UK Cyber Security Research Articles

Security and the Power of Positive Engineering

Abstract Phishing is expected to continue its advance, exploiting emergent UK and global conditions. What if we used positive defences, asks Alex Greenland MBCS, co–founder and CEO of UK cyber security firm Epi Technologies.

Why we need more women in cyber security

The cyber security industry has accelerated due to the pandemic, as the numbers of cyber attacks continues to increase – with new and innovative methods of hacking affecting businesses of all kinds. 1 A study by the Department for Digital, Culture, Media & Sport (DCMS) DCMS revealed that the UK's cyber security industry is now worth an estimated £8.3bn – yet there is still a lack of female representatives in this high-demand industry. 2

When do businesses report cybercrime? Findings from a UK study

Although it is known that businesses report cybercrime to public authorities at a low rate, and this hinders prevention strategies, there is a lack of research on companies’ decisions to report cyber victimisation. This paper analyses the UK Cyber Security Breaches Survey to explore factors associated with cybercrime reporting by businesses. Results indicate that the type of cybercrime is relevant to the reporting decision, and that the likelihood of reporting increases when cybersecurity incidents generate negative impacts and when the company places high priority on cybersecurity. However, we find no association between having cybersecurity insurance and reporting. Finally, while having outsourced cybersecurity management is associated with reporting to anyone outside the organisation but not to public authorities, in-house cybersecurity teams seem more inclined to report to public authorities. Findings are discussed in relation to the role of the private cybersecurity sector and the criminal justice system in combatting cybercrime.

Going it alone? UK cybersecurity regulation post-Brexit

Going it alone? UK cybersecurity regulation post-Brexit

The Dynamics of Business, Cybersecurity and Cyber-Victimization: Foregrounding the Internal Guardian in Prevention

ABSTRACT Private organizations suffer great losses due to cybersecurity incidents, and they invest increasing resources to prevent attacks, but little is known about the effectiveness of cybersecurity measures for prevention. Based on the framework of Routine Activity Theory, this paper analyzes the impact of companies’ online activities and cybersecurity measures on victimization. Our analysis of the UK Cybersecurity Breaches Survey shows that the most promising ways to minimize cyber-attacks and their impacts is to invest in in-house cybersecurity human resources and enhance the employees’ online self-protection by providing cybersecurity training, rather than just basic software protection and guidance about strong passwords.

The UK Government’s Response to Cyber Threats

<p>W artykule podjęto kwestię cyberbezpieczeństwa Wielkiej Brytanii z perspektywy działań rządowych instytucji odpowiedzialnych za zwalczanie zagrożeń płynących z cyberprzestrzeni. W pierwszej części artykułu przedstawiono katalog zagrożeń płynących z cyberprzestrzeni, z którymi zmagają się różne podmioty w Wielkiej Brytanii. Ponadto wskazano na te cechy cyberprzestrzeni, które szczególnie wzmacniają jej podatność na wspomniane zagrożenia. W drugiej części artykułu scharakteryzowano instytucje i organizacje oraz ich zakres działań bezpośrednich lub pośrednich w kwestii bezpieczeństwa cybernetycznego w Wielkiej Brytanii. Najpierw skupiono się na organizacjach wyłącznie odpowiedzialnych za cyberbezpieczeństwo: począwszy od służb specjalnych (GCHQ), przez Narodowe Centrum Cyberbezpieczeństwa (NCSC), skończywszy na wyspecjalizowanych jednostkach działających w ramach tych organizacji. Następnie zaprezentowano agencje i jednostki działające w strukturach rządowych związanych z resortem spraw wewnętrznych, spraw zagranicznych i obrony, takich jak Narodowa Agencja ds. Przestępczości, policja, wywiad i kontrwywiad cywilny i wojskowy. Przedstawiono również inicjatywy resortów związanych z polityką społeczną, cyfryzacją, kulturą, mediami oraz biznesem i przedsiębiorstwami, których ochrona jest jednym z priorytetów wspominanych w brytyjskiej strategii cyberbezpieczeństwa.</p>

A Case for Using Blended Learning and Development Techniques to Aid the Delivery of a UK Cybersecurity Core Body of Knowledge

This article explores the UK's current approach in addressing the cybersecurity skills gap championed by the National Cyber Security Strategy. There have been progressive and elaborate steps taken in the UK toward professionalization of the cybersecurity field. However, cybersecurity knowledge has been labelled as inconsistent when a cybersecurity Chartered status is being proposed. The objective of this analysis was to apply an academic lens over the UK's voyage towards the establishment of a cybersecurity profession. It has been an ambitious but complex endeavor that at times has had alterations of course. Learning from this experience, a blended learning and development approach is now recommended underpinned by an overarching core knowledge framework. Such a framework could join up the existing silos of learning and development activities to benefit from, and build upon, a coherent core knowledge-base for the community. It is argued that this will provide a more satisfactory outcome to enhance the UK's cybersecurity capability on the road to a cybersecurity profession.

Policy, statistics and questions: Reflections on UK cyber security disclosures

Over the last 3 years, the UK Government, through the Department for Business, Innovation & Skills (BIS), has taken a lead in the area of public disclosure on corporate cyber intrusions via their Information Security Breaches Survey. The recent development of the Cyber Essentials scheme by the same department presents a unique opportunity for reasonably correlated data to be analysed against public policy. We describe some initial steps in undertaking such an analysis by performing standard economics calculations on this data. Through the examination of three key questions that are central to the relationship between these documents, economic implications of the existing policy are highlighted against the reported threats. Somewhat inevitably, the results echo the well worn ‘it depends’ answer to the question of cyber security expenditure need; nevertheless, in doing so, they do help indicate the dependencies.

