Bring On The Security Olympics!

There is plenty of incompetence in the industry, so a genuine bid to increase security skills is bound to meet with our approval. Especially one that nestles amongst the desperate bids for publicity surrounding the Infosec event in London.

This year’s Infosec announcements so far are a particularly lacklustre bunch: around ten security firms with no better way to gain attention, have commissioned surveys of users designed to get column inches by telling us what we already know.

These firms all have unmemorable names like Smoothsource or Watchfire, and have commissioned surveys to prove that users are unaware of the dangers of the cloud, or over-cautious about social media, or not prepared for big data breach fines, or any one of a small number of possible results, each of which translates to a crying need for the security products of Roundpeg, Squarehole, or whatever their name is.

All of which might be of interest, but the biggest security story around this year is one of incompetence at McAfee, a company which one might expect to be leading the way in security.

Amongst all this, the Cyber Challenge release stands out like a good deed in a naughty world. Or it would do, if it had a little more detail.

The Challenge, backed by government departments, the police and some companies, aims to lure graduates into a security career by offering a challenge, with prizes.

However, at this stage, there is no detail of what the contests will be or what the prizes are. Some challenges will be treasure hunts, and some will ask contestants to break the defences of a test site. But they won’t all be technical challenges, the organisers said.

Here’s our suggestions for the Cyber Challenge

• Build an anti-virus system that doesn’t wreck businesses with false positives
• Create a social media site that does not routinely invade users’ privacy
• Make a plane that aviation authorities can accept will fly through ash
• A booby prize for the stupidest top-secret item left in a bar
• And finally, we’d personally offer a big prize for creating a genuinely interesting security survey, not blatantly hooked to a product agenda, to be carried out in time for next year’s Infosec event.