NCC MITA

Celebrating Excellence in Cybersecurity

The MITA-NCC is delighted to announce the launch of the CYBER AWARDS, an initiative dedicated to recognizing and celebrating exceptional contributions to cybersecurity in Malta and within the National Cybersecurity Community.

These prestigious awards aim to honour individuals and organizations that have demonstrated excellence, innovation, and leadership in advancing cybersecurity practices. By acknowledging these achievements, we hope to inspire higher standards, promote continuous improvement, and foster a culture of collaboration within the cybersecurity community.

Award Categories

For the inaugural edition of the National Cybersecurity Awards there will be six distinct categories:

  • Cyber Leader of the Year
  • Rising Star in Cybersecurity
  • Cybersecurity CSR
  • Top Performer in Cyber Skilling Programme
  • Outstanding Public Service Cyber Project
  • Leading Public Sector Cyber Project

The Cyber Leader of the Year Award is an initiative that honours senior cybersecurity professionals who have demonstrated extraordinary leadership, innovation, and commitment to advancing cybersecurity excellence in Malta.

This award aims to:

  • Recognise leaders who align cybersecurity with business goals and promote security as a strategic enabler.
  • Promote innovative approaches that address emerging threats with proactive, effective solutions.
  • Foster collaboration and strengthen Malta’s National Cybersecurity Community.
  • Establish a standard of excellence that inspires future cybersecurity professionals.

To be considered for the Cyber Leader of the Year Award, a nominee must meet the following mandatory conditions:

  • A registered member of the National Cybersecurity Community at the time of nomination.
  • Holds a senior cybersecurity role or in an equivalent capacity within the organisation with the overall responsibility of the security function. These include the roles of:

– Chief Information Security Officer

– Director of Information Security

– Information Security Manager

– Information Security Officer

  • In the absence of a dedicated information security role within the organisation, individuals with the following positions will also be eligible:

– Chief Technology Officer

– Head of IT

– IT Manager

  • Individuals holding mid-level roles who have the delegated responsibility for cybersecurity from top management shall also be considered as eligible (provided that the eligibility criteria detailed in this procedure is also satisfied).
  • A minimum of 12 consecutive months of experience in the designated cybersecurity role within an organisation.
  • Must have significantly contributed to improving the organisation’s cybersecurity resilience through measurable achievements. These include, but are not limited to:

– Implementing cybersecurity frameworks and best practices (Ex. ISO27001, NIST CSF, CIS Controls, DORA)

– Enhancing incident response and recovery times

– Reduction of risk exposure

– Development of security awareness programmes

– Adoption of innovative security technologies (Ex. AI-driven threat detection, Zero Trust architectures, cloud security enhancement, advanced SOC capabilities)

– Successful cybersecurity audits and certifications

  • Any nominee who has a negative media check will be disqualified. Non-compliance or breach with the National Cybersecurity Community Code of Conduct will also lead to disqualification.
  • Must have attended at least 3 events organised by the MITA-NCC within the last 24 months to demonstrate active participation and engagement in cybersecurity discussion and initiatives.

Nominations for the Cyber Leader of the Year Award are a fundamental part of recognising outstanding contributions within the cybersecurity community.

 

Who Can Submit a Nomination?

  • Members and Non-Members of the National Cybersecurity Community may submit nominations. However, these Members must have or have had direct experience working with the nominee.
  • Peer and colleague nominations are encouraged, ensuring that the achievements and contributions of cybersecurity professionals are recognised by those within the industry.
  • Self-nominations are permitted, allowing individuals to put themselves forward for consideration. Individuals who are self-nominating must provide one (1) reference to substantiate their claims.

 

Nomination Restrictions

To uphold fairness, transparency, and prevent any conflicts of interest, the following nomination restrictions shall be enforced:

Prohibited from Submitting Nominations Prohibited from Being Nominated
 

· Staff Members of MITA and the MITA-NCC

· Members of the Consultation Council

· Members of the Award Committee (both Internal and External Members)

  

· Staff Members of MITA and the MITA-NCC

· Members of the Consultation Council

· Members of the Award Committee (both Internal and External Members)

The selection will be conducted through a structured qualitative-based evaluation, following a three-stage approach, emphasising leadership, innovation and contributions to the cybersecurity community.

  • Nomination and Eligibility Verification

Individuals can self-nominate or be nominated by others (including members and non-members of the National Cybersecurity Community). Nominees must meet the eligibility criteria, ensuring that only qualified candidates progress to the next stage.