UK cyber security and critical national infrastructure protection

This article is intended to aid the UK government in protecting the UK from cyber attacks on its Critical National Infrastructure. With a National Cyber Security Centre now being established and an updated National Cyber Security Strategy due in 2016, it is vital for the UK government to take the right approach. This article seeks to inform this approach by outlining the scope of the problems Britain faces and what action the UK government is taking to combat these threats. In doing so, it offers a series of recommendations designed to further help mitigate these threats, drive up cyber resiliency and aid recovery plans should they be required. It argues that complete engagement and partnership with private sector owner-operators of Critical National Infrastructure are vital to the success of the government's National Cyber Security Strategy. It makes the case that for cyber resiliency to be fully effective, action is needed at national and global levels requiring states and private industry better to comprehend the threat environment and the risks facing Critical National Infrastructure from cyber attacks and those responsible for them. These are problems for all developed and developing states. [ABSTRACT FROM AUTHOR]

Can the UK cyber-security industry lead the world?

Due to more costly and reputationally damaging hacking attacks, large companies, governments and individuals are increasingly concerned about cyber-security. This has led to the growth of a UK cyber-security sector estimated to be worth over £6bn and which employs around 40,000 people. Due to costly and damaging hacking attacks, large companies, governments and individuals are increasingly concerned about cyber-security. This has led to the growth of a UK cyber-security sector estimated to be worth over £6bn. However, in order for the UK security industry to thrive, it needs continuous innovation and investment to keep pace. Andrew Tyrer of Innovate UK examines why the Government is interested in funding and supporting the growth of the cyber-security sector, the opportunities that exist for cyber-security companies, and the government support on offer.

Cyber Security Education, Qualifications and Training

The rise in significance of cyber security has led to an increase in the range of interesting career paths that can be followed in this area. Inevitably there has also been an explosion in the diversity of available cyber security education, qualifications and training, most of which is targeted at those seeking to engage with this promising job market. In this article, some guidelines are provided on how to select appropriate education, qualifications and training in cyber security, alongside a review of some of the many current offerings and how to differentiate between them. While the focus is on the UK cyber security sector, many of the observations have wider relevance.

News: Cambridge student is named UK cyber security champion

News: Cambridge student is named UK cyber security champion

Multi-agency partnerships in cybercrime reduction

Purpose – This paper aims to map out multi-agency partnerships in the UK information assurance (UKIA) network in the UK. Design/methodology/approach – The paper surveyed members of the UKIA community and achieved a 52 percent response rate (n=104). The paper used a multi-dimensional scaling (MDS) technique to map the multi-agency cooperation space and factor analysis and ordinary least squares regression to identify predictive factors of cooperation frequency. Qualitative data were also solicited via the survey and interviews with security managers. Findings – Via the quantitative measures, the paper locates gaps in the multi-agency cooperation network and identifies predictors of cooperation. The data indicate an over-crowded cybersecurity space, problems in apprehending perpetrators, and poor business case justifications for SMEs as potential inhibitors to cooperation, while concern over certain cybercrimes and perceptions of organisational effectiveness were identified as motivators. Practical implications – The data suggest that the neo-liberal rationality that has been evoked in other areas of crime control is also evident in the control of cybercrimes. The paper concludes divisions exist between the High Policing rhetoric of the UK's Cyber Security Strategy and the (relatively) Low Policing cooperation outcomes in “on the ground” cyber-policing. If the cooperation outcomes advocated by the UK Cyber Security Strategy are to be realised, UKIA organisations must begin to acknowledge and remedy gaps and barriers in cooperation. Originality/value – This paper provides the first mixed-methods evidence on the multi-agency cooperation patterns amongst the UKIA community in the UK and highlights significant gaps in the network.

Perceptions of the eCrime controllers: Modelling the influence of cooperation and data source factors

eCrime is now the typical volume property crime in the United Kingdom impacting more of the public than traditional acquisitive crimes such as burglary and car theft (Anderson et al, 2012). It has become increasingly central to the National Security Strategy of several countries; in the United Kingdom becoming a Tier One threat. While it is apparent to some governments that cybercrimes are now as much of a ‘problem’ as some forms of organised crime, little is known about the perceptions of the broad network of what we call public and private sector ‘eCrime controllers’ in the United Kingdom. A survey of 104 members of the UK Information Assurance community garnered data on the perceptions of the eCrime problem. The results showed an association of cooperation and consumption of data sources with perceptions. It is likely that perceptions within non-specialist corporate and public domains (non-IT and Finance) will begin to change as new cooperation arrangements are introduced as part of the UK Cyber Security Strategy. These findings call for a more in-depth qualitative understanding of the cooperation between eCrime controllers and their data consumption practices. Ascertaining what shapes this cooperation (and non-cooperation) and how perceptions compare with ‘actual’ threats and risks is necessary if we are to better understand the ‘social construction’ of the problem and subsequent policy and operational outcomes.

Where Next for UK Cyber-Security?

The increasing prevalence of interconnected computer services and networks, both within and between the public and private sectors, fully justifies the classification of cyber-security as a tier one risk in the 2010 National Security Strategy. However, Pauline Neville-Jones and Mark Phillips argue that, two years on – and with the growing pervasiveness of cloud computing – the government needs to take the lead by securing its own systems and working more closely with industry, especially in areas critical to national security, to set out standards to which companies can adhere. Nor should this effort be limited to the UK; securing cyberspace requires a global solution.

Cyber Security Strategy

Following the publication of the government's UK Cyber Security Strategy in November 2011, Louise Bennett FBCS CITP gives her thoughts on it and what it means for the industry and the nation.