The Teams for the 2020 Cyber 9/12 UK Strategy Challenge
The Challenge
The Cyber 9/12 UK Strategy Challenge is designed to identify and foster the next generation of policy and strategy leaders for the cyber security challenges of the future.
Following the highly successful Atlantic Council framework and our inaugural competition in February 2018, UK University teams had a fantastic event in 2019 which saw the winning team being given flights, accomodation and tickets to Blackhat 2019 in Las Vegas!!!...
In the Cyber 9/12 UK Strategy Challenge, teams of four competitors take on the role of senior advisors to government and industry dealing with a complex escalating cyber-attack with national and international ramifications across government and Industry. Teams first need to asses and understand the technical and strategic implications of the scenario before briefing judging panels of senior cyber leaders drawn from across the UK and international community.
The competition is designed to provide students across multiple academic disciplines, be they technical or non-technical, a deeper understanding of the strategy challenges associated with cyber security and conflict.
Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyberattack, analyze the threats and risks and then propose effective mitigating policies and strategies to panels of expert judges. Over two days, the scenario evolves through 3 judging rounds into a grand final in front of a panel of senior cyber security leaders and all the other competitors.
The competition generates and promotes blended learning, communication, understanding and value across all professions and industries that are involved in cyber security. It also emphasises the value of a cyber security workforce with diverse skills which enables a comprehensive national approach and promotes innovation.
With our amazing Strategic Partner BT, and full backing and participation from government, industry and our Affiliate Partners on both sides of the Atlantic, the Cyber 9/12 UK Strategy Challenge is unique, influential and drives UK and international dialogue about how to approach the cyber security challenges that we face. Organisations and companies that share our passion for finding and developing the cyber security workforce of the future are more than welcome to partner with us so please just get in touch.
We look forward to seeing more teams, coaches, judges and amazing sponsors in BT Tower again in Feb 2020!
Whether you are a potential competitor, coach, judge, sponsor or want to help with delivery, please follow us on twitter @cyber912_uk / #cyber912
You can also see some of our video showcase on YouTube by searching for Cyber 912
We still welcome applications from potential partners / sponsors. Please don't hesitate to reach out directly to sshahwan@atlanticcouncil.org
Competition Video 2019
The Atlantic Council, in conjunction with industry sponsors and academic partners, with the support of Her Majesty’s Government, will again be holding the Cyber 9/12 UK Strategy Challenge in BT Tower, London on Monday 17th - Tuesday 18th Feb 2020!
The competition has been designed to provide student competitors across varied disciplines a deeper understanding of the strategy challenges associated with cyber security, crisis and conflict. The diverse skill sets of its participants will be tested as they are presented with a variety of scenario injects ranging from news reports, technical reports, intelligence reports and social media feeds. As a team they must develop their joint understanding of the problem, develop options, and then present their suggested solution in a verbal presentation to judging panels.
The judging panels, consisting of experienced industry, academic and HMG cyber security experts will be able to ask questions of the teams and then score the team’s performance before giving feedback.
Semi-finalist teams will be announced at the end of the first day, after which they must quickly get up to speed with scenario developments before again presenting on the morning of day two. For the teams that didn’t get through to the semi-final, they will be given a separate expert coaching session before everybody joins together in the afternoon to listen to the final round.
Although the finalists will be vying to score highy and win prizes, it's about more than that. The competition generates unique value and experience for all the students irrespective of their academic discipline, be they technical, policy or strategy and also brings current senior national and international cyber security thought leaders together with those of the future.
Team and Coaches - Eligibility and Requirements
The Cyber 9/12 UK Strategy Challenge is designed to offer UK university students across a wide range of academic disciplines a better understanding of the strategy challenges associated with cyber security and conflict. Part interactive learning experience and part competitive scenario exercise, the Strategy Challenge gives students interested in cyber security strategy an opportunity to interact with expert coaches, judges and cyber professionals, all while developing valuable skills in analysis and presentation.
Individual teams must consist of 4 students in full time UK university education either pre or post grad at the time of registration. Part time students, or those that have already entered the workplace in cyber security roles are not eligible to enter the competition (If you are unsure of eligibility, please reach out before registering..). It's also worth emphasising that the competition aims to highlight the value of diversely skilled teams in understanding cyber security challenges. Participants are therefore encouraged to reach out to peers across different disciplines when forming teams.
Each team must also have a coach that can help prepare them for the competition. The coach will ideally be from their own university and is likely to be experienced in organisational, national and international cyber security challenges. In the rare case when teams struggle to find a coach, the organising committee may be able to assist in finding one.
