Enter

The Cyber OSPAs, based on the international Outstanding Security Performance Awards scheme, recognise and reward companies, teams, individuals, products and initiatives across the cyber security sector.

The Cyber OSPAs are open to those companies and people providing a product or service in the UK. All those outside of the UK should consider entering the Outstanding Overseas Initiative category. 

The categories for the Cyber Outstanding Security Performance Awards (Cyber OSPAs) are listed below.

The criteria for the Cyber OSPA entries are decided centrally by the Cyber OSPAs. Please note that it is important that all the entry criteria are covered in the submission, as judges can only provide their scores against the information that is submitted on the entry. External links and attachments are not permitted.

The judges are responsible for selecting the finalists and winners of each category. Their decision is final and no correspondence will be entered into. The award organisers also reserve the right to not award a category if circumstances deem it necessary.

Nominees may enter themselves or others more than once in multiple categories.

Please note that nominations are scored on the quality of the answers. Answers that are deemed too short will not be submitted to the judges, and there is no advantage given to nominees who enter multiple times in the same category.

List of categories

Outstanding Chief Information Security Officer

Outstanding Cyber Security Professional

Outstanding Cyber Security Team

Outstanding Cyber Security Consultant

Outstanding Cyber Security Training/Awareness Initiative

Outstanding Young Cyber Security Professional

Outstanding New Cyber Security Product

Outstanding Overseas Cyber Security Initiative

Lifetime Achievement

Outstanding Chief Information Security Officer (CISO) 

CISOs can operate in different ways, and are responsible for a myriad of different activities and technologies to combat a range of threats. Whatever the role, this category recognises those who through security expertise, business acumen and/or skilful and innovative leadership approaches, have led the cyber security portfolio with distinction. Outstanding performers will be leaders and innovators who are setting examples that others will wish to follow. 

To enter this category you will be asked to:

1. Describe the role of the CISO and the ways in which this person has led change in the organisation including the cyber security impacts of any partnership approaches adopted with different stakeholders. (up to 500 words)
2. Provide details of the value added by the CISO and the individual’s impact on the work of the department highlighting the specific leadership qualities that generated any benefits noted. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing the ways in which the role has driven cyber security performance
• Highlighting the factors that enable the CISO to excel
• Identifying the ways in which the role has influenced wider business operations
• Providing examples of building effective relationships with key stakeholders
• Demonstrating the improvements made to people and/or process and systems

Outstanding Cyber Security Professional

There are many cyber security professionals working in different roles, who are neither a Young Professional or a CISO (e.g. Security Architects, IT Risk Advisors, Security Analysts, Intelligence Analysts, Investigators, Heads of Operations) and this award is focussed on them. It recognises those who through cyber security expertise, business acumen and/or skilful and innovative approaches, have contributed with distinction. Outstanding performers will be those who are setting examples that others will wish to follow.

To enter this category you will be asked to:

1. Describe the role of the cyber security professional and the ways in which the person has led by example including the cyber security impacts of work undertaken with different stakeholders. (up to 500 words)
2. Provide details of the value added by the cyber security professional highlighting the specific qualities that generated any benefits noted. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing the ways in which the role has driven cyber security performance
• Highlighting the factors that enable the person to excel
• Identifying the ways in which the role has influenced others
• Providing examples of differences the person’s contribution has made
• Demonstrating the improvements made to people and/or process and systems

Outstanding Cyber Security Team

This award recognises any cyber security teams in the private, public or voluntary sectors.  This can be in any area of cyber security activity. An outstanding team is one that has implemented an approach which has contributed to the overall performance of the organisation. This can include roles in protecting the organisation against different types of threats some or all of which may be innovative or exemplary, as well as showing outstanding performance in enabling the organisation to operate in ways or areas that would not be possible without the contribution of the cyber security team, for example in reducing risks and/or increasing competitiveness.

To enter this category you will be asked to:

1. Describe the work of the cyber security team and the ways in which it has driven outstanding performance highlighting the key factors that have enabled success. (up to 500 words)
2. Describe the impact of the team highlighting the benefits and value it has generated for different stakeholders. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing how the team creates and implements an effective cyber security strategy and drives cyber security performance
• Highlighting how good cyber security impacts on the wider organisation
• Identifying the factors that enable staff/leadership to excel
• Providing examples of building effective relationships with key stakeholders
• Demonstrating how improvements made to people and/or process and systems

Outstanding Cyber Security Consultant 

This award recognises the cyber security consultant – individual, team or company – demonstrating outstanding performance in any aspect of security consulting. Consultants often play a key role in security in offering expertise and insight which can transform the quality of service, product or system that is offered. It recognises the existence of distinct skill sets and crucially the ways these are harnessed and managed to make a difference to security strategy and/or practice.

