Team members of B1o0ps, the team consisting of Baidu-backed Blue-Lotus and 0OPS, pose for a group picture at the BlackHat conference, known as top-level conference on information security, held in Las Vegas, Nevada. The team defeated Korea-based DefKor, the defending champion, in the finals of DEFCON’s CTF contest, and ultimately ranked 2nd position. [Photo provided to chinadaily.com.cn]

Chinese hackers have been frequent speakers at the BlackHat conference over the past couple of years. In 2014, two subjects from Chinese hackers were presented at the BlackHat conference; in 2015, the number raised to nine subjects.

This year, 15 top-level hacking technologists from eight Chinese teams of hackers spoke at the conference.

Talent shortage

"Talent shortage has always been a bottleneck restricting development of cyberspace security enterprises," said Ma Jie, head of Baidu's security division.

Ma elaborated that there are two aspects included in the issue: the output deficit of graduates majoring in information security and the disparity between hackers and anti-virus companies on technologies, resources and capitals.

"Most of the cyberspace security companies do not have financial strength to employ and develop professional security personnel," Ma said.

Statistics from Baidu show that there are fewer than 10,000 university graduates per year with the major of information security in China, as opposed to at least 100,000 vacancies to be filled in the industry, and the universities pay more attention to theories than practices.

Xu Chuanchao, a cyberspace security engineer at Qihoo 360, told chinadaily.com.cn that the country's existing demand for industry talents is 500,000, while the available number is less than 50,000.

In addition, most of the newly-graduates can't meet the market requirements for practical defense skills.

In July, government regulators, including Office of the Central Leading Group for Cyberspace Affairs, National Development and Reform Commission and another four ministries and commissions, jointly issued an initiative to foster cyberspace security talents and boost the education development process.

Rising of professional security matches held around the nation, such as GeekPwn, XCTF and WCTF have upgraded talent output efficiency and help alleviate the industry's talent shortage problem to a certain point.

Aimed at enhancing the ability of Chinese university students majoring in information security to address real-world security problems, Blue-Lotus took the lead in introducing DEFCON's CTF contest into China before developing it into China's top-level XCTF contest.

Originating at DEFCON 1996, the CTF contest is the leading platform for testing the technical skills of hacker teams when it comes to solving real-world problems in network security.

According to Qihoo 360's Xu, the company has been jointly worked with the Central Committee of the Communist Youth League of China to conduct cyberspace security education for teenagers for four years.

In addition, by hosting hacker contests and training camps, the company aims to inspire people's interests in the industry and attract more people to join in the sector as practitioners.

"Qihoo 360 will join Internet Society of China to host the annual China Internet Security Conference (ISC) next Tuesday in Beijing, and we expect to attract more than 30,000 attendees during the meeting," said Xu.