Categories & Criteria

Entries for the 2024 Cyber OSPAs have now closed

The categories for the Cyber Outstanding Security Performance Awards (Cyber OSPAs) are listed below.

Please note that it is important that all the entry criteria are covered in the submission, as judges can only provide their scores against the information that is submitted on the entry. External links and attachments are not permitted.

The judges are responsible for awarding the winners and finalists in each category. Their decision is final and no correspondence will be entered into. The Cyber OSPAs reserve the right to not award a particular category if circumstances deem it necessary.

Categories

1. Outstanding Chief Information Security Officer (CISO)

CISOs can operate in different ways, and are responsible for a myriad of different activities and technologies to combat a range of threats. Whatever the role, this category recognises those who through security expertise, business acumen and/or skilful and innovative leadership approaches, have led the cyber security portfolio with distinction. Outstanding performers will be leaders and innovators who are setting examples that others will wish to follow.

To enter this category you will be asked to:

Describe the role of the CISO and the ways in which this person has led change in the organisation including the cyber security impacts of any partnership approaches adopted with different stakeholders. (up to 500 words)
Provide details of the value added by the CISO and the individual’s impact on the work of the department highlighting the specific leadership qualities that generated any benefits noted. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the ways in which the role has driven cyber security performance
Highlighting the factors that enable the CISO to excel
Identifying the ways in which the role has influenced wider business operations
Providing examples of building effective relationships with key stakeholders
Demonstrating the improvements made to people and/or process and systems

2. Outstanding Cyber Security Professional

There are many cyber security professionals working in different roles, who are neither a Young Professional or a CISO (e.g. Security Architects, IT Risk Advisors, Security Analysts, Intelligence Analysts, Investigators, Heads of Operations) and this award is focussed on them. It recognises those who through cyber security expertise, business acumen and/or skilful and innovative approaches, have contributed with distinction. Outstanding performers will be those who are setting examples that others will wish to follow.

To enter this category you will be asked to:

Describe the role of the cyber security professional and the ways in which the person has led by example including the cyber security impacts of work undertaken with different stakeholders. (up to 500 words)
Provide details of the value added by the cyber security professional highlighting the specific qualities that generated any benefits noted. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the ways in which the role has driven cyber security performance
Highlighting the factors that enable the person to excel
Identifying the ways in which the role has influenced others
Providing examples of differences the person’s contribution has made
Demonstrating the improvements made to people and/or process and systems

3. Outstanding Cyber Security Team

This award recognises any cyber security teams in the private, public or voluntary sectors. This can be in any area of cyber security activity. An outstanding team is one that has implemented an approach which has contributed to the overall performance of the organisation. This can include roles in protecting the organisation against different types of threats some or all of which may be innovative or exemplary, as well as showing outstanding performance in enabling the organisation to operate in ways or areas that would not be possible without the contribution of the cyber security team, for example in reducing risks and/or increasing competitiveness.

To enter this category you will be asked to:

Describe the work of the cyber security team and the ways in which it has driven outstanding performance highlighting the key factors that have enabled success. (up to 500 words)
Describe the impact of the team highlighting the benefits and value it has generated for different stakeholders. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing how the team creates and implements an effective cyber security strategy and drives cyber security performance
Highlighting how good cyber security impacts on the wider organisation
Identifying the factors that enable staff/leadership to excel
Providing examples of building effective relationships with key stakeholders
Demonstrating how improvements made to people and/or process and systems

4. Outstanding Cyber Security Consultant

This award recognises the cyber security consultant – individual, team or company – demonstrating outstanding performance in any aspect of security consulting. Consultants often play a key role in security in offering expertise and insight which can transform the quality of service, product or system that is offered. It recognises the existence of distinct skill sets and crucially the ways these are harnessed and managed to make a difference to security strategy and/or practice.

To enter this category you will be asked to:

Describe the role and objectives of the consultant and the key factors that reflect outstanding performance. (up to 500 words)
Describe how the cyber security consultant has displayed outstanding performance in terms for example, of leadership skills, a focus on the customer, by adding value or otherwise driving excellence. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the ways in which the consultant has driven cyber security performance
Highlighting the key distinguishing strengths of the consultant including leadership skills
Identifying the ways in which the role has influenced positively wider business operations
Providing examples of building effective relationships with key stakeholders
Demonstrating how high performance and benefits are sustained

5. Outstanding Customer Service Initiative

This award recognises the company, organisation or individual that operates an outstanding initiative that generates sustainable benefits for customers in any area of cyber security. The key here is that the initiative generates very positive feedback from highly satisfied customer. There is a broad range of initiatives which can be considered for this award but what they share is an exclusive focus on successfully implementing positive change for customers, this may include, for example, reducing risks and/or increasing competitiveness.

To enter this category you will be asked to:

Describe the customer service initiative and its key objectives explaining the key influences on the approaches taken and the key impacts it has had. (up to 500 words)
Describe how the customer service Initiative displays and encourages outstanding performance and the reasons why it has been successful and if applicable how success will be sustained. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the aims of the initiative and how these are focussed on the customer
Highlighting how innovation is displayed
Identifying the factors that enable staff/leadership to excel
Providing examples of improved performance
Demonstrating business benefits and how they are sustained

6. Outstanding Cyber Security Training/Awareness Initiative

This award recognises individuals or companies that operate a successful training scheme and/or a security awareness initiative, which promotes outstanding performance and has produced identifiable results. There is a tendency to talk about training, up-skilling and raising awareness as good things in themselves. In fact in the very least, training/awareness raising should most often be undertaken in response to an identified need, with a programme that is suited to best meeting any gaps, that is well articulated and delivered, and results in better performance. This award looks to recognise those who have made a difference to improving any area of cyber security practice via training/awareness raising.

