LONDON -- Has Britain got talent when it comes to information security? The best way to find out is to run a competition...
and see who does well.
And no, there's no Simon Cowell involved in the first Cyber Security Challenge U.K. Instead, there's a line-up of august bodies ranging from the Institute of Information Security Professionals to the Metropolitan Police Service backing the idea.
The challenge got its public launch on the first day of Infosecurity Europe 2010 in London, where the backers announced they will be seeking more sponsorship to help mount a series of events that will take place in the autumn, where contestants will compete to detect and fix security flaws in systems.
The Cyber Security Challenge also has the backing of the Sans Institute, which has run similar challenges in the U.S. for the last couple of years.
The aim behind the challenge is to uncover talented individuals and help them progress in the security field. The backers believe there is a severe shortage of qualified people in the security field, and they see the challenge as one way of raising the profile of information security and encouraging talented people to take it up as a profession.
Ahead of the launch, Sans Institute surveyed 255 qualified security professionals in the U.K. to test their views on the skills shortage. More than 90% of those surveyed said it was already difficult to recruit cybersecurity professionals, and nearly 60% predicted that the number of cybersecurity jobs required to cope with attacks will increase in the coming years. The job roles most difficult to fill are those in the fields of strategy or policy guidance, risk management, threat management and incident response.
"We have to improve the quality and quantity of talented people entering the profession to accommodate escalating requirements," said Judy Baker, director of Cyber Security Challenge U.K. "The current system is not delivering enough skilled professionals to meet the cybersecurity challenges we face. We need to excite, inspire and stimulate fresh interest in a career as a cybersecurity specialist. The competitions we are developing will do exactly that."
The challenge will be open to individuals and teams, and will be divided into two main age groups -- 16 to 21, and over 21.
Mohan Koo, CEO of Australian security company Dtex Systems Pty Ltd, is a founding sponsor of the U.K. challenge. "Supply of good people is just not keeping up with demand," he said. "We need to help identify new talent. Some individuals don't understand that they can do information security as a profession."
The full programme of events will be announced later in the year, but they are likely to follow the same pattern as those pioneered by Sans in the U.S. In one challenge, for instance, contestants partake in a Treasure Hunt to detect malware in an infected website, and to answer questions based on what they find.