Categories & Criteria

Entries for the 2025 Cyber OSPAs are now open!
You have until 4th February 2025 to submit your nominations.

The Cyber OSPAs, based on the international Outstanding Security Performance Awards scheme, recognise and reward companies, teams, individuals, products and initiatives across the cyber security sector.

The categories for the Cyber Outstanding Security Performance Awards (Cyber OSPAs) are listed below.

The criteria for the Cyber OSPA entries are decided centrally by the Cyber OSPAs. Please note that it is important that all the entry criteria are covered in the submission, as judges can only provide their scores against the information that is submitted on the entry. External links and attachments are not permitted.

The judges are responsible for selecting the finalists and winners of each category. Their decision is final and no correspondence will be entered into. The award organisers also reserve the right to not award a category if circumstances deem it necessary.

Nominees may enter themselves or others more than once in multiple categories.

Please note that nominations are scored on the quality of the answers. Answers that are deemed too short will not be submitted to the judges, and there is no advantage given to nominees who enter multiple times in the same category.

Categories

  1. __Outstanding Chief Information Security Officer
  2. __Outstanding Cyber Security Professional
  3. __Outstanding Cyber Security Team
  4. __Outstanding Cyber Security Consultant
  5. __Outstanding Customer Service Initiative
  6. __Outstanding Cyber Security Training/Awareness Initiative
  7. __Outstanding Cyber Security Partnership
  8. __Outstanding Police/Law Enforcement Initiative
  9. __Outstanding Young Cyber Security Professional
  10. __Outstanding New Cyber Security Product
  11. __Outstanding Cyber Security Equipment Manufacturer
  12. __Lifetime Achievement

1. Outstanding Chief Information Security Officer (CISO)

CISOs can operate in different ways, and are responsible for a myriad of different activities and technologies to combat a range of threats. Whatever the role, this category recognises those who through security expertise, business acumen and/or skilful and innovative leadership approaches, have led the cyber security portfolio with distinction. Outstanding performers will be leaders and innovators who are setting examples that others will wish to follow.

To enter this category you will be asked to:

  1. Describe the role of the CISO and the ways in which this person has led change in the organisation including the cyber security impacts of any partnership approaches adopted with different stakeholders. (up to 500 words)
  2. Provide details of the value added by the CISO and the individual’s impact on the work of the department highlighting the specific leadership qualities that generated any benefits noted. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the ways in which the role has driven cyber security performance
  • Highlighting the factors that enable the CISO to excel
  • Identifying the ways in which the role has influenced wider business operations
  • Providing examples of building effective relationships with key stakeholders
  • Demonstrating the improvements made to people and/or process and systems

2. Outstanding Cyber Security Professional

There are many cyber security professionals working in different roles, who are neither a Young Professional or a CISO (e.g. Security Architects, IT Risk Advisors, Security Analysts, Intelligence Analysts, Investigators, Heads of Operations) and this award is focussed on them. It recognises those who through cyber security expertise, business acumen and/or skilful and innovative approaches, have contributed with distinction. Outstanding performers will be those who are setting examples that others will wish to follow.

To enter this category you will be asked to:

  1. Describe the role of the cyber security professional and the ways in which the person has led by example including the cyber security impacts of work undertaken with different stakeholders. (up to 500 words)
  2. Provide details of the value added by the cyber security professional highlighting the specific qualities that generated any benefits noted. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the ways in which the role has driven cyber security performance
  • Highlighting the factors that enable the person to excel
  • Identifying the ways in which the role has influenced others
  • Providing examples of differences the person’s contribution has made
  • Demonstrating the improvements made to people and/or process and systems

3. Outstanding Cyber Security Team

This award recognises any cyber security teams in the private, public or voluntary sectors.  This can be in any area of cyber security activity. An outstanding team is one that has implemented an approach which has contributed to the overall performance of the organisation. This can include roles in protecting the organisation against different types of threats some or all of which may be innovative or exemplary, as well as showing outstanding performance in enabling the organisation to operate in ways or areas that would not be possible without the contribution of the cyber security team, for example in reducing risks and/or increasing competitiveness.