To enter this category you will be asked to:

Describe the role and objectives of the consultant and the key factors that reflect outstanding performance. (up to 500 words)

Describe how the cyber security consultant has displayed outstanding performance in terms for example, of leadership skills, a focus on the customer, by adding value or otherwise driving excellence. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing the ways in which the consultant has driven cyber security performance
• Highlighting the key distinguishing strengths of the consultant including leadership skills
• Identifying the ways in which the role has influenced positively wider business operations
• Providing examples of building effective relationships with key stakeholders
• Demonstrating how high performance and benefits are sustained

Outstanding Cyber Security Training/Awareness Initiative

This award recognises individuals or companies that operate a successful training scheme and/or a security awareness initiative, which promotes outstanding performance and has produced identifiable results. There is a tendency to talk about training, up-skilling and raising awareness as good things in themselves. In fact in the very least, training/awareness raising should most often be undertaken in response to an identified need, with a programme that is suited to best meeting any gaps, that is well articulated and delivered, and results in better performance. This award looks to recognise those who have made a difference to improving any area of cyber security practice via training/awareness raising.

To enter this category you will be asked to:

1. Describe the training/awareness raising initiative, highlighting its key features that were responsible for delivering outstanding performance. (up to 500 words)
2. Describe how the training/awareness raising initiative made an impact in developing outstanding cyber security practices in terms of adding value, improving performance or otherwise driving excellence. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing the aims of the initiative and how these are focussed on the customer
• Highlighting how innovation is displayed
• Identifying the factors that enable the security personnel involved to excel
• Providing examples of improved performance
• Demonstrating the business benefits and how they are sustained

Outstanding Young Cyber Security Professional

This award recognises a young cyber security professional – that is anyone below the age of thirty (there is no restriction on the number of years spent in security) – who has excelled in early career performance. The focus is on someone who has made an impact in the area of cyber security, for example as an analyst/researcher, working for a cyber security supplier and/or corporate cyber security department. This could be in any area of cyber security activity, as a student, in the workplace or a combination, but it will be someone who has made a difference and is laying the basis for an outstanding career in cyber security.

To enter this category you will be asked to:

1. Describe the role of the young professional and the ways in which he/she has excelled. (up to 500 words)
2. Provide details of the value added by the young professional and his/her impact in specific area or areas of cyber security activity (inside the workplace and/or outside) highlighting the special qualities of the individual. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing the work of the young professional and its relationship to cyber security
• Highlighting the ways in which the young professional is laying the foundations of a cyber security career
• Identifying the influence of the young professional on specific audiences
• Providing examples of interest and dedication to improving cyber security
• Demonstrating how high performance will be sustained

Outstanding  New Cyber Security Product

This award recognises an outstanding new product that has been designed and implemented to improve any area of cyber security practice, and has been introduced to the market in the last 12 months. The key point about new products is that they have a marked effect on improving cyber security performance; that is that they add value and have clearly identified benefits.

To enter this category you will be asked to:

1. Describe the product and its distinguishing features, and any innovative aspects that enable it to be considered as cutting edge. (up to 500 words)
2. Evidence how the product is specifically designed to address a market demand, show how the product adds value. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing any creative and innovative aspects of the design process
• Highlighting the distinct features of the product
• Identifying the impact of the product on clients
• Providing examples of benefits for customers
• Demonstrating the ways in which the product adds value

Outstanding Overseas Cyber Security Initiative

This award recognises a company, organisation or individual that operates an outstanding initiative that tackles any aspect of cyber security operating outside of the UK. The nominee can be based anywhere, the initiative itself must have an impact outside the UK.

There are a broad range of initiatives which can be considered for this award but what they share is an exclusive focus on successfully tackling some aspect of cyber security. This could involve reducing its incidence and/or its impact (this may include raising awareness and/or generating better intelligence/information for an improved response).

To enter this category you will be asked to:

1. Describe the initiative and its key objectives explaining the key influences on the approaches taken and the key impacts it has had. (up to 500 words)
2. Describe how the initiative displays and encourages outstanding performance and the reasons why it has been successful and if applicable how success will be sustained. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

• Discussing the aims of the initiative and the impact that it has had
• Highlighting how innovation is displayed
• Identifying the factors that enable staff/leadership to excel
• Providing examples of improved performance
• Demonstrating business benefits and how they are sustained

Lifetime Achievement – must be nominated by a third party

This award recognises a senior member of the cyber security community. It recognises an individual who has consistently shown outstanding performance over an extended period of time and has had a substantial impact upon defining and driving standards in the cyber security sector.

In nominating someone for this category (it is nomination only) you will be asked to:

1. Describe the individual’s career, including key moments and prominent achievements. (up to 500 words)
2. Describe how outstanding performance has been at the forefront of activities throughout the individual’s career, how this person has encouraged others to perform outstandingly and specific contributions to raising performance in the cyber security sector. (up to 500 words)

The Judges will be looking for evidence of outstanding performance in:

• Discussing the roles held by the individual and the significance of them to cyber security
• Highlighting the factors that enable the individual to excel 
• Identifying the ways in which the individual has influenced the security sector
• Providing examples of building and maintaining effective relationships with key stakeholders
• Demonstrating the overall value added.