Who are the Atlantic Council Cyber Statecraft Initiative?
The Atlantic Council - Working Together to Secure the Future. Renewing the Atlantic Community for Global Challenges
The Atlantic Council promotes constructive leadership and engagement in international affairs based on the Atlantic Community's central role in meeting global challenges. The Council provides an essential forum for navigating the dramatic economic and political changes defining the twenty-first century by informing and galvanizing its uniquely influential network of global leaders. Through the papers we write, the ideas we generate, and the communities we build, the Council shapes policy choices and strategies to create a more secure and prosperous world.
Who are the Atlantic Council Cyber Statecraft Initiative?
The mission of the Atlantic Council’s Cyber Statecraft Initiative is to: 1) Examine the nexus of geopolitics and national security with cyberspace; 2) Continue to build out the new field of cyber safety in the Internet of Things; and 3) To help build the next generation of cybersecurity and cyberspace policy professionals. Throughout all of its work, the Initiative focuses relentlessly on providing practical, innovative, and relevant solutions to the challenges in cyberspace. The Initiative brings together a diverse network of respected experts, bridging the gap between the technical and policy communities.
What is the Cyber 9/12 Strategy Challenge?
Now entering its eighth year globally, the Cyber 9/12 Strategy Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges associated with cyber crisis and conflict. This will be the third UK competition. Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyber-attack and analyse the threat it poses to national, international, and private sector interests.
Students have a unique opportunity to interact with expert mentors and high-level cyber professionals while developing valuable skills in policy analysis and presentation. The competition has already engaged over 1000 students from universities in the United States, United Kingdom, France, Australia, China, United Arab Emirates, Poland, Switzerland, Hungary, Sweden, Finland, and Estonia.
Why is it called 'Cyber 9/12'?
The genesis of the event back in 2011 was comparing the challenge of protecting against '9/11' style attacks versus protecting against major cyber attacks. To link up the concepts, the name 'Cyber 9/12' was chosen.
Why now for a UK Cyber Strategy Challenge?
Like many nations, the UK faces a critical shortage of cyber security professionals. Great progress has been made in highlighting the value of technical skills and there are some fantastic national technical competitions that are finding amazing talent. But to be nationally resilient in facing our cyber security challenges we need a talented diverse workforce consisting of technical, policy and strategy skills. The Cyber 9/12 UK Strategy competition is the only competition that pulls together mixed discipline teams consisting of technical expertise and policy expertise and gives them a realistic joint challenge. It is hoped that we can use this to promote the dialogue around the value and need for cyber strategy and policy expertise, how we generate these skill sets and how to strengthen the teamwork between both technical and non-technical disciplines.
Who can compete?
Full time students currently enrolled at a UK university in an under-grad or post-grad course on the date of the registration deadline who have not yet entered full-time emplyment in a cyber security role are eligible to compete. We also welcome competitors who have participated in the Student Challenge in previous years. There is no explicit academic discipline, coursework, or prior experience in cyber security or conflict necessary to compete, but teams should expect to be able to demonstrate a strong link between cyber strategy and their current academic interest.
Is there funding for travel and accomodation?
There is no central travel or accomodation funding available for competitors to attend the competition. Applicants are highly encouraged to inquire about funding from their home institutions.
How do I register?
Registration for the competion is available through the link on both this website and the Atlantic Council Cyber Statecraft Initiative website.
Are there any requirements on team composition?
Each team must include four students. Teams that register less than four competitors may be considered at the discretion of the Competition Director, space permitting. There are no requirements for team composition based on academic disciplines but diversity is encouraged.
Each team must also recruit a University staff member to act as their team coach and mentor. While coaches are not required to attend the competition event, their participation is necessary to ensure that all teams have access to assistance in crafting their responses.
Can all registered teams take part in the competition?
The Atlantic Council reserves the right to limit the number of teams competing in the Cyber 9/12 Strategy Challenge. If the number of teams registering for the competition exceeds logistical capacity, the registration questions will be analysed by a review board to determine which teams qualify for the event. Should the review process become necessary, all registered teams will be notified as soon as possible.
How is the competition structured?
Around one month before the competition, all competing teams receive Scenario Pack 1, setting the stage for the simulated cyberattack. The teams are then given approximately three weeks to prepare a short written policy brief on the scenario.