  • Shortlisting of the top 5 nominees

Once nominations have been received by the MITA-NCC, a process of identifying and shortlisting the top 5 nominees will be performed by the Award Committee.

  • Final evaluation by the Award Committee

The Award Committee will conduct a thorough qualitative assessment of the shortlisted nominees based on the following criteria:

  • Leadership and vision (25%)
  • Innovation in cybersecurity (25%)
  • Risk management excellence (25%)
  • Impact on organisational security (25%)

The shortlisted nominees may be subject to sit for an interview with the Award Committee for the final evaluation for the award.

The Cyber Rising Star Award is an initiative that honours early-career cybersecurity professionals who entered the field within the past two years. This includes recent graduates with up to two years of experience, career shifters transitioning from a different professional role into a cybersecurity-specific role, and alternative pathway professionals who have gained entry through industry-recognised certifications, specialised courses or structured training programmes instead of a traditional degree.

This award aims to:

  • Recognise individuals who have shown strong commitment to developing their skills, adapting to cybersecurity challenges and actively contributing to their teams or communities.
  • Celebrate creative approaches and fresh perspectives brought by newcomers to cybersecurity – learning and applying new techniques, participating in cybersecurity projects, engaging in research or contributing ideas that enhance security awareness or best practices within their organisation.
  • Acknowledge professionals who have demonstrated enthusiasm and commitment to cybersecurity by continuously improving their knowledge, seeking mentorship, contributing to team success, and actively participate in cybersecurity initiatives, communities or awareness programmes.

To be considered for the Cyber Rising Star Award, a nominee must meet the following mandatory conditions:

  • Open to all Maltese nationals and/or Maltese residents employed by a company registered locally, irrespective of National Cybersecurity Community membership. Remote workers for foreign organisation are not eligible.
  • An individual with not more than 2 years of professional experience in cybersecurity or a professional who has transitioned into cybersecurity from other fields within the past 2 years.
  • Any nominee who has a negative media check will be disqualified.

Nominations for the Cyber Rising Star Award are a fundamental part of recognising and celebrating excellence within the Community.

Who Can Submit a Nomination?

  • Members and Non-Members of the National Cybersecurity Community may submit nominations. However, they must have or have had direct experience working with the nominee.
  • Peer and colleague nominations are encouraged, ensuring that the achievements and contributions of cybersecurity professionals are recognised by those within the industry.
  • Self-nominations are permitted, allowing individuals to put themselves forward for consideration. Individuals who are self-nominating must provide one (1) reference from a professional within the cybersecurity industry to substantiate the nominee’s qualifications and achievements. This reference should provide insight into the nominee’s contributions and potential within the field.

Nomination Restrictions

To uphold fairness, transparency, and prevent any conflicts of interest, the following nomination restrictions shall be enforced:

Prohibited from Submitting Nominations Prohibited from Being Nominated
 

· Staff Members of MITA and the NCC-MT

· Members of the Consultation Council

· Members of the Award Committee (both Internal and External Members)

  

· Staff Members of MITA and the NCC-MT

· Members of the Consultation Council

· Members of the Award Committee (both Internal and External Members)

The selection will be conducted through a structured qualitative-based evaluation, following a three-stage approach, emphasising foundational skill development, adaptability, and engagement with learning opportunities in the field of cybersecurity.

  • Nomination and Eligibility Verification

Individuals can self-nominate or be nominated by others (including members and non-members of the National Cybersecurity Community). Nominees must meet the eligibility criteria, ensuring that only qualified candidates progress to the next stage.

  • Shortlisting of the top 5 nominees

Once nominations have been received by the MITA-NCC, a process of identifying and shortlisting the top 5 nominees will be performed the Award Committee.

  • Final Evaluation by the Award Committee

The Award Committee will conduct a thorough qualitative assessment of the shortlisted nominees based the following criteria:

  • Impact on Cybersecurity Advancement (40%)
  • Innovation and Novel Approaches (35%)
  • Dedication to Cybersecurity Excellence (25%)

The shortlisted nominees may be subject to sit for an interview with the Award Committee for the final evaluation for the award.

The Cybersecurity CSR Award is an initiative that honours an organisation in Malta that has shown outstanding dedication to raising cybersecurity awareness through meaningful Corporate Social Responsibility (CSR) initiatives. This award celebrates efforts that have made a meaningful contribution to Malta’s national cybersecurity ecosystem by proactively educating the public – particularly local communities and vulnerable groups such as children, youth, the elderly, and members of non-profit organisations. Recognised initiatives should focus on promoting cybersecurity knowledge, sharing industry best practices, and delivering relevant, accessible information to improve public understanding and safety.

