Swiss Cyber Storm

Fact Sheet - 2018

Patronage:

The Swiss Cyber Storm association was founded in 2012 as a nonprofit organization. Its legal structure is a Swiss association ("Verein" in German) defined in the Swiss civil code (ZGB) Art. 60 ff .

The purpose of this association as stated in the byelaws is to promote young cyber security talents and to regularly carry out cyber security events for security professionals and decision makers.

The byelaws can be found on:

http://www.swisscyberstorm.com/res/statuten.pdf

Swiss Cyber Storm

History, legal form and purpose

The growing need for IT security professionals is widely acknowledged worldwide. As co-founder and national organizer of the European Cyber Security Challenge, Swiss Cyber Storm is trying to build interest in security work and help fill the looming skills gap. In the past 5 years, the challenge raised considerable interest and sparked many initiatives to promote the cyber security topic among the young (and also not so young). With the help of the ECSC steering committee, the number of countries with national cyber security competitions went up from three in 2013 to twenty in 2018.

However, while the ECSC could spark interest in the cyber security topic among the young, the high entry barrier turned out to be a challenge for many of them. A er all, there are no "gymnastic clubs" where they can meet and learn and train together! With its Swiss Whitehatters Acacemy launched in October 2017, Swiss Cyber Storm wants to change that. In 2018, we organize four training events to help beginners and advanced participants to dive (deeper) into the cyber security topic. The events are open to all young talents with a registration for the national qualification for the ECSC.

But supporting and promoting the next generation of IT security professionals is not enough. We also need to improve awareness and skills of todays workforce and encourage them to be open-minded, to share know-how whenever this is possible and to establish strong (social) networks to increase our odds for success when we defend todays and tomorrows IT infrastructure. This is why we organize the Swiss Cyber Storm conference, an all-in-one event with top speakers from around the world, ample oportunity to meet young cyber talents, and a lot of room for networking during the breaks and at the flying dinner with lounge & bar.

Motivation and activities

Swiss Cyber Storm Conference

Swiss Whitehatters Academy

European Cyber Security Challenge

Swiss Cyber Storm Conference

The Swiss Cyber Storm Conference is an all-in-one multi-track conference and networking event with top speakers from around the world. It brings together decision-makers, IT security professionals, techies and young talents. The center and pivotal point of the event is the networking area with the sponsor's booths, food & beverage and lounge & bar. This is also the place where the a er-conference flying dinner will be served and lively discussions and information sharing can continue late into the evening.

Date: 30. October 2018Time: 08:30 - 22:00, talks from 09:00 to 17:30Venue: Kursaal Berne, Switzerland

FormatWe run about 16 presentations in two tracks. Most of the talks are curated/happen by invitation. A third track is dedicated to talks from our sponsors. At the start and end of the conference, we join all tracks into a plenary session. In this session, our GOLD sponsor gets 20 minutes to address our audience. The conference is co-located with the CISO Summit. Its participants have a special program in the a ernoon.

BackingSwiss Cyber Storm is supported by the Swiss reporting and analysis center for information assurance (MELANI) and the Swiss Academy of Engineering Sciences (SATW).

AudienceThe audience is very broad and brings CISOs, security officers and management, techies and young talents together. In 2017, we had a total of 333 people from 150+ companies on site of which 245 werde attendees with a regular conference ticket (paying). The profile of the audience is approximately 50% decision makers and 50% techies.

The stats from 2017 are shown on the right. A participant list with job titles and company names can be provided on request.

For 2018, we expect 300 paying participans and up to 400 people on site.

Networking DinnerTo complement the o en (too short) networking opportunities during the day, we invite all participants to stay for dinner and to have a drink or two in our lounge and bar.

Raffle and Hacking-ChallengeTo encourage people to talk to our sponsors, we organize a raffle. For each visit to a booth, they can get a numbered ticket, each having a chance of winning a price. Furthermore, we run a hacking-challenge where techies and non-techies can test their skills and compete for one of the many prizes.

VenueThe Kursaal in Berne is a top modern concert and conference venue with a hotel and a view on the UNESCO world heritage old town of Berne. Berne has a direct train connection from Zurich airport (80 min) and a direct train right into the heart of the Alps.