To enter this category you will be asked to:

  1. Describe the work of the cyber security team and the ways in which it has driven outstanding performance highlighting the key factors that have enabled success. (up to 500 words)
  2. Describe the impact of the team highlighting the benefits and value it has generated for different stakeholders. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing how the team creates and implements an effective cyber security strategy and drives cyber security performance
  • Highlighting how good cyber security impacts on the wider organisation
  • Identifying the factors that enable staff/leadership to excel
  • Providing examples of building effective relationships with key stakeholders
  • Demonstrating how improvements made to people and/or process and systems

4. Outstanding Cyber Security Consultant

This award recognises the cyber security consultant – individual, team or company – demonstrating outstanding performance in any aspect of security consulting. Consultants often play a key role in security in offering expertise and insight which can transform the quality of service, product or system that is offered. It recognises the existence of distinct skill sets and crucially the ways these are harnessed and managed to make a difference to security strategy and/or practice.

To enter this category you will be asked to:

  1. Describe the role and objectives of the consultant and the key factors that reflect outstanding performance. (up to 500 words)
  2. Describe how the cyber security consultant has displayed outstanding performance in terms for example, of leadership skills, a focus on the customer, by adding value or otherwise driving excellence. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the ways in which the consultant has driven cyber security performance
  • Highlighting the key distinguishing strengths of the consultant including leadership skills
  • Identifying the ways in which the role has influenced positively wider business operations
  • Providing examples of building effective relationships with key stakeholders
  • Demonstrating how high performance and benefits are sustained

5. Outstanding Customer Service Initiative

This award recognises the company, organisation or individual that operates an outstanding initiative that generates sustainable benefits for customers in any area of cyber security. The key here is that the initiative generates very positive feedback from highly satisfied customer. There is a broad range of initiatives which can be considered for this award but what they share is an exclusive focus on successfully implementing positive change for customers, this may include, for example, reducing risks and/or increasing competitiveness.

To enter this category you will be asked to:

  1. Describe the customer service initiative and its key objectives explaining the key influences on the approaches taken and the key impacts it has had. (up to 500 words)
  2. Describe how the customer service Initiative displays and encourages outstanding performance and the reasons why it has been successful and if applicable how success will be sustained. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the aims of the initiative and how these are focussed on the customer
  • Highlighting how innovation is displayed
  • Identifying the factors that enable staff/leadership to excel
  • Providing examples of improved performance
  • Demonstrating business benefits and how they are sustained

6. Outstanding Cyber Security Training/Awareness Initiative

This award recognises individuals or companies that operate a successful training scheme and/or a security awareness initiative, which promotes outstanding performance and has produced identifiable results. There is a tendency to talk about training, up-skilling and raising awareness as good things in themselves. In fact in the very least, training/awareness raising should most often be undertaken in response to an identified need, with a programme that is suited to best meeting any gaps, that is well articulated and delivered, and results in better performance. This award looks to recognise those who have made a difference to improving any area of cyber security practice via training/awareness raising.

To enter this category you will be asked to:

  1. Describe the training/awareness raising initiative, highlighting its key features that were responsible for delivering outstanding performance. (up to 500 words)
  2. Describe how the training/awareness raising initiative made an impact in developing outstanding cyber security practices in terms of adding value, improving performance or otherwise driving excellence. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the aims of the initiative and how these are focussed on the customer
  • Highlighting how innovation is displayed
  • Identifying the factors that enable the security personnel involved to excel
  • Providing examples of improved performance
  • Demonstrating the business benefits and how they are sustained

7. Outstanding Cyber Security Partnership

This award recognises a successful cyber security partnership that delivers outstanding performance. ‘Partnerships’ is an overused word in cyber security. Frequently partnerships are identified as crucial to good cyber security but often may involve little more than collaboration, a very different thing. What is known is that effective partnerships are most often the result of good planning around identifiable objectives designed to deliver specific benefits, and are typically characterised by good management/co-ordination.

To enter this category you will be asked to:

  1. Describe the partnership and the benefits it provides. (up to 500 words)
  2. Describe how the partnership demonstrates outstanding cyber security performance and why the partnership deserves this award. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the role of the partnership and the key benefits it provides
  • Highlighting the business approach, specific skills and tactics that underpin performance 
  • Identifying the factors that enable staff/leadership to excel
  • Providing examples of outstanding performance for stakeholders
  • Demonstrating business benefits and how they are sustained

8. Outstanding Police/Law Enforcement Initiative

This award recognises an initiative from governmental bodies/that is police-led that have developed a cyber security scheme that has a positive impact on a community; one that has led to an improvement in cyber security practice.

