Government launches £3.8m cyber security institute

Government launches £3.8m cyber security institute

The government has ramped up moves to tackle growing cyber security threats by launching a £3.8m research institute.

The research institute in the science of cyber security will act as a virtual organisation bringing together academics in cyber security, mathematics, and computer scientists across the UK. It will comprise of seven universities and has backing from the government’s security arm GCHQ.The institute follows the launch of a recent government advice urging companies to tackle the exponential growth in cyber threats at board-level.

David Willetts, minister for Universities and Science, said the institute would enable businesses, government and individuals to better protect themselves from cyber threats: "Britain has one of the largest online economies in the world and a growing cyber security sector, and we need to ensure this success continues,” he said.

Francis Maude, Cabinet Office minister, added: "The UK's first academic research institute will strengthen capability in a strategically important area, keeping the UK at the forefront of international research in the field."

The research institute will open on October 1 2012 for a period of three and a half years.

University College London has been selected to host the research institute, with Angela Sasse taking the role of director of research.

Sasse said: “I am delighted to be leading the new research Institute.  This is an opportunity to work closely with colleagues from different scientific disciplines to tackle the technical, social and psychological challenges that effective cyber security presents.”

Latest Cyber Security Challenge to address Linux skills shortage

Latest Cyber Security Challenge to address Linux skills shortage:

The UK national Cyber Security Challenge has launched another competition aimed at addressing a critical Linux security skills gap.

The majority of internet infrastructure is based on Linux, but Linux is rarely taught in schools and Linux security experts are scarce, according to competition organisers.

Cyber Security Challenge UK runs a series of national inspirational competitions aimed at attracting talented people into the profession and informing them about cybersecurity careers and training.

The latest Sophos Linux Forensics Challenge, which begins on 27 August, will test contestants' skills in identifying security issues on a Linux system. 

As well as detecting a series of attacks against the server, competitors will be asked to detail how it has been compromised and make recommendations on how to fix the problems. 

Competitors will need to be familiar with the configuration of Linux operating systems, as well as typical daemons configured on this platform.

Successful competitors will be able to show potential employers that they have the essential skills needed to protect businesses' crucial web systems, organisers said.

"There have been some steps towards improving the ICT curriculum in schools, but we can no longer stick our heads in the sand," said James Lyne, director of technology strategy at Sophos.

"The web is the main tool used by cybercriminals to target both businesses and consumers, so we still need to do much more to teach vital skills such as Linux programming in schools and universities and to nurture the young Linux generation," he said.

The recent trend of stealing passwords and password hashes has been enabled by the fact that organisations are still not securing their data effectively, said Lyne.

"The frustrating thing is that weak password hashes, malware distribution and database theft can often be easily prevented with simple best practice, which is further evidence that the right focus and skills aren't often in place," he said.

The lack of deep technical skills in cybersecurity is the principal reason that many organisations are unable to defend their computers and networks and data, according to Alan Paller, director of research at the Sans Institute, one of the sponsors of the UK Cyber Security Challenge.