To enter this category you will be asked to:

Describe the training/awareness raising initiative, highlighting its key features that were responsible for delivering outstanding performance. (up to 500 words)
Describe how the training/awareness raising initiative made an impact in developing outstanding cyber security practices in terms of adding value, improving performance or otherwise driving excellence. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the aims of the initiative and how these are focussed on the customer
Highlighting how innovation is displayed
Identifying the factors that enable the security personnel involved to excel
Providing examples of improved performance
Demonstrating the business benefits and how they are sustained

7. Outstanding Cyber Security Partnership

This award recognises a successful cyber security partnership that delivers outstanding performance. ‘Partnerships’ is an overused word in cyber security. Frequently partnerships are identified as crucial to good cyber security but often may involve little more than collaboration, a very different thing. What is known is that effective partnerships are most often the result of good planning around identifiable objectives designed to deliver specific benefits, and are typically characterised by good management/co-ordination.

To enter this category you will be asked to:

Describe the partnership and the benefits it provides. (up to 500 words)
Describe how the partnership demonstrates outstanding cyber security performance and why the partnership deserves this award. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the role of the partnership and the key benefits it provides
Highlighting the business approach, specific skills and tactics that underpin performance
Identifying the factors that enable staff/leadership to excel
Providing examples of outstanding performance for stakeholders
Demonstrating business benefits and how they are sustained

8. Outstanding Police/Law Enforcement Initiative

This award recognises an initiative from governmental bodies/that is police-led that have developed a cyber security scheme that has a positive impact on a community; one that has led to an improvement in cyber security practice.

To enter this category you will be asked to:

Describe the initiative and its key objectives and any innovative aspects that have led to its success. (up to 500 words)
Evidence how the initiative benefits its target group highlighting the role of management/partnerships in generating an effect. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the aims of the initiative and the needs it meets
Highlighting how it enhances police/law enforcement objectives
Identifying the factors that enable staff/leadership to excel
Providing examples of improved performance/relationships with stakeholders
Demonstrating the different benefits and how they are sustained

9. Outstanding Young Cyber Security Professional

This award recognises a young cyber security professional – that is anyone below the age of thirty (there is no restriction on the number of years spent in security) – who has excelled in early career performance. The focus is on someone who has made an impact in the area of cyber security, for example as an analyst/researcher, working for a cyber security supplier and/or corporate cyber security department. This could be in any area of cyber security activity, as a student, in the workplace or a combination, but it will be someone who has made a difference and is laying the basis for an outstanding career in cyber security.

To enter this category you will be asked to:

Describe the role of the young professional and the ways in which he/she has excelled. (up to 500 words)
Provide details of the value added by the young professional and his/her impact in specific area or areas of cyber security activity (inside the workplace and/or outside) highlighting the special qualities of the individual. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the work of the young professional and its relationship to cyber security
Highlighting the ways in which the young professional is laying the foundations of a cyber security career
Identifying the influence of the young professional on specific audiences
Providing examples of interest and dedication to improving cyber security
Demonstrating how high performance will be sustained

10. Outstanding New Cyber Security Product

This award recognises an outstanding new product that has been designed and implemented to improve any area of cyber security practice, and has been introduced to the market in the last 12 months. The key point about new products is that they have a marked effect on improving cyber security performance; that is that they add value and have clearly identified benefits.

To enter this category you will be asked to:

Describe the product and its distinguishing features, and any innovative aspects that enable it to be considered as cutting edge. (up to 500 words)
Evidence how the product is specifically designed to address a market demand, show how the product adds value. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing any creative and innovative aspects of the design process
Highlighting the distinct features of the product
Identifying the impact of the product on clients
Providing examples of benefits for customers
Demonstrating the ways in which the product adds value

11. Outstanding Cyber Security Equipment Manufacturer

This Cyber OSPA recognises an outstanding manufacturer of products that service the cyber security market. Manufacturers of any cyber security product in any market can enter. The winner of this Cyber OSPA will have shown outstanding performance in manufacturing a leading-edge security product (or products), which has produced clear beneficial results for customers.

To enter this category you will be asked to:

Describe the manufacturer and its distinguishing features, and any innovative aspects that enable it to be considered as a cutting-edge company. (up to 500 words)
Evidence how the manufacturer produces products that are specifically designed to address a market demand, and show how these products add value to the company and the security industry. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

Discussing the key distinguishing strengths the manufacturer displays
Highlighting the business approach and how it meets a distinct market demand
Identifying examples of business success
Providing examples of building effective relationships with stakeholders
Demonstrating how high performance and benefits are sustained

12. Lifetime Achievement – must be nominated by a third party

This award recognises a senior member of the cyber security community. It recognises an individual who has consistently shown outstanding performance over an extended period of time and has had a substantial impact upon defining and driving standards in the cyber security sector.

In nominating someone for this category (it is nomination only) you will be asked to:

Describe the individual’s career, including key moments and prominent achievements. (up to 500 words)
Describe how outstanding performance has been at the forefront of activities throughout the individual’s career, how this person has encouraged others to perform outstandingly and specific contributions to raising performance in the cyber security sector. (up to 500 words)

The Judges will be looking for evidence of outstanding performance in:

Discussing the roles held by the individual and the significance of them to cyber security
Highlighting the factors that enable the individual to excel
Identifying the ways in which the individual has influenced the security sector
Providing examples of building and maintaining effective relationships with key stakeholders
Demonstrating the overall value added.