To enter this category you will be asked to:

  1. Describe the initiative and its key objectives and any innovative aspects that have led to its success. (up to 500 words)
  2. Evidence how the initiative benefits its target group highlighting the role of management/partnerships in generating an effect. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the aims of the initiative and the needs it meets
  • Highlighting how it enhances police/law enforcement objectives
  • Identifying the factors that enable staff/leadership to excel
  • Providing examples of improved performance/relationships with stakeholders
  • Demonstrating the different benefits and how they are sustained

9. Outstanding Young Cyber Security Professional

This award recognises a young cyber security professional – that is anyone below the age of thirty (there is no restriction on the number of years spent in security) – who has excelled in early career performance. The focus is on someone who has made an impact in the area of cyber security, for example as an analyst/researcher, working for a cyber security supplier and/or corporate cyber security department. This could be in any area of cyber security activity, as a student, in the workplace or a combination, but it will be someone who has made a difference and is laying the basis for an outstanding career in cyber security.

To enter this category you will be asked to:

  1. Describe the role of the young professional and the ways in which he/she has excelled. (up to 500 words)
  2. Provide details of the value added by the young professional and his/her impact in specific area or areas of cyber security activity (inside the workplace and/or outside) highlighting the special qualities of the individual. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the work of the young professional and its relationship to cyber security
  • Highlighting the ways in which the young professional is laying the foundations of a cyber security career
  • Identifying the influence of the young professional on specific audiences
  • Providing examples of interest and dedication to improving cyber security
  • Demonstrating how high performance will be sustained

10. Outstanding New Cyber Security Product

This award recognises an outstanding new product that has been designed and implemented to improve any area of cyber security practice, and has been introduced to the market in the last 12 months. The key point about new products is that they have a marked effect on improving cyber security performance; that is that they add value and have clearly identified benefits.

To enter this category you will be asked to:

  1. Describe the product and its distinguishing features, and any innovative aspects that enable it to be considered as cutting edge. (up to 500 words)
  2. Evidence how the product is specifically designed to address a market demand, show how the product adds value. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing any creative and innovative aspects of the design process
  • Highlighting the distinct features of the product
  • Identifying the impact of the product on clients
  • Providing examples of benefits for customers
  • Demonstrating the ways in which the product adds value

11. Outstanding Cyber Security Equipment Manufacturer

This Cyber OSPA recognises an outstanding manufacturer of products that service the cyber security market. Manufacturers of any cyber security product in any market can enter.  The winner of this Cyber OSPA will have shown outstanding performance in manufacturing a leading-edge security product (or products), which has produced clear beneficial results for customers.

To enter this category you will be asked to:

  1. Describe the manufacturer and its distinguishing features, and any innovative aspects that enable it to be considered as a cutting-edge company. (up to 500 words)
  2. Evidence how the manufacturer produces products that are specifically designed to address a market demand, and show how these products add value to the company and the security industry. (up to 500 words)

The judges will be looking for evidence of outstanding performance in:

  • Discussing the key distinguishing strengths the manufacturer displays
  • Highlighting the business approach and how it meets a distinct market demand
  • Identifying examples of business success 
  • Providing examples of building effective relationships with stakeholders
  • Demonstrating how high performance and benefits are sustained

12. Lifetime Achievement – must be nominated by a third party

This award recognises a senior member of the cyber security community. It recognises an individual who has consistently shown outstanding performance over an extended period of time and has had a substantial impact upon defining and driving standards in the cyber security sector.

In nominating someone for this category (it is nomination only) you will be asked to:

  1. Describe the individual’s career, including key moments and prominent achievements. (up to 500 words)
  2. Describe how outstanding performance has been at the forefront of activities throughout the individual’s career, how this person has encouraged others to perform outstandingly and specific contributions to raising performance in the cyber security sector. (up to 500 words)

The Judges will be looking for evidence of outstanding performance in:

  • Discussing the roles held by the individual and the significance of them to cyber security
  • Highlighting the factors that enable the individual to excel 
  • Identifying the ways in which the individual has influenced the security sector
  • Providing examples of building and maintaining effective relationships with key stakeholders
  • Demonstrating the overall value added.