Feeds

New UK cyber-champ: Chemist's winning formula cracks 'F1 race hack'

Free radical beats year-long security challenge

Internet Security Threat Report 2014

Updated A 28-year-old chemist is the new UK Cyber Security Champion after triumphing in a year-long competition that tested computer defence skills.

Stephen Miller, from Hertfordshire, beat thousands of other hopefuls after competing in several online and face-to-face heats. Miller, who works as a lab team manager at a major pharmaceutical company, has taken part in the tournament since it launched in 2010, building up his skills along the way. Although he has no formal computer security training, examiners praised his abilities.

He was named as Blighty's e-champion after the final masterclass round of 2013's Cyber Security Challenge UK on Sunday. Miller's prize includes free access to industry training courses. The runner-up was Steve Jarvis, a 24-year-old from Southampton, who works in the IT team for a hedge fund and also has had no formal cyber-security training.

Miller told El Reg that he'd previously reached the last 25 of the competition two years ago and had also entered other competitions, such as BBC Backstage. He has dabbled in programming with PHP and JavaScript.

"I see more cyber-security as a hobby," he said. "I'm quite established in my career and not ready to make the leap. Nonetheless, getting involved in a challenge like this shows I have other capabilities outside running a chemistry lab."

This year’s final was organised by security teams at HP and Cassidian Cyber Security. The 40 finalists took on the role of infosec professionals at a fictitious technology communications supplier to a Formula 1 racing team, which had been hacked in the lead up to a Grand Prix.

Players had to spot signs of malicious attacks and come up with the best counter-measures, both technical and policy based, to fix them. The competition was designed to test contestants with problems facing real IT security pros in many sectors across industry and government.

Security experts at HP and Cassidian who set up the challenge final praised Miller's business acumen and leadership skills, factors that proved decisive in his victory in the grand final of the Challenge.

In the three years of the Challenge, 40 challenge candidates have gone on to gain paid internships or to secure jobs in information security.

"To succeed in this competition and become the UK’s new cyber security champion, Stephen has had to demonstrate not only exceptional technical skills but also an ability to relate them to a common business scenario," said HP's Jonathan Bathurst.

"This requires an ability to weigh up risk, take into account budgets and operational limitations and be able to present a coherent case to a non-technical audience with sensible measures that are in the best interest of the organisation for the future. It is this skill set that employers value highest of all and the competition was designed to identify."

'A powerful demonstration of the hidden talent'

Stephanie Daman, chief exec of Cyber Security Challenge UK, added: "Stephen’s success in the challenge, as a chemist with no formal training in this profession, is a powerful demonstration of the hidden talent that exists in people from across all types of professional backgrounds."

The culmination of this season's competition was immediately followed by the launch of a new programme of competitions for the 2013-14 Cyber Security Challenge UK. Registrations are now open at www.cybersecuritychallenge.org.uk.

The fourth season of the challenge will include rounds designed specifically for school pupils in regional training camps delivered in partnership with universities. The season will also include a greater range of tests including mobile forensics, incident response, malware analysis, and software vulnerabilities.

Prizes will include a bursary for a master's degree in cyber security, sponsored by the Institute of Engineering and Technology, at three UK universities. This year also sees the debut of a Cyber Security Challenge app for iOS and Android. The app will distribute kill tests, news on the challenge and an access point for advice on computer security careers. It has been launched with a brand new cipher to crack from PwC, available through the app.

Cyber Security Challenge UK runs a series of national competitions ultimately aimed at attracting talented people into the profession, and supporting interested people with information about cyber security careers and learning opportunities. The scheme is supported by government departments, IT firms, universities and trade groups including the Cabinet Office, PwC, BT, GCHQ, QinetiQ, the SANS Institute, Sophos and Blighty's Serious Organised Crime Agency (SOCA). ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.