Security: UK recognises 3 universities as cybersecurity centres of excellence
National Cyber Security Centre

Security: UK recognises 3 universities as cybersecurity centres of excellence

The UK government has recognised three universities as Academic Centres of Excellence in Cyber Security Research (ACE-CSR), bringing the total number of these centres to 17.

The National Cyber Security Centre (NCSC) and the Engineering and Physical Sciences Research Council (ESPRC) have identified the University of Kent, King’s College London, and Cardiff University as carrying out “first-rate research with scale and impact”.

The universities now join 14 others – Birmingham, Bristol, Cambridge, Edinburgh, Imperial College London, Lancaster, Newcastle, Oxford, Queen’s University Belfast, Royal Holloway London, Southampton, Surrey, and Warwick – in a scheme that forms part of the government’s National Cyber Security Strategy, which is designed to make the UK “the safest place to be online” and support the digital economy.

The universities now have the opportunity to bid for new funding to develop cybersecurity research, including at Doctoral level, as well as attend annual conferences and workshops as ACE-CSR recognised institutions.

“The scheme aims to create a better understanding of the strength of the UK’s academic capability in cybersecurity and identify areas where there are research opportunities or technical gaps,” said the government in an announcement.

“It makes collaboration between academia, business, and government easier, and helps make sure cutting-edge research is turned into practical products and services. This includes developing tools to tackle mass marketing fraud online and better understand cyber criminals.”

Minister for Digital Margot James said: “These universities are doing fantastic research in cybersecurity and they are rightly being recognised for their pioneering work.

“We have some of the best minds in the world working in the field and thanks to this scheme they can now help shape our National Cyber Security Strategy and develop the talent and services of tomorrow.”

Chris Ensor, deputy director for cybersecurity skills and growth at the NCSC, said: “It’s fantastic to see three more universities recognised as Academic Centres of Excellence and I’m especially pleased that we now have centres in all home nations.”

Areas of expertise

Cardiff is the first university in Wales to be recognised under the scheme.

Professor Pete Burnap, professor of Data Science & Cybersecurity at Cardiff University, and director of the Airbus Centre of Excellence in Cybersecurity Analytics, said: “We are delighted to receive this recognition, as it evidences our long track-record of research excellence in cybersecurity.

“Our core identity is the interdisciplinary fusion of artificial intelligence and cybersecurity, a concept we call cybersecurity analytics.

“AI is at the heart of the UK government’s industrial strategy and our aim is to innovate with AI to improve automated cyber threat intelligence and support decision-making and policy responses to make the UK more secure for individuals, business, and the government.”

Dr Jose M Such, senior lecturer in the Department of Informatics at King’s College London, said: “We are thrilled to be recognised for the high-quality socio-technical cybersecurity research we conduct at King’s College London. This recognition acknowledges the critical and diverse mass of researchers working on this area at King’s, from different but complementary angles and points of view.

“Our research focuses on three main themes and their interrelationship: the use of AI for cybersecurity, together with the cybersecurity of AI itself, the theoretical aspects of cybersecurity, like verification and testing, and the socio-political and strategic aspects of cybersecurity.”

Shujun Li, professor of Cybersecurity and director of the Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) at the University of Kent, said: “We are excited to be given the ACE-CSR status as an acknowledgement of the excellent research in cybersecurity at the University of Kent.

“Our research is truly interdisciplinary, drawing on the expertise of colleagues from computer science and engineering, as well as wider disciplines, such as psychology, law, business, and sociology.

“Our ambition is to have one of the largest and most productive cybersecurity research centres in the UK by 2022, as well as helping to grow the next-generation cybersecurity researchers.”

Government strategy

The ACE-CSR programme is supported by Government’s £1.9 billion National Cyber Security Strategy (NCSS) 2016-2021.

The NCSS includes a commitment to develop the cybersecurity profession in the UK. As part of this work, the government is consulting on how to develop the right skills, capabilities, and professionalism for the industry. Among other things, it includes a clear definition of objectives and proposes the creation of a new UK Cyber Security Council to coordinate delivery.

The government’s consultation on developing the UK cybersecurity profession closes at 5pm on 31 August 2018. Click the link for more information and to participate.

Internet of Business says: the US angle

In related news this week, US telecoms giant AT&T has completed its acquisition of security firm AlienVault. AT&T is now creating a standalone, customer-facing cybersecurity unit, to be led by AlienVault CEO Barmak Meftah.

Cybersecurity is of growing importance in the political arena – as most of the world is aware, in the wake of the Facebook/Cambridge Analytica affair and Russian campaigns within the 2016 US presidential election, the UK’s Brexit referendum, and elsewhere.

This week it was reported that the US Democratic National Committee’s voter database was the target of another cyber attack, according to party officials who notified the FBI.

Security firm LookOut flagged a fake login page for the VoteBuilder database that was created in a phishing attack. The attacker’s account was suspended, and no intruder accessed the database, according to the DNC.

The DNC’s network was previously breached in 2015 and 2016, leading to the release of emails about the primary process. Special Counsel Robert Mueller later charged 12 members of Russian military intelligence with those attacks.

Microsoft has also entered the fray this week. The company is expanding its Defending Democracy Program with a new security and threat detection offering called AccountGuard, which is free of charge to candidates, campaigns, and political institutions that are using Office 365.

The news comes as the company has itself identified new Russian hacking attempts targeting US political groups ahead of the midterm elections.