NEC Security Skill Challenge 2024: A Decade of Cultivating Cybersecurity Talent

In today's digital landscape, where cyber threats constantly evolve and multiply, organizations must continuously strengthen their security posture. NEC Corporation has been addressing this challenge head-on through an innovative approach to security skill development that combines gamification, practical application, and company-wide participation.

A Milestone Achievement in Security Training

February 26, 2025 marked a significant milestone for NEC as the company celebrated the awards ceremony for its 10th annual "NEC Security Skill Challenge 2024." This internal Capture The Flag (CTF) competition has become a cornerstone of NEC's security talent development strategy, attracting an impressive 1,060 participants in its latest iteration. Over the past decade, approximately 9,200 NEC Group employees have voluntarily participated in this skill-building initiative.

The 2024 competition ran from November 1 to November 29, engaging employees across the organization regardless of their primary job functions. What makes this initiative particularly effective is its inclusivity - of the participants, 747 were employees not directly involved in security operations, while 313 were security professionals or experienced CTF competitors.

Expanding Beyond Traditional Technical Challenges

What set the 2024 competition apart was its expanded scope. While previous years focused primarily on technical security challenges like cryptographic communication analysis and penetration testing, this year introduced a new category: "Security Awareness."

This new segment incorporated practical, day-to-day security scenarios that all employees might encounter, including:

• Procedures for reporting suspicious emails
• Initial response protocols during security incidents
• Proper access right configuration for cloud storage services
• Analyzing email headers to investigate senders
• Methods for obtaining vulnerability information
• Safety considerations when using RPA (Robotic Process Automation) tools
• Utilization of security dashboards that visualize threat information observed within the NEC Group
• Crossword puzzles related to internal regulations and implementation standards

The addition of these real-world scenarios reflects NEC's understanding that cybersecurity effectiveness depends not just on technical specialists but on building a security-conscious culture throughout the organization.

Expertise-Driven Problem Design

The competition's challenges are designed by the engineers who are on the front lines of NEC's security operations – professionals responsible for security implementation in products, systems, and services provided to customers, as well as those handling incident response. The newly added security awareness problems were created with input from engineers in the CISO General Office, which drives cybersecurity measures across the NEC Group.

This approach ensures that the scenarios and challenges reflect genuine security concerns and best practices that are directly applicable to NEC's business operations and customer needs.

Employee Feedback Highlights Practical Value

Participants expressed appreciation for the competition's practical focus:

"The problems weren't just for technical specialists; they covered familiar content that was easy to engage with."

"Some problems featured tools we actually use in our daily work, like email, which made me think about being more careful in my regular duties."

"It was a good opportunity to review internal regulations, guidelines, and tools."

"Participating regularly allows me to refresh my knowledge through hands-on experience, which is very beneficial."

These testimonials underscore how the competition manages to bridge the gap between theoretical security knowledge and practical application in daily operations.

Recognition of Excellence

The competition recognized outstanding performers across multiple categories:

• General Division: Osamu Yamashita from NEC OMCS & Communications Carrier Solutions Business Division achieved the top score among participants primarily working outside security operations.

• Expert Division: Takanari Shigeta from NEC Platform & Technology Services Business Division's Digital Network Division scored a perfect mark, correctly solving all problems.

• First-time Participant Division: Tomohiro Okada from NEC Security's Security Assessment Unit was recognized as the top newcomer.

These individuals represent the diverse talent pool that NEC is cultivating through this initiative.

Beyond Internal Benefits: Customer Impact

While the immediate benefits of the Security Skill Challenge accrue to NEC's internal security capabilities, the ultimate beneficiaries are the company's customers. By enhancing the security awareness and technical proficiency of its workforce, NEC strengthens its ability to design, implement, and maintain secure products and services.

The competition complements NEC's broader security talent development initiatives, including the "NEC Security Skills Challenge for Students" and the "NEC Cybersecurity Competition Arena Exercise." Together, these programs create a comprehensive approach to security education that spans from beginners to advanced practitioners.

A10 Networks Partnership Recognition

In parallel with its internal security initiatives, NEC recently received the "Best Performing Partner Award" at the "A10 Japan Partner Awards 2024" hosted by A10 Networks. This recognition highlights NEC's outstanding sales performance with A10 Networks products during 2024 and underscores the company's commitment to providing optimal network solutions to customers.

The award reflects NEC's deep understanding of A10 Networks products, its ability to provide solutions aligned with market needs, and its successful track record of implementation across numerous customer environments. This external validation complements NEC's internal security excellence initiatives, demonstrating the company's holistic approach to technological leadership.

Looking Forward: Continuous Improvement in Security Preparedness

As cyber threats continue to evolve in sophistication and scale, NEC's commitment to security talent development remains unwavering. The Security Skill Challenge exemplifies the company's proactive approach to cybersecurity – recognizing that technical solutions must be complemented by human expertise and organizational awareness.

By combining traditional technical security challenges with newly added security awareness scenarios, NEC has created a comprehensive learning environment that prepares its workforce for the full spectrum of security considerations they might encounter in their roles.

The decade-long success of this initiative demonstrates that gamification can be a powerful tool for security education, making complex and sometimes intimidating security concepts accessible and engaging for employees across all levels of technical proficiency.

Key Takeaways

For organizations looking to enhance their security posture, NEC's approach offers valuable lessons:

1. Inclusivity matters: Engaging employees beyond the security department creates a more robust security culture.

2. Practical application enhances retention: Challenges based on real-world scenarios provide immediately applicable knowledge.

3. Gamification drives participation: The competitive CTF format makes learning more engaging and enjoyable.

4. Recognition reinforces commitment: Celebrating excellence encourages continued participation and skills development.

5. Continuous evolution keeps content relevant: Adding new categories like Security Awareness ensures the program addresses emerging needs.

As cyber threats continue to evolve, so too must the approaches organizations take to prepare their workforce. NEC's Security Skill Challenge demonstrates how combining technical depth with broad participation can create a more secure organization – benefiting not just the company, but its customers and the broader digital ecosystem.