This action might not be possible to undo. Are you sure you want to continue?
Research Councils UK (RCUK) has identified research into cybersecurity as a priority for its Global Uncertainties programme. The programme will work with academic researchers, businesses and government users to enable effective networking, build capacity and develop world-class research projects which address important challenges in cybersecurity. Our ultimate aim is to contribute to making the UK’s networked and online activities secure from misuse and as a result safer, more productive and more enjoyable. This green paper is intended to raise awareness, among academic researchers and users, of RCUK’s emphasis on cybersecurity issues. It is the starting point for further developing an appropriately connected community of cybersecurity researchers and research users. We are inviting comments from all those interested in cybersecurity research in the UK. We are also taking this opportunity to highlight some RCUK activities which will promote cybersecurity research.
At a time when we are more exposed than ever to threats at personal, family, community, organisational and national levels, and as more and more aspects of our lives are played out on computer networks, the problems caused by inadequate cybersecurity are becoming increasingly apparent. Malicious individuals and groups have long since realised just how lucrative the virtual world can be, how it can make criminal or antisocial activity easier, the opportunities it presents to disrupt normal life, and also the fact that these opportunities can only increase in scale. The increasing complexity of computer software and its associated electronic systems and processes increases the incidence of vulnerabilities. Our ever greater reliance on these systems and processes means that successful cyber attacks are likely to have significant consequences. The combination of enhanced threat, increased vulnerability and more serious consequences increases the cyber risk we experience. Better cybersecurity can help to reduce that risk to an acceptable level. More effective cybersecurity measures will come from a clearer understanding of our current and future vulnerabilities, the threats and consequences that result from them and the failings of current approaches. Further research into cybersecurity – its fundamentals and in particular its human and behavioural aspects – is essential.
purely for the purposes of this paper. business and government.What is cybersecurity research? The term ‘cybersecurity’ has come into common usage even though there is no clear agreement on what it does and does not mean. research will not have real impact unless it addresses real problems. To help frame the discussion. some of the trickiest issues (such as ‘the insider threat’) cannot be addressed by technologists alone. It includes defensive 3 as well as more active 4 measures. However good it is in more theoretical terms. 1 Especially networked computer systems. characterised by game-changing concepts and approaches rather than incremental improvements. We want to encourage contributions from researchers new to cybersecurity as well as those from core areas. takes account of international context and developments. Multi. These are not exhaustive or prescriptive and they do not represent a fixed preference or strategy. It should enable positive outcomes for us all. and to develop approaches to tackling problems which work across discipline boundaries wherever necessary. We want to ensure a high-quality dialogue and sharing of views and information between academia and users. dependability research 3 4 2 By which we mean protective measures or approaches which fix problems By which we mean measures which help identify and minimise the threats posed by attackers . communities. helping us to work. Consultation and development of a scope for a research approach to cybersecurity is an important aim for the Global Uncertainties programme. contributing to making the UK a safer place to live and work. play and manage our lives safely and effectively in a world which is moving its activities online at a breathtaking rate. While it is clear that many of the problems we face are at heart technological.and interdisciplinary research will have a crucial role to play in the process of developing novel approaches and solutions. creating new opportunities for the UK’s citizens. and noting particularly that human users are part of the system and that the system is ultimately intended to meet human needs Although the exclusion of problems resulting from accidental errors is not a hard-and-fast rule as there is much to learn from. What does RCUK want to achieve? Good cybersecurity requires long-term. and connects with system vendors and endusers. is that cybersecurity research is any research that seeks ultimately to make electronic systems 1 and the activities they support less likely to suffer harm or disruption as result of deliberate 2 attack. valuing equally the contributions of all participants. lacking in detail and the necessary nuance. is based on a good understanding of the key issues. some key references and a few possible future research directions are gathered in an appendix to this paper. This description is only an initial place-marker. for instance. underpinning research of the highest quality. and helping to make it an attractive place to invest. Businesses and government users have already highlighted to RCUK the importance of fundamental research in solving their problems and their desire to help inform that research. RCUK’s working understanding. We want the cybersecurity researchers we support to be the best at what they do: leading research internationally.