The two days of the competition are divided into qualifying, semifinal, and final rounds. On the first day, each team will give a 10 minute verbal presentation to a panel of judges, who will then have 10 mins to ask questions, score and give feedback. The highest scoring teams advancing to the semifinal round will be announced at an evening reception on the Monday, where they will also receive Scenario Pack II which further evolves the simulated scenario.
On the second day, in the UK competition, teams not advancing to the semifinal round will be given a morning of expert coaching by senior industry leaders as well as the opportunity for a question and answer session to explore how to improve their skills.
Semifinalist teams will (in the same process as the first day) present their updated strategy recommendations based on the evolved scenario. Teams advancing to the final round receive Scenario Pack III and very limited time to evolve their recommendations. During the afternoon of the second day, the three finalist teams will present in the auditorium to a panel of senior judges and all other competitors not taking part in the final. The competition concludes with an awards reception.
Is there a set of competition rules?
A comprehensive set of competition rules will be distributed to all teams and coaches before the competition starts.
What tasks are part of the competition?
The competition scenario will focus on a fictional evolving and escalating cyberattack scenario described through three packs consisting of multiple fictional inserts ranging from press, intelligence reports, white papers etc. The competition encompasses tasks, both written and oral, that challenge students to respond to the political, economic, and security problems created by the evolving cyberattack scenario.
Written Cyber Strategy Brief
Before the arriving at the competition, the teams will submit a short strategy brief giving their analysis on what has been presented to them in the scenario materials. This brief is limited to 500 words and two pages of A4. The score for this strategy brief will be added to the oral presentation scores from Round 1 to decide what teams go through to the semi-final.
Oral Cyber Briefs
Teams will be given ten minutes to present their policy recommendations, followed by ten minutes to answer direct questions from a panel of judges. More detailed instructions will be distributed to the teams before the competition.
Decision Document
Teams will be required to submit a "decision document" accompanying their oral presentation at the beginning of the first round and semi-final competition round. The "decision document" will be no more than two sides of A4 in length, outlining the team's decision-making process and recommendations. It must be stressed that this document is used to support the oral presentation, and judges will only be given 2 mins to read it before the presentation starts, clarity and brevity are highly recomended.
Is there a required format for the oral briefing?
There is no requirement for the structure or format of presentations. Presentations are limited to ten minutes. Each team must decide how to best conduct their briefing.
Can presentation aids be used for the oral presentations?
NO presentation aids (e.g., PowerPoint, props, or posters) are permitted. Teams will not be allowed to use electronic devices such as mobile phones and computers during the competition events, when teams are presenting or answering judge questions. However, teams may use electronic devices such as mobile phones and computers during the breaks between rounds. Paper notes are highly encouraged at all times during the competition.
What sources can I use to prepare my responses? How should these sources be cited?
Sources and citations are not required for the written policy response. If used, they will count toward the total page count.
What prizes will be awarded?
There will be awards for the top performing teams based on score, as well as team awards for best written brief, best oral presentation, best teamwork, and most creative policy response alternative.
What should I bring to the competition?
There are no restrictions on what teams may bring with them to the venue. However, during the competition rounds, no electronic assistance will be permitted. Teams are encouraged to use written or printed notes to help them during their presentations.
Is there a recommended hotel to stay in for the competition? Is there a conference rate available?
Unfortunately, we do not have conference rates available.
Where do I find more information on the competition?
For more information, please visit the Atlantic Council website or contact us using the links on this website or through social media.
The 2019 Strategy Challenge
'Cam Phishing', 2019 Winners of UK Cyber 9/12 Strategy Challenge being presented with their prize by Lord Toby Harris
Danny Steed from Resolve Cyber running the Mentoring Session
Fmr Sec Gen of NATO, Lord George Robertson, chats with Competition Director, Pete Cooper about current geopolitical challenges, cyber security and NATO
Craig RIce mentoring teams on day 2
2018 Strategy Challenge Gallery
This year's competition took place at the iconic BT Tower, London UK
Cyber 9/12 2018 First Prize being presented by Cath Goulding, CISO, Nominet
Cyber 9/12 2018 Grand FInal - Main stage at BT Tower presenting to the judges and all the competitors
Cyber 9/12 2018 - Teams working with the backdrop of one of the best views in London from the top floor of BT Tower
Cyber 9/12 2018 - Teams taking a break to look out on the best view in London from the top of BT Tower
Cyber 9/12 2018 competitors meeting with some of the sponsor recruitment teams
Cyber 9/12 2018 competitors in the iconic venue of BT Tower
Top floor of BT Tower during the reception
