Cyber 9/12: How to Address the Cyber Talent Crisis

Many are familiar with the frequently quoted statistic in cybersecurity that there are still not enough skilled professionals to meet the needs of cyber talent-hungry employers. While more recent predictions for growth do appear to be levelling, global labour estimates report that millions of specialist roles continue to remain unfilled.

A key consideration for any nation seeking to secure its digital future is to invest in the next generation of cybersecurity professionals. Atlantic Council’s Cyber 9/12 Strategy Challenge is a specialised hackathon competition aimed at helping affiliate nations achieve just this.

Part interactive learning experience and part competitive scenario, Cyber 9/12 aims to engage students across a range of disciplines who are interested in cybersecurity to test their skills, develop their strategic thinking abilities and prepare them for cyber challenges of the future. Since its 2011 kick-off in Washington D.C., the challenge has grown into an international event, with sister events taking place across six different cities and three continents.

After passing a preliminary application phase, teams of four are provided with the first of three separate intelligence dossiers, each detailing progressive stages in a complex and developing cyber crisis scenario affecting the UK. The competitors’ main task is to take on the role of senior government advisors tasked with assessing the available intelligence to produce a coherent and effective set of policy options for the UK government to consider.

Teams attend a series of live briefing sessions where they will present their findings to a panel of VIP judges, ranging from industry professionals to policy leaders from across the world. Qualifying competitors are then provided with additional challenges aimed at challenging their initial assumptions about the scenario and testing their on-the-fly decision making abilities.

This year’s situation is particularly interesting. The first dossier contains a range of materials ranging from classified intelligence reports and intercepted communications to media articles and Twitter screenshots. Taken together, these sources implicate a group of radical climate change activists in a series of cyberattacks affecting UK critical national infrastructure. More specifically, the attackers appear to be targeting a specific IoT component used in AC units employed in variety of sensitive settings including large-scale food storage units and train stations, as well as airports, coal mines, and other critical facilities.

Meet Team KingPhisher

As a team of (mostly) King’s students, we aim to live up to King’s reputation as an NCSC-recognised centre of excellence for cybersecurity. Diverse in our academic interests and varied in terms our respective backgrounds, we are excited to bring our unique experiences and skillsets to bear in this year’s London-based competition. Take a look below to learn more about each of our experiences along the way!

Sarah (Montreal, Canada) – MA International Affairs: “What I’ve liked most about the competition is how hands-on it has been. It’s offered us all a window into the policymaking process and has certainly encouraged us to consider the nuts and bolts of how a government might actually respond to a cyber crisis. It’s also been a test for us in terms of our ability to quickly interpret, assess, and then act upon information from multiple sources to settle on sensible policy options. This experience has definitely been one of the highlights of my academic journey!”

Nick (Boston, USA) – MA Science and International Security: “While I had a bit of IT industry experience before beginning my MA, taking part in the competition has definitely challenged me to try and understand exactly how governments conduct cyber policymaking. Especially as an American, it’s been really exciting to learn more about UK-specific approaches in this area, as well as to try and think innovatively about how present policies might be strengthened. I’ve also really enjoyed how immersive the overall experience has been. The scenario materials were clearly put together with care and in a way that really makes you feel as though you’re responding to a real-life crisis scenario. I know we’re all excited to see what else the Cyber 9/12 team has in store for us – that will definitely serve as motivation for us to wow the judges in the qualifying round!”

Siddhant (Gurgaon, India) – MA National Security Studies: “While my prior academic focus has been in International Relations, Intelligence, and the use of Special Forces in the Indian context, I have increasingly come to focus on cybersecurity, particularly as a lens through which to understand India’s vulnerabilities vis-a-vis its geopolitical rivals. So far, the Cyber 9/12 competition has proved to be a great opportunity for me to develop more in-depth knowledge in this field, especially when considering national responses to mounting cyber threats both from home as well as abroad. I hope to leverage my learnings from this competition to make a strong start at the intersection of cyber policy and international relations.”

Miezko (London, UK) – BA, Computer Science: “This competition is a strategy challenge first and foremost, so taking part has been an eye-opening experience for me, particularly as someone more familiar with the technical side of cybersecurity. Competing has really challenged me to think about how to approach topics like risk and governance – areas that I hadn’t really explored before – as well as given me the opportunity to learn about these areas from my fellow peers in the process. It has also been an opportunity to apply my existing knowledge to answering some of the larger questions and issues surrounding the legal, criminal, and international policy aspects of cybersecurity. Overall, everyone’s depth and range of experience has been great exposure for me intellectually and, quite honestly, I think that it’s our source of competitive advantage. We’re all very excited to be participating in the qualifying stage of the competition and I think that we have what it takes to keep pushing on into the finals! Go KingPhisher!”

The UK Cyber 9/12 semi-finals and finals will take place virtually on 15-16 February.