U.K.’s first research institute to investigate the science of cyber security

a tough competitive process, in which they had to devise new research programs to address one of two key challenges:

  • How secure is my organization?
  • How do we make better security decisions?

Addressing these practical challenges requires a blended approach from researchers, drawing from both technological and behavioral disciplines. Four teams were successful:

  • University College London, working with University of Aberdeen
  • Imperial College, working with Queen Mary College and Royal Holloway, University of London
  • Royal Holloway, University of London
  • Newcastle University, working with Northumbria University.

University College London was selected to host the Research Institute, with Professor Angela Sasse taking the role of director of research.

The Research Institute will open for business on 1 October 2012 for a period of three-and-a-half years. Sasse said:

I am delighted to be leading the new research Institute. This is an opportunity to work closely with colleagues from different scientific disciplines to tackle the technical, social and psychological challenges that effective cyber security presents.

The establishment of the Research Institute is part of the U.K. government’s National Cyber Security Strategy. The strategy describes how government is working with academia and industry to make the United Kingdom more resilient to cyber attacks. The objectives of the strategy are to:

  • Tackle cyber crime and make the United Kingdom one of the most secure places in the world to do business in cyberspace
  • Make the United Kingdom more resilient to cyber attack and better able to protect our interests in cyberspace
  • Help to shape an open, vibrant, and stable cyberspace which the U.K. public can use safely and that supports open societies
  • Build the U.K.’s cross-cutting knowledge, skills, and capability to underpin all cyber security objectives.

Earlier this year, GCHQ, BIS, and RCUK announced the award of Academic Centre of Excellence (ACE) in Cyber Security Research status to eight U.K. universities.

GCHQ says that also in the pipeline are plans for a second Research Institute, increased sponsorship of Ph.D. research, and a scheme to recognize Academic Centers of Excellence in Cyber Security Education.

The organizations involved note that both the ACE and the Research Institute initiatives are harnessing the vital role that academia has to play in supporting the U.K.’s cybersecurity, but the roles are different. The ACE initiative recognizes existing areas of strength. The Research Institutes, on the other hand, are targeted investment to develop capability on strategically important topics.

The award of research grants to the universities in the Research Institute is subject to the universities agreeing to the GCHQ and RCUK terms and conditions.

In other areas, GCHQ, BIS, and RCUK are working together to advance the level of cyber education at all levels from GCSE through to post graduate research.