First-ever Cyber OSPAs winners announced

THE WINNERS of the first-ever Cyber Outstanding Security Performance Awards (Cyber OSPAs) were announced on Tuesday 14th December.

During a virtual awards ceremony representatives from across the cybersecurity sector tuned in live from around the world to celebrate the outstanding achievements of all this year’s finalists and winners.

Professor Martin Gill founder of the Cyber OSPAs hosted the awards ceremony with assistance from judges and sponsors.

In his opening address, Gill noted surprise by the amazingly high level of response received – especially in the first year and thanked all those who had made the inaugural awards such huge success.

The panel of judges were nominated by the leading cyber security associations from around the world – all of whom marked to a published ethics policy – had no easy task in reviewing the many nominations and selecting the winners.  Entries were received from countries as diverse as Australia, Belgium, Egypt, Germany, India, Ireland, Malaysia, Romania, USA, UAE and the UK.

The awards were presented in 11 categories to a deserving array of organisations and individuals.

The 2021 winners of the Cyber OSPAs are as follows:

Outstanding Chief Information Security Officer
Glen Hymers – Save The Children International
Whilst working for Save the Children International, Glen helped create an environment where Cyber Security was at the top of the agenda across the Save The Children Movement, he brought all the members together and worked with them to establish a single Cybersecurity control framework thereby ensuring that the movement was stronger as one movement rather than split across the 31-member organisation.  Judges noted that Glen had demonstrated excellent leadership skills, building and developing an effective cyber security team which could operate with reduced CISO input, and his success should be applauded.

Outstanding Cyber Security Professional
Anna B – AWE
Anna B leads the AWE Security Operations Centre.  She is an outstanding cyber professional with proven expertise in risk management, cyber incident management, security training and threat analysis.  She leads – by example and expertise – a high performing team of cyber professionals who are responsible for the security of the systems protecting the UK’s ultimate deterrent.  Judges noted that through her leadership she had developed a strong and effective cyber security team and evidence suggests she had made a significant difference to the cyber security culture of the organisation.

Outstanding Cyber Security Team
Marken Information Security Team
Within the last year, the Marken Information Team designed and implemented a new architecture that unifies a suite of best-in-class security solutions following an XDR mindset.   The architecture is a departure from conventional layered pyramid models.  It leverages a ‘hub and spoke’ design and utilises a standardised set of APIs to facilitate cross-product communication.  The seamless workflow – and tight integration across multiple threat vectors – enables potential threats to be analysed using a 360° context.  Judges noted that the team had demonstrated effective engagement of internal and external stakeholders, building good relationships with third party suppliers as well as adding value, by providing an effective and appropriate cyber secure environment for the business to operate within.

Outstanding Cyber Security Consultant
Peter Yapp – Schillings International
In just two years, Peter Yapp has transformed Schillings’ Cyber practice from a small team of incident responders into a full-service cyber security consultancy.  The firm’s cyber clients now include some of the biggest names in business, entertainment and government.  Not someone to be siloed by his field, Peter has successfully positioned proactive cyber defence as a fundamental pillar of reputation risk management.  He continually drives excellence within Schillings by educating colleagues on the latest cyber trends and best practice.

Outstanding Customer Service Initiative
iSTORM® Privacy – Security – Pentesting
As the main output for its penetration testing services, iSTORM® delivers a customer-friendly report that collates scan and test data from multiple sources. Previously these reports were delivered digitally as a static PDF document. After reviewing their service delivery process and surveying customers, they developed a secure portal that digitised their report delivery process for penetration testing and security audits.  Judges noted that the development of the portal is innovative and provides sustainable improvements to customers.

Here at iSTORM® our mission has always been to combine the best possible customer experience with market-leading delivery for every client, every time, so to have won the award and achieve external recognition from the OSPA judges for outstanding customer service means a lot to us. We’d like to say to huge thank you to the Cyber OSPA judges for their comments and to the Cyber OSPAs team for creating a new kind of awards for the industry, we’re very happy to be the first winners!

