The Government Communications Headquarters (GCHQ) – the UK’s central spy agency specializing in electronic intelligence gathering – is perhaps more worried than most, with many of its skilled tech wizards leaving for better paid jobs in the private sector.
In an attempt to shore up its defenses against hostile states and criminal gangs operating online, the spy service has launched a computer security competition open to all Brits aged 16 and over in the hope of discovering the cyber security experts of tomorrow.
The Balancing the Defence test puts contestants “in charge of managing the risk to a Government department’s computer network. You will analyse the network, looking for vulnerabilities that an attacker could exploit, and apply a range of defensive controls,” it says on the competition’s website.
“Some will be technical in nature, but others will be based in the security policies you establish. Your budget is limited and you will have to make tough decisions about which controls you can apply to get value for money and reduce the risk to your network.”
Registration for the competition ends September 26, with the test lasting five days from from October 1.
The designer of the test – a GCHQ employee known only as ‘Karl’ – told the Guardian that no computer system can ever be 100 percent protected.
“There is no such thing as a completely secure system – businesses will always need to balance where to spend a limited budget, to manage risks and provide opportunities,” he said.
Back in June, the head of the UK’s domestic security service, MI5, said he was shocked by the number of cyber attacks taking place against the country.
“The extent of what is going on is astonishing, with industrial-scale processes involving thousands of people lying behind both state-sponsored cyber espionage and organized cyber crime,” MI5 boss Jonathan Evans told said in a speech in London.
With that in mind, the British government will certainly be hoping GCHQ’s cyber security competition uncovers some bright sparks who can help build an effective system to defend against attacks, ensuring the protection of highly sensitive information in the process.