The venue has a large open-space area, the "Forum", that serves as our exhibition-, food&beverage- and networking-area. In the evening, we'll serve a a flying-dinner there and participants can enjoy a drink or two from our bar.

The "Forum" and the rooms for the talks, the Arena and Szenario 1+2 rooms, are all on the same floor and next to each other. This makes switching tracks between the sessions quick and convenient. A map showing the "Forum" and the nearby rooms is shown below.

The "Arena", the largest conference room, will be used for the keynotes and the tech track. The "Szenario" rooms will be used for the management track and the track with the talks from sponsors.

Map with "Forum" and adjacent rooms:

Co-Location with Swiss CISO Summit For CISOs, Swiss Cyber Storm 2018 features an unique opportunity to join the co-located CISO summit in the a ernoon with their SCS ticket. The summit features keynotes introducing the topic of the summit that are then followed by guided discussions and knowledge-sharing in small groups.

Swiss Whitehatters Academy

Mission StatementOur mission is to find, support and promote young talents that show interest for the information security domain. We organize IT security challenges, training- and community events and offer a career model with incentives tailored to meet the specific requirements of young talents.

To promote the IT security topic among the young, we organizing high-quality events for teachers and/or scholars to show them how interesting and rewarding this topic can be. Whenever possible, we source the people required to implement the activities of the SWA from the SWA talent pool.

MotivationToday, a scholar, apprentice or student interested in IT security has a hard time finding like-minded people to meet with them, to share know-how and to improve their skills. This slows their progress down and makes acquiring skills early or skills that go beyond the “standard” skills taught at schools and universities very difficult. And if they do, the know-how acquired is not acknowledged by a trusted third party and therefore hardly an asset for their career. Furthermore, because IT security is rarely a topic in primary and secondary education (grammar school), it’s difficult to spark their interest early enough to compete with other fields for those talents.

ActivitiesThe SWA is the umbrella for the activities of Swiss Cyber Storm focusing on fostering the interest of young talents in cyber security topics and in promoting the topic and the talents. This currently involves the following activities:

- Organizing and running training- and community events- Organization of the Swiss qualification for the European Cyber Security Challenge- Organization of events for teachers and/or scholars at schools and universities

The school- and university events are done in collaboration with the Swiss Academy of Engineering Sciences. Members of the SWA maintain teaching material and give guest talks at schools.

Access to SWA EventsThe SWA events are open to the following people:

- Employees from the sponsors - SWA Members - Student members of partner organizations

The number of employees from sponsors is limited and depends on the sponsoring package chosen. The number of student members of partner organizations is limited too and is subject to space/availability.

Training- and community events in 2018There are four training- and community events in 2018. The detailed program will be published at least three weeks in advance.

Dates: 17.03.2018, 23.06.2018, 15.09.2018, and 05.12.2018Time: 10:15 - 15:30 Venue: Zurich or Berne

Location and start and end-time might be different from what is stated above for some events.

European Cyber Security Challenge

The growing need for IT security professionals is widely acknowledged worldwide. To help mitigate this shortage of skills, many countries launched national cyber security competitions targeting towards students, university graduates or even non-ICT professionals with a clear aim to find new and young cyber talents and to encourage young people to pursue a career in cyber security.

The European Cyber Security Challenge (ECSC) leverages on these competitions by adding a Pan-European layer. Top cyber talents from the European Union and EFTA meet to network, collaborate, and finally compete against each other during a unique event: the ECSC final.

Goal of the ECSC The goal of the ECSC is to place cybersecurity at the service of humankind, with a view to promoting a peaceful society concerned with the preservation of democratic values, freedom of taught, dignity and critical thinking.

The ECSC promotes friendly relations between attending countries, officials and players. ECSC provides the necessary institutional means to promote transparency and fairness of the competition between participants and to resolve any dispute that may arise between players.