Harvina Bains – iSTORM

Outstanding Cyber Security Training/Awareness Initiative
NPCC National Cybercrime Programme
The NPCC Cybercrime Training Programme provides police forces in England and Wales with the skills needed to be able to respond to a report of cybercrime and fully investigate any criminal activity, prosecute offenders where necessary but also divert individuals on the cusp of criminal activity on to productive paths. The Programme gives staff the technical skill to advise and protect individuals and organisations in cyber security to help better protect themselves against cybercrime.

Outstanding Cyber Security Partnership
North East Business Resilience Centre
The North East Business Resilience Centre (NEBRC) was established in 2019 as a result of a pioneering, police-led partnership with an overarching aim to support regional businesses from cyber-crime and fraud.  This unique partnership brings together police, academia, public and private businesses, investors and members, all working to deliver business resilience services, protecting people, places and processes from risk.  The NEBRC has since been used as a template for eight other centres across the UK.  Judges applauded the successful sustainable cyber security partnership which was delivering tangible results.

Outstanding Police/Law Enforcement Initiative
NPCC National Cybercrime Programme – Police CyberAlarm
Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. It acts like a “CCTV camera” monitoring the traffic seen by a member’s connection to the internet. It will detect and provide regular reports of suspicious activity, enabling organisations to minimise their vulnerabilities. Vulnerability scanning can be added and used to scan an organisations website and external IP addresses, providing regular reports of all known vulnerabilities.  By sharing suspicious activity data with Police members help identify trends, react to emerging threats and identify, pursue and prosecute cyber criminals.  Judges noted that the programme has and continues to make a real difference in fighting cybercrime, not only raising awareness, but doing something positive around prevention, detection, respond and recovery.

Outstanding Young Cyber Security Professional
Sarah Norman-Clarke – Department for Transport
Sarah is Head of Information and Cyber Security at the Department for Transport.  She leads the team with responsibility for the knowledge and information management and information assurance functions as well as being accountable for the department’s cyber security as its CISO.  Her career has encompassed both Civil Service and the private sector having held a series of increasingly senior roles. Prior to joining DFT she worked at the Medicines and Healthcare Products Regulatory Agency. 

Outstanding New Cyber Security Product
Deduce Customer Alerts – Deduce
Deduce offers the world’s first truly affordable real-time online fraud technology, safeguarding over 400 million online consumer profiles for 1% of the cost of systems previously only accessible to Internet giants.  Deduce Customer Alerts is available to businesses of all sizes across eCommerce, Technology, Education, Mobile Apps, Travel/Entertainment, Banking/Fintech, Cloud/Infrastructure and IT.  Their service integrates into any B2C or B2B2C platform where customers or user data is exposed to potential compromise. 

Lifetime Achievement
Dr. Robert (Bob) Nowill
Bob has held a range of significant appointments throughout his career and has been at the heart and forefront of IT and engineering development, and in later years the infosec and cyber security profession we know today.  He has always strongly supported developing the profession and attracting talent to it.  His key focus has been on helping and supporting others, and over the years, has been able to put in place schemes to help train, educate, professionalise and do other good things for technical people – developing some great capabilities and able people along the way.  In more recent years his focus has been mainly, but not exclusively young people – encouraging them to come into the profession and champions the importance of inclusion and diversity in the sector.  Judges felt that Bob had made a substantial impact on the development of cyber security and was very deserving of the inaugural Lifetime Achievement award.

I am delighted to have been recognised through this lifetime achievement award from the OSPAs 2021. This is a fantastic reflection on all those I have worked with and who have supported me since I started work and then on to University in 1974 – and before that the encouragement and enthusiasm imparted at school. Much of that pre-dates ‘cyber’ as a part of the day to day vocabulary, though all the roles and things I have been done have in retrospect been very close to how that has all evolved.

Dr. Robert (Bob) Nowill

The event organiser would like to thank all those who helped to make the 2021 Cyber OSPAs such a success, including global industry associations and their representative judges, Nineteen Group and this year’s media partners, Digital Forensics Magazine, The Investigator, My Security Media, International Cyber Expo and the National Cyber Security Show.

The awards ceremony live stream can be viewed on demand here.