Cyber Security Challenge Hunts For Flaw Finders

The government-backed UK Cyber Security Challenge has opened registration for a new competition today, which will hope to find the software vulnerability experts of the future to defend Britain’s critical infrastructure.

They will be tested on finding flaws in software, as well as on writing secure code. Entrants into the QinetiQ and (ISC)² contest must have a basic grasp of writing  in C, C++, objective C and Java.

Between 15 and 30 winners will be picked from the competition to go to the QinetiQ face-to-face challenge on 9 February 2013. Winners from that event will then be invited to attend the Cyber Security Challenge Masterclass Final and awards weekend on 9 and 10 March.

Searching for the ‘right instincts’

“For too long, software that underpins business and much of our most vital critical national infrastructure has been written without appreciation for the need for security,” said John Colley, managing director, for (ISC)² in EMEA.

“Those with the right instincts have a significant opportunity to demonstrate new skills that are incredibly relevant today. We hope this competition will attract, identify and nurture new talented individuals to work in this field.”

Organisers said they wanted to find professionals who could protect UK critical infrastructure from attacks like Stuxnet, which disrupted Iranian nuclear operations by taking advantage of zero-day vulnerabilities.

McAfee, which is not one of the many security companies who openly support the Challenge, today issued a report in which it claimed energy grids were a “prime target for attack”.

It claimed an estimated 70 percent of the existing energy grid is more than 30 years old, but in updating them and connecting them to the Internet, security has remained an afterthought.

“The good news is that we are getting smarter about identifying, finding, and fixing vulnerabilities, and technology is increasingly effective at detecting and thwarting attacks,” wrote vice president for embedded security at McAfee, Tom Moore.

“The challenge is that cyber security investments – and cybersecurity consciousness have not kept pace with either the sophistication of embedded technology nor the shrewdness and tenacity of attackers. And in spite of energy being perhaps the most regulated sector on the planet, ‘compliant’ doesn’t always translate to ‘secure.’”

Are you a security challenger? Try our quiz!