Teams and Rules for 2018In 2018, 20 countries will send a national team to the ECSC. This includes the countries from 2017 and five new countries. The countries from 2017 are: Austria, Cyprus, Czech Republic, Denmark, Estonia, Germany, Greece, Ireland Italy, Liechtenstein, Norway, Romania, Spain, Switzerland, and United Kingdom. These teams then compete against each other to find out who has the best cyber security talents in Europe.

Each team consist of the top ten young cyber security talents of each country. More specifically, team of five (or more) people aged 14-20 years and five (or less) aged 21-25 years. How these top talents are identified is le to the participating countries.

An initiative from:

Swiss Cyber Storm and the ECSC In Switzerland, Swiss Cyber Storm is responsible for implementing the national qualification for the ECSC and for the management and coaching of the Swiss team. Furthermore, we are part of the steering committee that, with the support of the European Network and Information Security Agency (ENISA), shapes the present and future of this initiative.

Goal of the ECSC

Swiss team for the ECSC 2017 final in Malaga, Spain. Back row from le : Lukas Baege, Timo Kübler, Anthony Schneiter, Michael Gottburg, Loris Reiff. Front row from le : Miro Haller, Marcel Maeder, Toni Tanner, Raphael Husistein, Moritz Schneider

Selection process in Switzerland The selection process implemented by Swiss Cyber Storm has two-stages. The third stage is the ECSC final which is implemented by the ECSC steering committee and the national organizer of the hosting country.

This phase is open to all young talents aged 14 to 25 years. One way to qualify is to achieve a top ranking in our online qualification event on the Hacking-Lab platform. There, the participants have to solve security related tasks from domains such as web and mobile security, crypto puzzles, reverse engineering, and forensics. Another way to qualify is to participate in one of the online and/or on-site CTF events recognized by Swiss Cyber Storm. The requirements will be published on our challenge page.

Phase 1: Qualification for the Swisss final

Phase 2: National finalIn September, a er phase one, the top candidates meet at an on-site event with the goal to find the best talents and to form the Swiss national team for the ECSC. This team will consist of 5 juniors (aged 14-20) and 5 seniors (aged 21-25). To get into the team, contestants have to demonstrate their skills in domains like teamwork, strategic thinking, communication, presentation, cyber attack and defense.

Phase 3: European Cyber Security ChallengeIn the week of October 15th, the teams from 20 countries meet in London to spend the week together. During this week, they will learn new things, extend their personal networks and compete against each other to find out who has the best cyber security talents in Europe.

