Shrivenham hosts bootcamp for Cyber Security Challenge UK

Civilians and military personnel have completed an intensive cyber security bootcamp at the Defence Academy in Shrivenham

Civilians and military personnel have completed an intensive cyber security bootcamp at the Defence Academy in Shrivenham, Wiltshire, in the latest initiative aimed at swelling the ranks of UK cyber defenders.

The three-day training course is part of the current programme of the Cyber Security Challenge UK, a series of national competitions aimed at attracting people to the cyber security profession.

The challenge was started in 2010 by a small group from industry, government and academia to address the growing skills gap in the UK cyber security profession.

Now in its fourth year, the challenge has grown its range of competitions, including one for schools, and is now backed by more than 75 sponsors.

In the latest challenge, a new generation of potential UK cyber security defenders completed two days of hands-on development and training before testing their skills in a simulated cyber terrorist attack.

The camp programme was put together by the Challenge supported by C3IA Solutions, which provides information risk management training and cyber security services for the MoD, government and industry.

Training was provided by some of the UK’s leading cyber security experts from QinetiQ, PricewaterhouseCoopers, Infosec Skills, IRM, Raytheon and the National Crime Agency.

The training included an introduction to risk assessment and management, digital forensic analysis, business continuity management, security architecture, and web application security testing.

The assessment exercise, devised by cyber security operatives from GCHQ, required candidates take on the role of a cyber team battling a fictitious cyber-terrorist group, the Flag Day Associates.

In the attack scenario, the cyber-terrorist group had compromised a web-based application that controls the building management software used by a large central London venue that hosts classified meetings.

Under the guidance of mentors from GCHQ and other industry experts, the camp recruits were assessed on their ability to run penetration testing as part of a full security assessment of the targeted web application to identify the vulnerabilities that may have been exploited by the attackers.

In the final stage of the camp, recruits sat their first professional qualification – the Certificate in Information Assurance Awareness (CIAA).

Stephanie Daman, chief executive of the Cyber Security Challenge UK, said last year’s inaugural cyber camps showed the strong demand from amateurs to be given the opportunity to break into this field.

“The camps give everyday civilians the chance to see what it’s really like to work as a professional in this sector and what’s involved in defending the UK from ever-growing cyber attacks,” she said.

Daman said the camps give talented individuals the opportunity to learn from the best in the industry, and by receiving a qualification for their efforts, they are given a genuine career-enhancing experience.

“This sector needs more people with talent and skills and it is very rare for the door to be opened to outsiders,” she said. “All those involved will have had a truly unforgettable experience.”

Read more on Hackers and cybercrime prevention