To be considered for the Cybersecurity CSR Award, a nominee must meet the following mandatory conditions:

  • Must be an organisation registered as a member of the National Cybersecurity Community.
  • Must have carried out at least one significant cybersecurity-related CSR initiative within the past 12 months. Such an initiative must be non-commercially driven, providing real value to the community by raising cybersecurity awareness, offering education or improving public cybersecurity practices. While the initiative must be implemented in Malta, it may also have regional or global reach.
  • Any nominee that has a negative media check will be disqualified. Non-compliance or breach with the National Cybersecurity Community Code of Conduct will also lead to disqualification.

Nominations for the Cybersecurity CSR Award play a vital role in recognizing outstanding contributions by entities in Malta that have made a meaningful impact in promoting cybersecurity awareness and education through CSR initiatives.

Who Can Submit a Nomination?

  • Members and Non-Members of the National Cybersecurity Community may submit nominations. However, nominators must have direct experience with the nominee. This means they should have personally worked with, collaborated with, or directly benefited from the nominee’s cybersecurity-focused CSR efforts, such as initiatives that enhance cybersecurity awareness, education, or resilience within the community.
  • Industry peer nominations are encouraged. If you have worked with or observed an entity making a meaningful impact in cybersecurity CSR, such as raising awareness, educating the public, or strengthening cybersecurity practices, you can nominate them to ensure their efforts are formally recognized.
  • Self-nominations are permitted, allowing entities to put themselves forward for consideration. However, self-nominating entities must provide one (1) reference who has directly experienced or benefited from their efforts and can confirm their contributions to cybersecurity awareness, education, or resilience. The reference should describe how they benefited from the entity’s CSR initiative and contributions to cybersecurity awareness.

Nomination Restrictions

To uphold fairness, transparency, and prevent any conflicts of interest, the following nomination restrictions shall be enforced:

Prohibited from Submitting Nominations Prohibited from Being Nominated
 

· Staff Members of MITA and the MITA-NCC

· Members of the Consultation Council

· Members of the Award Committee (both Internal and External Members)

  

· MITA and the MITA-NCC

The selection will be conducted through a structured qualitative-based evaluation, following a three-stage approach.

  • Nomination and Eligibility Verification

Organisations can self-nominate or be nominated by others (including members and non-members of the National Cybersecurity Community). Nominees must meet the eligibility criteria, ensuring that only qualified candidates progress to the next stage.

  • Shortlisting of the top 5 nominees

Once nominations have been received by the MITA-NCC, a process of identifying and shortlisting the top 5 nominees will be performed by the Award Committee.

  • Final Evaluation by the Award Committee

The Award Committee will conduct a thorough qualitative assessment of the shortlisted nominees based on the following criteria:

  • Contribution to National Cybersecurity Awareness (40%)
  • Genuine CSR intent (25%)
  • Long-term educational value (20%)
  • Innovation and engagement (15%)

The shortlisted nominees may be subject to sit for an interview with the Award Committee for the final evaluation for the award.

The Top Performer in Cyber Skilling Programme Award is an initiative that honours the top performer of the Security Operations Centre (SOC) Analyst Training under the MITA-NCC’s Cybersecurity Skilling Programme. This individual must have demonstrated exceptional dedication to learning, excellence in both practical and theoretical sessions and significant progress and proficiency in cybersecurity.

Note: The award is exclusive to participants of the SOC Analyst Training Course under the MITA-NCC’s Cybersecurity Skilling Programme.

The SOC Analyst Training programme consists of seven rounds, with each round allowing up to five participants to become eligible for the award.

To be considered for this Award, participants must successfully pass the Advanced Course.

If fewer than five participants meet these criteria in a given round, only those who qualify will be eligible. There is no requirement to have five eligible participants per round or to have an eligible participant in every round.

At the end of all seven rounds, a maximum of thirty-five participants may be eligible for the award.

The selection process will follow a quantitative-based approach.

The Award Committee will determine the top performer based entirely on quantitative data, specifically the scores achieved by participants throughout the SOC Analyst Training Course. This ensures that awards based on performance are decided objectively, maintaining fairness and transparency in the selection process.

