Feeds

New UK cyber-champ: Chemist's winning formula cracks 'F1 race hack'

Free radical beats year-long security challenge

Reducing security risks from open source software

Updated A 28-year-old chemist is the new UK Cyber Security Champion after triumphing in a year-long competition that tested computer defence skills.

Stephen Miller, from Hertfordshire, beat thousands of other hopefuls after competing in several online and face-to-face heats. Miller, who works as a lab team manager at a major pharmaceutical company, has taken part in the tournament since it launched in 2010, building up his skills along the way. Although he has no formal computer security training, examiners praised his abilities.

He was named as Blighty's e-champion after the final masterclass round of 2013's Cyber Security Challenge UK on Sunday. Miller's prize includes free access to industry training courses. The runner-up was Steve Jarvis, a 24-year-old from Southampton, who works in the IT team for a hedge fund and also has had no formal cyber-security training.

Miller told El Reg that he'd previously reached the last 25 of the competition two years ago and had also entered other competitions, such as BBC Backstage. He has dabbled in programming with PHP and JavaScript.

"I see more cyber-security as a hobby," he said. "I'm quite established in my career and not ready to make the leap. Nonetheless, getting involved in a challenge like this shows I have other capabilities outside running a chemistry lab."

This year’s final was organised by security teams at HP and Cassidian Cyber Security. The 40 finalists took on the role of infosec professionals at a fictitious technology communications supplier to a Formula 1 racing team, which had been hacked in the lead up to a Grand Prix.

Players had to spot signs of malicious attacks and come up with the best counter-measures, both technical and policy based, to fix them. The competition was designed to test contestants with problems facing real IT security pros in many sectors across industry and government.

Security experts at HP and Cassidian who set up the challenge final praised Miller's business acumen and leadership skills, factors that proved decisive in his victory in the grand final of the Challenge.

In the three years of the Challenge, 40 challenge candidates have gone on to gain paid internships or to secure jobs in information security.

"To succeed in this competition and become the UK’s new cyber security champion, Stephen has had to demonstrate not only exceptional technical skills but also an ability to relate them to a common business scenario," said HP's Jonathan Bathurst.

"This requires an ability to weigh up risk, take into account budgets and operational limitations and be able to present a coherent case to a non-technical audience with sensible measures that are in the best interest of the organisation for the future. It is this skill set that employers value highest of all and the competition was designed to identify."

'A powerful demonstration of the hidden talent'

Stephanie Daman, chief exec of Cyber Security Challenge UK, added: "Stephen’s success in the challenge, as a chemist with no formal training in this profession, is a powerful demonstration of the hidden talent that exists in people from across all types of professional backgrounds."

The culmination of this season's competition was immediately followed by the launch of a new programme of competitions for the 2013-14 Cyber Security Challenge UK. Registrations are now open at www.cybersecuritychallenge.org.uk.

The fourth season of the challenge will include rounds designed specifically for school pupils in regional training camps delivered in partnership with universities. The season will also include a greater range of tests including mobile forensics, incident response, malware analysis, and software vulnerabilities.

Prizes will include a bursary for a master's degree in cyber security, sponsored by the Institute of Engineering and Technology, at three UK universities. This year also sees the debut of a Cyber Security Challenge app for iOS and Android. The app will distribute kill tests, news on the challenge and an access point for advice on computer security careers. It has been launched with a brand new cipher to crack from PwC, available through the app.

Cyber Security Challenge UK runs a series of national competitions ultimately aimed at attracting talented people into the profession, and supporting interested people with information about cyber security careers and learning opportunities. The scheme is supported by government departments, IT firms, universities and trade groups including the Cabinet Office, PwC, BT, GCHQ, QinetiQ, the SANS Institute, Sophos and Blighty's Serious Organised Crime Agency (SOCA). ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.