Switzerland01.05.2017 BFH News: Swiss Cyber Storm 02.05.2017 Netzwoche: Cyber Security Challenge startet in der Schweiz 02.05.2017 KleinReport (inkl. Newsletter): Ein Schweizer Hacker-Wettbewerb hat sich zur EM gemausert 05.05.2017 Computerworld: Junghacker für European Cyber Security Challenge gesucht 23.08.2017 ICT Kommunikation: Schweizer Finalisten für Nachwuchs-Hacker-Wettbewerb stehen fest 23.08.2017 Inside-Channels: Die besten Schweizer Nachwuchs-Hacker 23.08.2017 Inside-IT: Die besten Schweizer Nachwuchs-Hacker 23.08.2017 IT-Business: Die 20 besten Schweizer Jung-Hacker stehen fest 23.08.2017 Netzwoche: Die 20 besten Schweizer Jung-Hacker 2017 23.08.2017 Swiss IT Magazine: Die besten Schweizer Nachwuchs-Hacker 24.08.2017 KleinReport (inkl. Newsletter): Beste Hacker gehen in die nächste Runde 01.09.2017 L’Express: Le hacker ne cache pas ses failles 02.09.2017 RTS (19h30): Les hackers, nouveaux atouts de la cybersécurité 22.09.2017 Netzwoche: Swiss Cyber Storm startet Trainingsevents für Nachwuchs-Hacker 30.09.2017 Radio SRF (Echo der Zeit): Der gute Hacker als Netzpolizist 02.10.2017 Computerworld: Schweizer Akademie der «weissen Hüte» 02.10.2017 ICT Kommunikation: Swiss Cyber Storm lanciert Swiss Whitehatters Academy 02.10.2017 IT-Business: Wo ‹gute Hacker› besser werden 02.10.2017 Inside-Channels: Swiss Cyber Storm gründet Kontaktnetzwerk für White-Hat-Hacker 02.10.2017 Inside-IT: Swiss Cyber Storm gründet Kontaktnetzwerk für White-Hat-Hacker 02.10.2017 Online PC: Schweizer Akademie der «weissen Hüte» 03.10.2017 KleinReport (inkl. Newsletter): Networking-Reihe für Hacker gestartet 11.10.2017 HSR News: Informatik-Student der HSR verstärkt Schweizer Team 11.10.2017 ICT Kommunikation: E-Voting als Schwerpunkt bei der Swiss Cyber Storm Konferenz12.10.2017 Netzwoche: E-Voting ist Hauptthema am Swiss Cyber Storm 03.11.2017 AGEFI: Les jeunes hackers suisses décrochent la 10e place au Championnat d’Europe 03.11.2017 Computerworld: Schweizer Junghacker holen 10. Rang an Europameisterscha 03.11.2017 Corriere del Ticino: Hacker svizzeri decimi in Europa 03.11.2017 Inside-IT: Schweizer Junghacker landen an der EM im hinteren Mittelfeld 03.11.2017 La Liberté: Jeunes hackers suisses 10e au Championnat d'Europe de cybersécurité 03.11.2017 Netzwoche: Schweizer Junghacker enttäuschen 03.11.2017 Swissinfo: Jeunes hackers suisses 10e au Championnat d'Europe de cybersécurité 03.11.2017 Ticinonews: I giovani hacker svizzeri nella top 10 europea 04.11.2017 RTS: Espagne: la ville de Malaga accueillait le championnat européen de cybersécurité 04.11.2017 RTSinfo: Les hackers suisses terminent 10e au concours européen de cybersécurité 04.11.2017 Walliser Bote: Junghacker holen 10. Rang 04.11.2017 X. Studer (Blog): Sécurité informatique: la Suisse revient des Championnats d’Europe… 06.11.2017 Radio Sunshine: Nicht alle Hacker sind kriminell

Media Coverage - 2017

The list below provides an overview of the media coverage of the various activities of Swiss Cyber Storm and the ECSC in general between May and November 2017. Separate lists for media in Switzerland and abroad.

Press Review International (Selection)10.04.2017 SecNews (GR): European Cyber Security Challenge 2017: Qualification 20.04.2017 Futurezone (AT): Verboten gut: Die Cyber Security Challenge 2017 25.07.2017 Kingsbridge Gazette (UK): Sophia to represent the UK as an ethical hacker 23.09.2017 SecNews (GR): ECSC 2017: The last 10 go straight to the finals 28.09.2017 ERT (Greek national TV): European Cyber Security Challenge 2017 - Greek participation 01.11.2017 FE News (UK): UK’s best young cyber talent representing Britain in 2017 European Cyber Security Challenge 02.11.2017 Askanews (IT): European Cybersecurity Challenge, terzo il team italiano 02.11.2017 Computerworld (ES): España, campeona del European Cyber Security Challenge 02.11.2017 EuroWeekly (UK): UK cyber sleuths compete in European security challenge in Spain 03.11.2017 Agerpres (RO): România, vicecampioană europeană la European Cyber Security Challenge 2017 pentru al doilea an consecutive 03.11.2017 CNA (Cyprus News Agency): Cyprus team wins 6th place in European competition on cyber security, hosted by Spain 03.11.2017 Radio România 3NET (RO): România, vicecampioană europeană la European Cyber Security Challenge 2017 03.11.2017 Silicon (ES): Los españoles vuelven a ganar el título de mejores expertos emergentes en ciberseguridad dentro de Europa 03.11.2017 Stiripersurse (RO): Romania is European Vice-Champion at European Cyber Security Challen 2017 for the 2nd consecutive year 05.11.2017 La Gazzetta di Lucca (IT): La Nazionale dei Cyberdefender terza all'European Cybersecurity Challenge 06.11.2017 Gazeta Bucurestilor (RO): Cyber Security. România vicecampioană europeană