Imagine a world where the best young cybersecurity minds clash in a global arena, testing their skills against the most complex digital threats. That’s precisely what happened at the 2025 International Cybersecurity Challenge (ICC), and Team Europe absolutely dominated! They clinched first place for the fourth consecutive year, a feat that’s turning heads and raising the stakes for cyber resilience worldwide.
The ICC, hosted this year in vibrant Tokyo, Japan, is more than just a competition; it’s a crucial exercise in international collaboration and talent development. Think of it like the Olympics of cybersecurity, where future defenders of our digital world get to sharpen their skills. This year, eight formidable teams representing regions like Africa, Asia, ASEAN, Canada, Latin America, Oceania, the United States, and of course, Europe, converged to battle it out. With representatives from over 80 countries, the ICC truly embodies a global effort.
ENISA (the European Union Agency for Cybersecurity) extended hearty congratulations to all the winners: Team Asia secured a commendable 2nd place, and the US Cyber Team took home 3rd. But the spotlight remains firmly on Team Europe, who have established themselves as a cybersecurity powerhouse.
ENISA’s Executive Director, Juhan Lepassaar, emphasized the long-term vision behind the ICC: “With the International Cybersecurity Challenge, we invest into the cyber resilience of our future. We have the assets: our highly talented young generation! However, our return on investment will only be guaranteed if we give them the means to test and further develop their skills at a larger scale. This is precisely the purpose of the ICC.” In essence, the ICC isn’t just about winning; it’s about nurturing the skills necessary to protect us from future cyberattacks.
The ICC is essentially a large-scale Capture the Flag (CTF) event. CTFs are cybersecurity competitions where participants solve puzzles and challenges to “capture flags” – virtual pieces of information that prove they’ve successfully overcome a security hurdle. This encourages the development of cybersecurity skills and promotes working together across national borders. Competing in diverse teams fosters understanding of different approaches to cybersecurity, leading to more effective collaboration. And this is the part most people miss: cybersecurity is a global problem, and the solution requires global cooperation.
The competition, launched and managed by ENISA since 2022, relies on collaboration between regional and international organizations. The EU delegation to Japan played a vital role in supporting Team Europe, handling logistics and preparations.
So, what exactly do these cybersecurity gladiators do during the ICC? They tackle complex cybersecurity puzzles, including classic challenges like cryptography (decoding secret messages), reverse engineering (disassembling software to understand its inner workings), forensics (investigating digital evidence), and web exploitation (finding and using vulnerabilities in websites).
But here’s where it gets controversial… The ICC doesn’t just focus on traditional cybersecurity skills. It also throws in challenges related to modern technologies like cloud computing, artificial intelligence (AI), Operational Technology (OT) environments (think industrial control systems), mobile applications, and the Internet of Things (IoT). This reflects the evolving landscape of cyber threats and the need for cybersecurity professionals to be adaptable and well-versed in emerging technologies. The ICC also features an Attack and Defense competition, where teams must both defend their own vulnerable systems and exploit vulnerabilities in other teams’ systems. It’s a high-pressure scenario that tests their abilities to think on their feet and work effectively under pressure.
To ensure Team Europe is fully prepared, ENISA provides a structured training program in collaboration with official coaches. This includes intensive training bootcamps, qualification events, and online training sessions, all designed to improve both technical skills and teamwork.
In a move to promote diversity and encourage female participation in cybersecurity, ENISA sent a dedicated all-female Team Europe, known as the “Kunoichi Cyber Games” team, to Tokyo in October 2024 to prepare for the main event. This proactive initiative aims to break down gender barriers and highlight the importance of inclusivity in the cybersecurity field.
Looking ahead, the International Cybersecurity Challenge (ICC 2026) will be held in May 2026 in Brisbane, Australia, alongside the AUSCERT Conference. This continues the global mission to empower young cybersecurity talents and foster international collaboration.
And that’s not all! In the summer of 2026, ENISA will support an international Female Capture the Flag (CTF) competition in Dublin, Ireland. This event will bring together top female cybersecurity talents from Europe and partner regions, providing them with hands-on technical challenges, mentoring opportunities, and international collaboration activities. It’s a dedicated platform to showcase and strengthen women’s participation in cybersecurity, building on ENISA’s ongoing efforts to promote diversity, inclusion, and equal access to cybersecurity careers worldwide. Mark your calendars, because the International Cybersecurity Challenge 2027 (ICC 2027) will also be held in Ireland!
So, what do you think? Is investing in cybersecurity competitions like the ICC the best way to prepare for future cyber threats? Or should resources be focused elsewhere? Do you believe that a diverse cybersecurity workforce is a stronger cybersecurity workforce? What are your thoughts? Share your opinions in the comments below!