problems can be solved with technology, and while utilizing the latest tools is important, there is no replacement for well-trained staff and the expertise of experienced cybersecurity professionals,” he argued.
“For many businesses, identifying and training the right talent needed to defend against sophisticated adversaries has become too difficult and costly.”