by an up-to-date and accurate awareness of the nature of cybersecurity threats. business and government stakeholders. Academic researchers. There is a great deal of current activity (funded by RCUK and other organisations) and much published work on which we will build. . What will RCUK do next? We believe that the cybersecurity research we fund will benefit from raised visibility and a strengthened feeling of common purpose among researchers and research-users. We will have succeeded in this if: • • • • The UK is seen to be an active and important source of new ideas and solutions to cybersecurity problems. Communicate research results. Just as we are challenging academics and research users to change the way they currently do things we in RCUK are challenging ourselves to make a real difference. where necessary and as funds allow. We have two activities already planned that can be publicised at this stage. and more are being added all the time. Commission. businesses and government users are working together to identify and address key research priorities. one which is already making a valuable contribution to efforts to improve cyber systems. They have a total value of nearly £70M. It ranges from fundamental research into cryptography to work addressing the economics and value of privacy. business and other users of research with each other as a means of further strengthening the UK cybersecurity research community.What research is being done? The UK has an excellent research base in many areas relevant to cybersecurity. with a healthy and innovative research base. needs and ideas between academic researchers. security professionals and government. All potential beneficiaries of cybersecurity research have access to RCUK research activities and are able to draw on the existing research base through effective links with key researchers. More than 250 Principal and Co-Investigators are supported by these grants. as far as is possible. All parts of the UK academic community which might contribute to it are aware of the nature of the cybersecurity challenge and how they can help. We have identified a set of around 120 projects currently or recently funded by RCUK which comprise the core of our cybersecurity research portfolio. addressing priorities agreed among academic researchers. So we will: • • • Connect academic researchers. with research being informed. While there may be some future funding opportunities in cybersecurity our main focus initially will be on working with our current portfolio of projects and resources: aligning it with cybersecurity issues and users in an optimal way and ensuring maximum impact from our existing investments. A full list of these projects and further information on the portfolio is available from the contacts given below. new research in the most promising areas.
This will bring together academic researchers and key problem owners to share information on current activities. London. secondly to enhance UK research effort in strategically important subject areas within cybersecurity.ac.uk) or Alex Hulkes (alex. How can you become involved? If you have any email@example.com. More details on both activities will be made available soon. issues and research programmes.uk).wand@esrc. questions or suggestions about the future of cybersecurity research please contact either Alasdair Rose (alasdair. EPSRC is leading the cybersecurity aspects of the RCUK Global Uncertainties Programme. We are working with GCHQ to develop two opportunities: firstly for academic groups to be identified as UK ‘Centres of Excellence’ for cybersecurity research and education. Invitations will go out in July 2011 but anyone who would like to attend can email one of the contacts listed below to register their interest.uk). . through one or more Research Institutes in these firstname.lastname@example.org.• • There will be a cybersecurity research ‘showcase’ event on Wednesday 23rd November 2011 at Church House Conference Centre. which is led by John Wand of ESRC (john.
The UK’s Technology Strategy Board has produced a complementary roadmap that. cybercrime also generates fear and anxiety. hampers our online activities and limits the UK’s economic potential. These are not intended to be exclusive or comprehensive. The Cyber Security Strategy of the United Kingdom is due to be updated soon. Social damage from . This investigation. they are kept deliberately open and they are presented in alphabetical order. While they do not necessarily represent everything that might be included in an RCUK programme. resilience. to understand and address the risks. influences and is influenced by a range of associated and equally important issues and disciplines: criminology. provides a synthesis of many issues related to cybersecurity that remains valid and useful. Cybercrime Cybercrime is a large and growing problem. It provides an extremely useful insight to help structure longer term research questions and builds on an earlier Foresight ‘Cyber Trust and Crime Prevention’ project. can be found here. but we would like to highlight its current vision statement which describes a future in which: “Citizens. highlighting the need for academic research. sets out drivers for change in information security over the next ten years. to reduce the benefits to criminals and terrorists. Some possible directions for research into cybersecurity Cybersecurity research is hard to define and scope. Finally it is worth restating RCUK’s emphasis on ‘Excellence with Impact’ and our desire that our research and training activities in cybersecurity should make a demonstrable contribution to society and the economy. While its direct financial effects are undoubtedly very significant. sociology. The US DHS’ Roadmap for Cybersecurity Research is a very comprehensive reference which describes a large number of key challenges in cybersecurity. and while their prioritisations may not match those we will collectively develop.Appendix Background material Several reports covering many of the key issues in cybersecurity research are publicly available. To help describe it more usefully we have identified some areas ripe for future investigation or in which we know there is ongoing work on which we can build. It is part of. while conducted some time ago and with a broader scope and different focus to this paper. business and government can enjoy the full benefits of a safe.” A useful summary of current UK government policy and initiatives. secure and resilient cyber space: working together. and so may change in its detail. rather than specifying research issues. systems engineering and many others. touches on. dependability. and to seize opportunities in cyber space to enhance the UK’s overall security and resilience. they provide some excellent source material. A similar strategy document has been prepared by the Dartmouth Institute for Information Infrastructure Protection. at home and overseas. while the UK’s National Security Strategy is here.
