European Cybersecurity Challenge

With October being the National Cyber Security Awareness Month (NSCAM), it would be naive not to mention Metis’ contribution to the European Cyber Security Competition 2021.

What is ECSC?

As the name suggests, ECSC is a cyber security focused annual competition which brings together talented people with an interest in cybersecurity to compete in an effort to solve as many cyber security challenges as possible. The growth of the competition has been steady over the last few years with an increasing number of national participations and higher quality scenarios/setups. This year, the competition hosted 19 EU countries (and Canada) with a 10-person representative team each in the age range of 14-26. The competition aims to attract young talent to the cyber security sector and at the same time, raise cyber security awareness.

During the competition, the players are presented with a finite list of challenges in a wide variety of categories. These include but are not limited to: reverse engineering, binary exploitation, web application hacking, cryptography, forensics and steganography. When the competition countdown hits zero, the teams are required to solve as many challenges as possible to accumulate points and climb up the scoreboard.

Team Cyprus

Cyprus has been a great supporter of the competition and this is the 4th consecutive time that A Cypriot team competes in the competition. The team is composed of 10 players (5 senior and 5 junior), and 6 coaches. In the light of the final scoreboard results it was with great pleasure and pride to see that the Cypriot team demonstrated an outstanding performance and secured the 6th place in the competition. It was even more satisfying to know that one of our own Metis co-founders, Antreas Pogiatzis contributed to the success of the team as one of the coaches.

Cyprus Cybersecurity Team

We have reached out to Antreas with the questions below, which he gladly answered and gave us a deeper insight about the competition, his role as a coach and how this experience relates to the cyber security practices within Metis.

What does the role of the team coach entail?

“The role of the coach comes with great responsibilities. As you may have guessed, the team is formed through a national qualifier. In a nutshell, the national qualifier is a Capture-the-Flag (CTF) competition akin to ECSC, but at a smaller scale. A key job of the coaches is to create the challenges - which is a fairly time consuming process - ensure the quality and balance of challenge categories created for the CTF while at the same time providing support during the qualifier. What’s more, we have to sift through the top performers of the challenge to form a team and provide the appropriate training until the date of the competition. The training includes workshops, live walkthroughs, 1-2-1 support or simply just playing other CTFs with the team. Finally, we escort the team to the competition and provide the final tips and advice before the countdown hits zero.”

What do you think are the key factors of the success of the team?

“I genuinely believe that the recipe of optimal continuous learning and improvement, in any area, not just cyber security, requires three distinct ingredients: learning material, practical application and mentorship. We, as coaches, seek to provide all those three to the team members in one form or another. Initially we introduce the members to a Cyber Security community that was built in the last 3 years called CYberMouflons. There, they can find all three ingredients mentioned but on top of that we strive to create structured learning material which can be followed by practical application (often as CTF challenges) while at the same time providing guidance or mentorship. The talent of the team can’t be dismissed, of course, but remember, hard work beats talent, and this team demonstrated exceptional determination and hard work. I believe all of the above were the key factors of the team’s success.

How does this experience relate with the Cyber Security practices within Metis?

At Metis, we place the integrity and security of our users as one of our top priorities. Cyber threats are becoming increasingly ubiquitous and complex, therefore it is our duty and responsibility to employ modern, high standard cyber security practices. However, cyber security and cyber resilience isn’t just a technical solution, it requires collaborative effort and continuous improvement by all the stakeholders involved. Coming back to the question, being involved in such competitions as player, it has given me valuable insights and awareness on the modern cyber defence techniques but more importantly as a coach working closely with others, I had the opportunity to delve into the mindset of a third person trying to understand cyber security concepts and assist with the practical implementation of that. These skills are priceless when it comes to the implementation of a company wide cyber security strategy and thus I am grateful that I had the chance to develop them as part of the competition.

Are there any final remarks?

Finally, I would like to congratulate and commend the team for their hard work once more and thank my co-founders at Metis, firstly for giving me the opportunity to share my experience, and secondly for always being alert and vigilant when it comes to cyber security concerns.

To learn more about Metis you can check out our website or subscribe to our newsletter.

For all the latest Metis news follow us on Telegram, Twitter, Bitclout, and LinkedIn.