H4cked Off: Cyber Security Challenge - worthy programme or waste of time?

The latest winner, Stephen Miller, does not intend to take up a role in cyber security - the whole point of the Challenge

The Cyber Security Challenge, a series of national events designed to encourage talented professionals to join the UK IT security industry, has just announced its latest winner, 28-year-old chemist Stephen Miller.

Miller, from Hertfordshire, beat thousands of registered candidates in a series of competitions over the past year to scoop the prize.

But unlike last year's winner, Dan Summers, who took up a role at the information security team of the Royal Mail Group, Miller has no designs to switch from his current role at GlaxoSmithKline (GSK) to a cyber security position.

When Computing asked Miller why this was, he said: "I've made a career at GSK where I have worked for five years. While I am moving at one promotion a year it is difficult to just drop everything. I'm now a team leader and of course I could transfer at a similar level [in cyber security] where there is a clear career path, but I'm not in the situation where I'm looking to change."

And herein lies the problem: a programme dedicated to unearthing talent may have found that talent but it has not convinced that person that the IT security industry is somewhere he would like to work.

HP and Cassidian backed the Challenge final and Jonathan Bathurst, cyber lead, UK public sector at HP, admitted that he was disappointed that Miller did not want to seek a role in cyber security in the near future.

"It is a shame that Stephen is happy with his current position. But we saw a lot of other fantastic potential with other competitors. Some of them could be future champions if they sign up again for next year's challenge," he told Computing.

The situation is no doubt also disheartening for the many competitors who would love to work in the industry but who were overlooked, while someone who had no intention of entering the industry won the main prize.

Miller, though, defended the competition, stating that his winning the Challenge despite coming from a pharmaceutical background shows that competitors do not have to come from IT.

"While I'm not looking to move, it shows the talent pool is broader," he said.

[Turn to next page]

H4cked Off: Cyber Security Challenge - worthy programme or waste of time?

The latest winner, Stephen Miller, does not intend to take up a role in cyber security - the whole point of the Challenge

But while the government may well look at this as a plus, it is to the detriment of the competition that it has found a broader talent pool in which it is unable to catch any new fish. This is similar to paying for a full version of an app, only to find you can only use the functions that come with the free version.

Miller did state that of the rewards that came with winning the challenge, the most valuable were the formal training schemes rather than items like a new laptop. He also said that for him these schemes "could open up opportunities", whether in GSK or another organisation, for a role in cyber security later in his career.

And he hopes that he will be able to promote the importance of IT security internally to GSK staff - if he gets the chance.

But for now, he said, the only skills that are directly transferable are not those with a technical focus but skills such as team-working, presentational skills and the like.

This is clearly not what the Cyber Security Challenge UK organisers would want to hear.

A spokesperson for the competition told Computing that just 40 people have secured jobs following two full years of the challenge, while in total 7,000 people have registered for the competition. While this figure of 40 people could be an underestimate given that some participants - particularly anyone who has taken up a role in government - might not have reported back, it represents a disappointing 0.57 per cent of registered entrants that have gone on to secure roles in IT security.

What is most disappointing, though, is that while 40 people have found roles in IT security, the winner - and therefore perhaps one of those with the most talent - has decided that he'd prefer to stay in the pharmaceutical industry rather than take up a role in cyber security, an indication that there is still much work to be done to make the area a more attractive proposition. Without such an effort, recruiting the highest calibre of talent will be a real challenge.