Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

university

NCSC publishes university threat assessment

960 640 Stuart O'Brien

The threats facing the UK’ universities and the steps they can take to protect themselves have been outlined in a report from the National Cyber Security Centre (NCSC), a part of GCHQ.

The NCSC’s threat assessment aims to raise awareness of state-sponsored espionage targeting high-value research, as well as the risk of financial losses at the hands of cyber criminals.

While the NCSC has been working with the academic sector on an ongoing basis to improve security practices, this is the first threat assessment it has produced specifically for universities.

The assessment notes that while cyber criminals using methods such as phishing attacks and malware pose the most immediate, disruptive threat, the longer-term threat comes from nation states intent on stealing research for strategic gain.

To mitigate the risks, universities are encouraged to adopt security-conscious policies and access controls, as well as to ensure potentially sensitive or high-value research is separated rather than stored in one area.

Measures to support universities have been outlined in Trusted Research, from the Centre for the Protection of National Infrastructure (CPNI) and the NCSC, which offers accessible and actionable cyber security advice for university leaders, staff and researchers.

Sarah Lyons, Deputy Director for Economy and Society at the National Cyber Security Centre, said: “The UK’s universities are rightly celebrated for their thriving role in international research and innovation collaborations.

“The NCSC’s assessment helps universities better understand the cyber threats they may face as part of the global and open nature of research and what they can do about it using a Trusted Research approach.

“NCSC is working closely with the academic sector to ensure that, wherever the threat comes from, they are able to protect their research and their universities in cyberspace.”

The assessment found that the open and outward-looking nature of the universities sector, while allowing collaboration across international borders, also eases the task of a cyber attacker.

Among the examples highlighted in the assessment was an attack from last year attributed to Iranian actors in which they were able to steal the credentials of their victims after directing them to fake university websites.

The attack took place across 14 countries, including the UK, and many of the fake pages were linked to university library systems, indicating the actors’ appetite for this type of material.

The assessment also highlights the financial damage which can be caused by cyber attacks on UK universities, citing previous figures from UK Finance which estimated that UK university losses from cyber crime for the first half of 2018 were £145m. 

The threat assessment for universities can be read here.

Universities invited to apply for NCSC certification

960 640 Stuart O'Brien

Universities across the UK now have a further opportunity for their cyber-security related degrees to gain certification as part of the National Cyber Security Strategy.

After a rigorous process, the National Cyber Security Centre (NCSC) – a part of GCHQ – has already certified 23 Master’s degrees, three Integrated Master’s and three Bachelor’s degrees from 19 universities over the last four years.

With applications now open the NCSC is looking for fresh candidates to increase these figures, with degree apprenticeships now also eligible.

NCSC-certified degrees are designed to help universities attract high quality students from around the world, employers to recruit skilled staff and prospective students to make better informed choices when looking for a highly valued qualification.

The degree certification programme is part of a range of programmes which the NCSC and its government partners have initiated across UK academia designed to address the knowledge, skills and capability requirements for cyber security research and education.

The other programmes include Academic Centres of Excellence in Cyber Security Research (ACEs-CSR), Academic Research Institutes, and Centres for Doctoral Training in Cyber Security.

Chris Ensor, NCSC Deputy Director for Cyber Skills and Growth, said: “I’m really pleased that we’ve now launched a programme for certifying degree apprenticeships.  This will be a valuable addition to our certified undergraduate and postgraduate degree programmes.

“Degree Apprenticeships offer a flexible option for both students and employers, as we have seen from our own Degree Apprenticeship programme.

“I’m really looking forward to seeing some more successful applications, and strongly encourage any interested universities to get in touch and find out more.”

Universities Minister Chris Skidmore said: “The fast-paced world of technology is constantly evolving and it is vital that young people have the option to study high quality courses in cutting edge industries, such as cyber security.

“We want to maximise choice and flexibility for people wanting to study in higher education, whether that’s as part of a traditional course or a degree apprenticeship.

“Not only will these certified degrees provide a benchmark for future cyber security professionals, but also help to ensure they are ready for the world of work and prepare them for an exciting career.”

