UK cyber challenge aims to fill IT talent shortage

While cyber threats are increasing, those willing to work in the field are scarce

Paul Laverack of London is an actor, but he's considering a possible career change -- to computer security.

It's a somewhat unlikely career transition, but is one of the many examples of how a country-wide competition designed to spur interest in computer security, the U.K. Cyber Security Challenge, is already working as intended.

Launched last year, the challenge is a series of competitions that anyone can enter, in fields ranging from digital forensics to network security. More than 4,000 people registered to be part of the program, including Laverack, who won one of the competitions, the DC3 Digital Forensics Challenge.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Paul Laverack of London is an actor, but he's considering a possible career change -- to computer security.

It's a somewhat unlikely career transition, but is one of the many examples of how a country-wide competition designed to spur interest in computer security, the U.K. Cyber Security Challenge, is already working as intended.

Launched last year, the challenge is a series of competitions that anyone can enter, in fields ranging from digital forensics to network security. More than 4,000 people registered to be part of the program, including Laverack, who won one of the competitions, the DC3 Digital Forensics Challenge.

Laverack, who lives in East London, has never been employed in IT and has a degree in psychology. For the forensics challenge, he completed a series of increasingly difficult tasks from doing rudimentary file analysis to recovering the partition of a hard drive. As part of the prize, he will get to attend a week-long security academy hosted by the security vendor Detica that is usually for the company's new recruits.

"All of the knowledge I used in the competition was things I'd built up over the years dealing with my family's accidental file deletions and virus infections," Laverack said. "It was just knowledge I accumulated over the years."

Over the weekend, the U.K. Cyber Security Challenge held its first face-to-face competitions in Farnborough, England, at a secure joint facility run by Boeing and a major U.K. defense contractor, QinetiQ. The two companies have built an area called "The Portal," an advanced setup for conducting computer security networking exercises.

The competitions coincide with a four-year, £650 million (US$1 billion) effort by the U.K. government to shore up the nation's cyber security, as it sees growing computer-based attacks as a threat to the nation's economy.

But the nation is struggling to find people to fill computer security jobs, a result of university programs that haven't kept up with the times and, some say, simply lack of interest. The Cyber Security Challenge is a grassroots effort to find people who have a homegrown talent for computer security and hopefully link them up with employers.

"You don't need to have been studying this for years," said Judy Baker, director of the organization and former deputy director of the U.K.'s National Infrastructure Security Co-organisation Centre. "We want people who are interested who maybe have some rudimentary skills to have a go."

Jay D. Abbott, director of threat and vulnerability management at PricewaterhouseCoopers, said he has had difficulty recruiting for computer security jobs. In the past, universities did not have the programs in place to educate students in the field. Those that are qualified often taught themselves.

"It's very difficult to find good people out there," Abbott said.

Computer security today still is a field where raw ability -- problem solving, good communication skills -- win out over a lack of academic credentials.

Sophos, one of the Cyber Security Challenge's sponsors, has 25 years of experience hiring in the field. "Had we tried to use academic background as a sole qualifier, we would not be in business," said James Lyne, a senior technologist with the company. As an example, Sophos employs a former chef in its labs, he said.

The IDG News Service is a Network World affiliate.