Security solutions also need to be developed in ways that work in practise. Risk identification. to cybersecurity often do not seem to reflect the risks to which a system or its users will be exposed. Insight into attackers’ motivations. Misaligned incentives. Research relating to the systems and applications of the future. security is often last in line. This is partly down to a lack of information about risks: information which individuals. as well as those currently in use. nor is our ability to attribute an attack. These threats need to be responded to proportionately and appropriately. mitigation and management in a cyber world . economics. ethics. Human factors and useable security It takes a human to create or exploit a cyber vulnerability. and how a particular technology choice or approach will affect human behaviour. These drivers of change include: e-healthcare systems. We have to understand how humans really behave and interact with cybersystems. monitoring and control systems. Drivers for change Developments in the ways that we use ICT are outpacing the security solutions required for their safe adoption. motivation and regulation of cybersecurity measures The resources allocated. reduction. Global threats. lack of clarity on ownership/responsibility and poor information on the effectiveness of solutions also contribute to a general ‘market failure’. not just on paper. e-voting. Deployment. business and government need to make sound decisions. if we want our systems be more secure. a lack of common standards. cloud computing. quantum systems and technologies. and ways of deterring them from acting on them. nor is it clear what responses are likely to be most effective or acceptable. regulation. in the very long term. and approaches adopted. smart metering. and. ‘cyberwar’. policy and legality Threats to the UK from states and terrorists are growing. is also lacking. is essential.cybercrime – for instance from a child protection point of view – is impossible to value in any sensible way. ubiquitous computing. Recognition of the importance of cyberspace as a national frontier has similarly complex implications as do the global nature of the threat and the borderless nature of the internet. As a business driver. The framework for doing so is not as well established as in more traditional cases. as is the lost potential of what we are unable to do as a result of the threat of cyber-criminality.
the potential for malicious disruption increases. digital forensics and other methods of improving broad situational awareness. Approaches to sharing data and delivering better services which enhance information security and preserve the privacy of individuals are required. Intrusion detection systems. visualisations. Threats to physical infrastructure from cyber events As more physical infrastructure comes under the control of systems which are connected to public networks. There are also complicated ethical and legal issues to consider. Autonomous approaches to protecting systems will help reduce the burden on human resources. Many of the most memorable stories about breaches in cybersecurity are in fact information management issues. the risks associated with data losses mount. and detecting attacks Without knowing how a system behaves in ‘normal’ operation it is impossible to tell when something abnormal is occurring. We also need ways of measuring or characterising the level of security in a system and how much we stand to gain or lose from a particular security action relating to it. in real time and post-event. Secure management and usage of data across a range of systems As more and more services – government and private – are delivered online.Our understanding of how cybersystems behave has not kept up with the rate at which they are developed and implemented. While this threat has much in common with parallel work into resilience it also has unique cybersecurity aspects. and we need better ways of managing those risks and making decisions under uncertainty. Understanding and monitoring systems and networks. We need a better understanding of the risks associated with our cyber activities. will be important areas for research. .
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue reading from where you left off, or restart the preview.