The process to be followed as part of the overall governance framework for this award follows a two-stage approach, emphasizing dedication to learning, excellence in both practical and theoretical sessions, and significant progress and proficiency in cybersecurity. These are as follows:

  • Eligibility Verification

Participants must first meet a set of predefined eligibility criteria, ensuring that only qualified candidates progress to the next stage. This list of criteria is described in the Eligibility Criteria.

  • Final Evaluation by the Award Committee

The Award Committee will conduct a thorough quantitative assessment of the eligible participants based on different criteria which are as follows:

  • Participant’s Foundational Course Total (30%)
  • Participant’s Advanced Course Total (70%)

This quantitative evaluation framework ensures a holistic and balanced assessment, recognising exceptional talent with a dedication for upskilling in Malta.

 

The Outstanding Public Service Cyber Project Award recognises a cyber project implemented by a Public Service Entity in Malta, which went beyond the Public Service Entity’s regular day-to-day responsibilities by contributing to the improvement of Malta’s overall cybersecurity posture and national cybersecurity landscape.

This award aims to:

  • Highlight cyber projects that go above and beyond the baseline requirements outlined in the Information Security Policy, as part of the GMICT Policies.
  • Recognises Public Service Entities that demonstrate exceptional initiative, innovation, or strategic thinking in addressing cybersecurity challenges.
  • Encourage proactive engagement with cybersecurity practices, even among entities whose core functions are not primarily technology-driven.
  • Foster a culture of cybersecurity awareness and accountability across the Public Service, promoting efforts that enhance digital resilience and public trust.
  • Contribute to the betterment of Malta’s national cybersecurity landscape by driving continued improvements and setting positive examples for the broader public service.

To be considered for the Outstanding Public Service Cyber Project Award, all nominated cyber projects must meet the following mandatory conditions:

  • The nominated project must be implemented by an officially recognised Public Service Entity in Malta. A comprehensive list of these Ministries, which are recognised part of the Public Service, can be accessed through the following official government link:

https://www.gov.mt/en/Government/Government%20of%20Malta/Ministries%20and%20Entities/Pages/default.aspx

  • The nominated cybersecurity project must have been implemented within the last 12 months. It should clearly demonstrate how it went beyond the stipulated requirements of one or more domains outlined in the Information Security Policy within the Government of Malta’s ICT Policies, collectively known as the GMICT policy framework. Additionally, the project must have a positive impact on cybersecurity, contributing to the entity’s broader efforts to strengthen overall cybersecurity.

Nominations for the Outstanding Public Service Cyber Project Award are essential for recognizing projects within the Public Service that contribute to enhancing Malta’s national cybersecurity landscape through innovative approaches. To uphold fairness, transparency, and credibility in the selection process, specific eligibility criteria must be met by all nominees.

 

Who Can Submit a Nomination?

For this award, only self-nominations will be accepted. Self-nominations must be submitted by employees from the office of the CIO of the Public Service Entity. Additionally, the self-nomination should provide detailed information about the project, including which domains of the Information Security Policy within the GMICT Policies the project has exceeded. It is recommended that the person directly involved in the project, from the CIO, submits the nomination.

 

Nomination Restrictions

To uphold fairness, transparency, and prevent any conflicts of interest, the following nomination restrictions shall be enforced:

Prohibited from Submitting Nominations Prohibited from Being Nominated
 

· Staff Members of MITA and the MITA-NCC

· Members of the Consultation Council

· Members of the Award Committee (both Internal and External Members)

  

· MITA and the MITA-NCC

The selection will be conducted through a structured qualitative-based evaluation, following a phased approach.

  • Self-nomination of Cyber Projects

Public Service Entities are invited to nominate their own cyber projects for the award. Nominations may only be submitted by employees from the office of the Chief Information Officer (CIO) of the entity. This provides entities the opportunity to highlight their projects and demonstrate how they have gone above and beyond in upholding information security, taking extra steps to further contribute to cybersecurity.

 

  • Eligibility verification of nominations

Nominated projects must meet the set of predefined eligibility criteria to ensure that only eligible projects move forward to the next stage. The eligibility criteria are outlined in the previous section.

  • Shortlisting of the Top 5 nominated cyber projects

Once nominations have been received by the MITA-NCC, a process of identifying and shortlisting the top 5 nominated cyber projects will be performed by the Award Committee.

