Last updated at Mon, 21 Oct 2019 14:41:14 GMT

This blog post was co-authored by Pete Cooper, organizer and host of the Cyber 9/12 Strategy Challenge, and Ainsley Katz, whose team, CamPhishing, won this year’s competition.

Cybersecurity is about more than technology. The UK Cyber 9/12 Strategy Challenge was founded to broaden the debate around the cybersecurity challenges we face, and the workforce we need to tackle them. Since we started in 2018, we have highlighted the need to broaden the way we think of cybersecurity skills, incorporating areas such as political science, policy, and international relations.

We are proud to have found and coached amazing competitors from across many UK universities. These competitors have come from multiple disciplines and demonstrated fantastic teamwork, knowledge, and the ability to be future cybersecurity leaders.

This year, Rapid7 provided the prize for the winning team, bringing them to Las Vegas to experience the DEF CON security conference. The blog below from Ainsley Katz, one of the members of the winning team, details her experience of competing, attending DEF CON, and entering the cybersecurity community in a professional international relations capacity. Thank you and congratulations to Ainsley and the rest of the Cambridge University team for participating in the competition and demonstrating amazing insight, passion, and engagement through both the competition and their trip to DEF CON.

— Pete Cooper, CEO of strategic security consultancy, Pavisade, Atlantic Council Senior Fellow, and the founder and director of Cyber 9/12 UK

My experience with the Cyber 9/12 Strategy Challenge, by Ainsley Katz

If someone asked me about my post-grad plans in January, I wouldn’t in my wildest dreams have envisioned flying an F-35 in Las Vegas or working at the U.S. Cyberspace Solarium Commission. In January, I was studying for my MPhil in International Relations and Politics at Cambridge University, and my understanding of all things cyber was almost as rudimentary as binary code flying around in space. All this was prior to participating in the Atlantic Council’s Cyber 9/12 Strategy Challenge.

Though I had no prior cyber experience and enough on my plate with my master’s coursework and dissertation, when I learned of the Atlantic Council’s Cyber 9/12 Strategy Challenge, I felt
strangely compelled to participate. Just as mysterious was the gravity by which a hodgepodge collection of three fellow MPhil students and myself coalesced, received sponsorship from Cambridge's Academic Centre of Excellence in Cyber Security Research (ACE- CSR), and found a team coach in ACE-CSR member Dr. Jat Singh. Suddenly, and seemingly ex nihilo, team CamPhishing was born.


Cambridge University Team ‘CamPhishing’ From left: Gary Dreyer, Ainsley Katz, Tomass Pildegovics, Jamie MacColl

Competing in the Cyber 9/12 Challenge was one of the most unique, valuable, and enjoyable highlights of my Cambridge experience. The competition sees UK university teams take on the role of senior government advisors tasked with assisting ministers in responding to an evolving cyber-attack. Over two days, the scenario evolves through three rounds, with a grand finale in front of senior UK cybersecurity experts.

Winning the Cyber 9/12 Challenge was as incredible as competing. For the First Place Prize, CamPhishing was generously sponsored by Rapid7 to attend a huge cybersecurity conference, DEF CON, in Las Vegas. Over the course of the conference, I heard the likes of Rep. Jim Langevin, Jane Harman, and Rapid7’s own Jen Ellis discuss congressional efforts to address evolving cyber-related issues. I also learned about the current challenges faced by Tor, heard Bruce Schneier’s clarion call for greater technologist involvement in policymaking, and listened to the White House’s Joshua Steinman discuss the elimination of the Cybersecurity Coordinator role on the U.S. National Security Council. Oh, and did I mention I flew an F-35? Granted, it was an F-35 flight simulator in the DEF CON Aviation Village and my flight skills weren’t at all up to the snuff of an Air Force pilot, but it was nonetheless quite the experience.


Three-fifths of Team ‘CamPhishing’ From left: Tomass Pildegovics, Ainsley Katz, Jat Singh

All in all, the Atlantic Cyber 9/12 Strategy Challenge certainly succeeded in interesting me to work in cybersecurity. Since DEF CON, I have begun working as a Cyber Strategy and Policy Analyst with the U.S. Cyberspace Solarium Commission. The Cyber 9/12 Challenge prepared me to think critically about proportional and viable policy options when dealing with cyber-attacks, while DEF CON not only taught me vital practical and technical topics in cybersecurity, but also introduced me to some of the most impressive and interesting individuals working on cyber-related issues today. For these reasons and more, I wholeheartedly recommend the Cyber 9/12 Challenge to students, regardless of their prior experience (or lack thereof) in all things cyber.