The UK's newest Cyber Security Challenge champion Jonathan Millican scooped top honours in the final in Bristol last weekend.
Millican, who entered the GCHQ-sponsored event out of curiosity, ascribed his victory to the fact that his relatively limited technical background prevented him from getting bogged down in the technical aspects.
"Rather than talking about technical details like security policies, I described in summary the areas that needed to be focused on and why," Millican said.
In a simulation of a company under attack, 30 finalists had to identify the problems and sell potential solutions to industry professionals playing the roles of company executives.
The simulation was designed by industry experts at HP and Cassidian to be as close to a real-world situation as possible.
“The final was designed to be a true representation of what cyber security professionals are up against," said Roy Matthews, Cassidian’s cyber defence lead.
“So it’s hard work, varied, intensive and hugely rewarding. Everyone who took part now understands the reality of working in this industry," Matthews said.
Judges praised Millican for his ability to listen to what was going on, bring that all together and present the situation in a way that was easy to understand.
"I did not think I had a chance of winning; I was just looking to learn what I could and make contacts, so I was not too worried or stressed," Millican told Computer Weekly.
Millican, a first year computer science at Cambridge University who has no prior formal IT training, said the final two face-to-face round of the competition provided a valuable insight into the IT industry.
The experience has inspired him to consider a career in cyber security: "It seems I may have an aptitude for it, so I will definitely look at it seriously."
Helping him down that route will be a funded place on a masters course in information security at Royal Holloway University for 100 weeks' part-time or 50 weeks' full-time study.
Millican will also receive places at several other cyber security course and conferences and a tour of UK intelligence agency GCHQ.
"The prizes are largely educational, but for the stage that I am at, that is really useful in helping to get into the industry and getting my CV up to scratch," he said.
Millican said that even if he had not won, the Cyber Security Challenge would have been worth his time because of the insights he gained into how the IT industry works, what he learned and the contacts he made. "I would encourage others to enter," he said.
Registrations are open for the next UK Cyber Security Challenge that begins in April.
The third challenge will be bigger, more varied and offer skills testing opportunities for information security professionals for the first time, according to organisers.