 

  • Final evaluation by the Award Committee

The Award Committee will conduct a thorough qualitative assessment of the shortlisted projects based on different criteria which are as follows:

  • Positive Impact on National Cybersecurity (30%)
  • Elevating Cybersecurity Standards within the Public Service (25%)
  • Measurable Outcomes and Results (25%)
  • Driving Cybersecurity Innovation and Strategic Transformation (20%)

The shortlisted nominees may be subject to sit for an interview with the Award Committee for the final evaluation for the award.

The Leading Public Sector Cyber Project Award recognises a cyber project implemented by a Public Sector Entity in Malta, which went beyond the Public Sector Entity’s regular day-to-day responsibilities by contributing to the improvement of Malta’s overall cybersecurity posture and national cybersecurity landscape.

This award aims to:

  • Highlight cyber projects that go above and beyond the baseline requirements outlined in the Information Security Policy, as part of the GMICT Policies.
  • Recognise Public Sector Entities that demonstrate exceptional initiative, innovation, or strategic thinking in addressing cybersecurity challenges.
  • Encourage proactive engagement with cybersecurity practices, even among entities whose core functions are not primarily technology-driven.
  • Foster a culture of cybersecurity awareness and accountability across the Public Sector, promoting efforts that enhance digital resilience and public trust.
  • Contribute to the betterment of Malta’s national cybersecurity landscape by driving continued improvements and setting positive examples for the broader public sector.

To be considered for the Leading Public Sector Cyber Project Award, all nominated cyber projects must meet the following mandatory conditions:

  • The nominated project must be implemented by an officially recognized Public Sector Entity in Malta. A comprehensive list of these government entities, which are considered part of the Public Sector, can be accessed through the following official government link:

https://www.gov.mt/en/Government/Government%20of%20Malta/Ministries%20and%20Entities/Pages/default.aspx

  • The nominated cybersecurity project must have been implemented within the last 12 months. It should clearly demonstrate how it went beyond the stipulated requirements of one or more domains outlined in the Information Security Policy within the Government of Malta’s ICT policies, collectively known as the GMICT policy framework. Additionally, the project must have made a positive impact on cybersecurity, contributing to the entity’s broader efforts to strengthen overall cybersecurity.

Nominations for the Outstanding Public Service Cyber Project Award are essential for recognizing projects within the Public Service that contribute to enhancing Malta’s national cybersecurity landscape through innovative approaches. To uphold fairness, transparency, and credibility in the selection process, specific eligibility criteria must be met by all nominees.

 

Who Can Submit a Nomination?

For this award, only self-nominations will be accepted. Self-nominations must be submitted by employees from the office of the CEO / Executive Chairperson of the Public Sector Entity. Additionally, the self-nomination should provide detailed information about the project, including which domains of the Information Security Policy within the GMICT Policies the project has exceeded. It is recommended that the person directly involved in the project, from the office of the CEO / Executive Chairperson, submits the nomination.

Nomination Restrictions

To uphold fairness, transparency, and prevent any conflicts of interest, the following nomination restrictions shall be enforced:

 

Prohibited from Submitting Nominations Prohibited from Being Nominated
 

· Staff Members of MITA and the MITA-NCC

· Members of the Consultation Council

· Members of the Award Committee (both Internal and External Members)

  

· MITA and the MITA-NCC

The selection will be conducted through a structured qualitative-based evaluation, following a phased approach.

  • Self-Nomination of Cyber Projects

Public Sector Entities are invited to nominate their own cyber projects for the award. Nominations may only be submitted by employees from the office of the Chief Executive Officer (CEO) / Executive Chairperson of the entity. This provides entities the opportunity to highlight their projects and demonstrate how they have gone above and beyond in upholding information security, taking extra steps to further contribute to cybersecurity.

 

  • Eligibility verification of nominations

Nominated projects must meet the set of predefined eligibility criteria to ensure that only eligible projects move forward to the next stage. The eligibility criteria are outlined in the previous section.

  • Shortlisting of the Top 5 nominated cyber projects

Once nominations have been received by the MITA-NCC, a process of identifying and shortlisting the top 5 nominated cyber projects will be performed by the Award Committee.

 

  • Final evaluation by the Award Committee

The Award Committee will conduct a thorough qualitative assessment of the shortlisted projects based on different criteria which are as follows:

– Positive Impact on National Cybersecurity (30%)

– Elevating Cybersecurity Standards within the Public Sector (25%)

– Measurable Outcomes and Results (25%)

– Driving Cybersecurity Innovation and Strategic Transformation (20%)

The shortlisted nominees may be subject to sit for an interview with the Award Committee for the final evaluation for the award.