Institutions who are interested in applying for certification can find out further detail via https://www.ncsc.gov.uk/information/ncsc-degree-certification-call-new-applicants-0

UK universities recognised for excellence in cyber security research

960 640 Stuart O'Brien

Three UK universities have been recognised as Academic Centres of Excellence in Cyber Security Research (ACE-CSR).

The National Cyber Security Centre (NCSC) and the Engineering and Physical Sciences Research Council (ESPRC) have identified the University of Kent, King’s College London, and Cardiff University as having first-rate research with scale and impact.

The universities will now join 14 other institutions in a scheme forming part of the Government’s National Cyber Security Strategy, which is making the UK the safest place to be online and helping to support the country’s thriving digital economy.

The universities will now have the opportunity to bid for funding to develop cutting-edge research in cyber security, including at Doctoral level, as well as attend annual conferences and workshops.

The scheme aims to create a better understanding of the strength of the UK’s academic capability in cyber security and identify areas where there are research opportunities or technical gaps. It makes collaboration between academia, business and government easier, and helps make sure cutting-edge research is turned into practical products and services. This includes developing tools to tackle mass marketing fraud online and better understand cyber criminals.

Minister for Digital Margot James said: “These universities are doing fantastic research in cyber security and they are rightly being recognised for their pioneering work. We have some of the best minds in the world working in the field and thanks to this scheme they can now help shape our National Cyber Security Strategy and develop the talent and services of tomorrow.”

Chris Ensor, Deputy Director for Cyber Security Skills and Growth at the NCSC, said: “The UK has world-class universities carrying out cutting edge research into all areas of cyber security. It’s fantastic to see three more universities recognised as Academic Centres of Excellence and I’m especially pleased that we now have centres in all home nations. The NCSC looks forward to collaborating with these institutions to make the UK the safest place to live and work online.”

Professor Pete Burnap, Professor of Data Science & Cybersecurity, and Director of the Airbus Centre of Excellence in Cybersecurity Analytics at Cardiff University said: “We are delighted to receive this recognition as it evidences our long track-record of research excellence in cyber security. Our core identity is the interdisciplinary fusion of artificial intelligence and cybersecurity, a concept we call Cyber Security Analytics. AI is at the heart of the UK government’s industrial strategy and our aim is to innovate with AI to improve automated cyber threat intelligence and support decision making and policy responses to make the UK more secure for individuals, business and the government. We are proud to be the first Welsh university to be recognised by NCSC for our cyber research capability, and we hope to build on the impressive expertise that already exists across the region between academia, government and business.”

Dr Jose M. Such, Director of the Centre, and Senior Lecturer in the Department of Informatics at King’s College London said: “We are thrilled to be recognised for the high-quality socio-technical cyber security research we conduct at King’s College London. This recognition acknowledges the critical and diverse mass of researchers working on this area at King’s from different but complementary angles and points of view. Our research focuses on three main research themes and their interrelationship: the use of AI for cyber security together with the cyber security of AI itself, the theoretical aspects of cyber security like verification and testing, and the socio-political and strategic aspects of cyber security.”

Shujun Li, Professor of Cyber Security and Director of the Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) at the University of Kent, said: “We are excited to be given the ACE-CSR status as an acknowledgement of the excellent research in cyber security at the University of Kent. Our research is truly interdisciplinary drawing on the expertise of colleagues from computer science and engineering as well as wider disciplines such as psychology, law, business and sociology. Our ambition is to have one of the largest and most productive cyber security research centres in the UK by 2022 as well as helping to grow the next-generation cyber security researchers.”

The ACE-CSR programme is supported by Government’s £1.9 billion National Cyber Security Strategy (NCSS) 2016-2021.

List of institutions that are recognised as Academic Centres of Excellence in Cyber Security Research are:

  • University of Birmingham
  • University of Bristol
  • University of Cambridge
  • Cardiff University
  • University of Edinburgh
  • University of Kent
  • Imperial College London
  • King’s College London
  • Lancaster University
  • Newcastle University
  • University of Oxford
  • Queen’s University Belfast
  • Royal Holloway, University of London
  • University of Southampton
  • University of Surrey
  • University of Warwick
    University College London