Tagged / cyber security

Predictive Cyber Analytics – Funding opportunity

The Defence and Security Accelerator (DASA) competition welcomes proposals for novel approaches to predictive cyber security to address challenges in defence and/or security.

A total funding of £1M will be available in this Phase 1 of this competition. Around 5 to 10 proof-of-concept research projects up to 6 months of duration are expected. Further funding into future phases beyond this competition is anticipated to be available.

Details on how to apply will be included in the full competition document which will be available soon. Please sign up to alerts to keep up to date.

In the meantime, you will need to register for the new DASA Submission Service, noting you will not be able to view the competition until the full competition document is published.

Please click on this link to find out more about this competition and more on the submission process can be found here.

Queries should be sent to accelerator@dstl.gov.uk.

BUDMC Professor Speaks on Entrepreneurial Resilience at Prestigious IBM Client Forum in London

On 26th November 2015, BUDMC’s Professor of Crisis and Disaster Management, Lee Miles, gave a keynote presentation at a prestigious client forum examining ‘Cyber Resiliency – Protecting Your Business in an “Always On” World’, organised by IBM Resiliency Services and held at the IBM Client Centre at IBM UK’s headquarters in London.

Lee spoke on the subject of ‘Understanding Entrepreneurial Resilience and its Contribution to an ‘Always On’ World’.  He discussed the need for senior business managers to value the entrepreneurial and innovative talents of staff in order to maximise the effectiveness of their resilience planning and processes in cyber security. Lee introduced the twin expectations of being ‘resilient about “always on”’ and ‘always on resilience’; two paradigms that successful resilience managers need to balance strategically and innovatively if they are to meet the challenges of handling future crises and disasters that have major implications for the business world.

IBM Client Forums bring together senior resilience, emergency and business continuity managers from some of the UK’s leading, and most prestigious, FTSE-indexed commercial and business interests.  The forums provide key platforms for discussing the most contemporary issues in resilience. Lee joined a high profile list of speakers that included senior representation from the UK’s Cabinet Office, the Business Continuity Institute (BCI), Barclays Bank as well as experts from IBM’s own Resiliency Services Division.

Lee also participated in a major and lively panel discussion, debating the most cutting-edge issues in cyber resilience.

Lee’s invitation and participation represent further evidence of the BUDMC’s continuing profile in all aspects of disaster management.  The substantial strategic cooperation that is developing between BUDMC and the University’s Cyber Security Unit (SCU) continues to attract external recognition. Considerable interest was also generated among members of the IBM Client Forum in the forthcoming BUDMC short course in ‘Entrepreneurial Resilience in Crisis and Disaster Management’ to be offered (in association with the BU Centre for Entrepreneurship) for the first time in May 2016.

Lee Miles Giving Keynote at IBM on 'Entrepreneurial Resilience and Cyber Security'

Lee Miles Giving Keynote at IBM on ‘Entrepreneurial Resilience’

IBM Client Forum Panel in Action

IBM Client Forum Panel in Action

Chancellor sets out vision to protect Britain against cyber threat

The Chancellor of the Exchequer has announced in a speech from inside GCHQ plans to make Britain the best protected country in cyber space.

cyber eyeThe Chancellor announced that he is prioritising security in his Spending Review next week.  He has committed to increasing spending on cyber security to £1.9 billion by 2020, 1,900 new staff across the three intelligence agencies and the first National Cyber Centre, which will be home to the country’s first dedicated ‘cyber force’.

Osborne announced an Institute for Coding that will offer university and business collaborations the chance to compete for a capital prize of £20 million to enable training of “the nation’s next generation of coders”. Training in coding at schools and apprenticeships will also be increased, said Osborne.

You can read the full press release here.

The government’s Strategic Defence and Security Review 2015, due to be published on 23 November, is also expected to have a strong focus on cyber security.

The importance of Information Security

cyber eyeInformation security has recently been making headline news with a growing rate of daily reports on cyber-attacks on individuals, businesses and government establishments. This has resulted in an increase in the need for infosec professionals with the proven skills to alleviate the growing cyber risks and attacks; so much so that the demand for experienced and qualified professionals has outstripped supply.

Kevin Henry is recognised as one of the Leaders in the field of Information Security worldwide and recently he visited Bournemouth University to give ‘An Overview of Information Security Today and into the Future’. He highlighted importance of the right Infosec practitioners by describing:

  • How important it is for businesses not only to have the right technologies in place but also the skilled operators to use them to their full extent.
  • Often there are several systems working side by side in a business, but not together, leaving gaps which can be easily exploited. It takes a skilled professional to see those gaps and close them.
  • The need for security to be reasonable, simple and without burden to the user was also stressed. It should not slow a process down but should always be one step ahead of the curve. However, there will always be a balance to be found between system security and availability.

Kevin emphasised the need for:

  • Building a strong security culture both in our individual lives and in our professional lives: we all rely on technology in one form or another so each individual needs to take responsibility and not rely on others to tell us what to do, we should all be using the mantra ‘security is my job’.
  • Security awareness is paramount, businesses need to be constantly reminding staff what they should and should not be doing. Importantly, security needs to be regarded as being a positive influence and not as merely catching people out when they do something wrong.
  • Businesses and Infosec professionals need to look ahead and consider where their business will be in two or three years’ time; what are the emerging technologies and how can we prepare and invest now?

Concluding thoughts on how businesses should manage Information Security:Due to the very nature of risk, specifically its unpredictability, it can be difficult to justify expenditure on systems and professionals mitigating it. By the same token, it is difficult to measure the success of implementing Infosec procedures and systems. Ultimately, each business needs to take ownership of the information they hold, whether it is Intellectual Property or the card details of customers and understand the impact of a security breach. A decision can then be made as to how much time and money to invest. Ignorance to the risks can no longer be used as an excuse, a security breach resulting in the loss of credit card details for example would be seen as irresponsible rather than unlucky.
The team at Bournemouth University Cyber Security Unit (BUCSU) have the skills and experience to assist businesses in developing their own personalised Information Security systems and processes. In addition we undertake bespoke security awareness training for all levels of staff. Our enterprise consultants can provide advice and assistance in accessing the various funding available to businesses to improve their Infosec position through consultancy and collaborative research. For more information on any of these points visit the BUCSU website or contact bucsu@bournemouth.ac.uk.

An overview of Information Security today and into the future

Kevin Henry is *the* guru in security certifications and training and we are delighted that he will be presenting at the University on the 11th and 12th of June.  Kevin is going to deliver a handful of lectures which will take you on an enlightening journey through the world of Information Security!

Kevin will present on the following topics:

Thursday 11th June

Shelley Lecture Theatre, Poole House

10.00am – 12.30 pm

Content of the CISSP

What is Information Security and its Role in Business?

2pm – 4pm

How is the face of Information Security Changing?

Hackers versus APTs

Where should my career go?

Friday 12th June

Shelley Lecture Theatre, Poole House

10.00am – 12.30pm

The Value of the CISSP and other Certifications

International Standards and Practices – An Overview of ISO/IEC 27001 and PCI-DSS

If you would like to attend any of the lectures please contact the BU Cyber Security Unit to reserve your place – 01202 962 557 or email 

 

Kevin is recognized as one of the Leaders in the field of Information Security worldwide. He has been involved in computers since 1976 when he was an operator on the largest minicomputer system in Canada at the time. He has since worked in many areas of Information Technology including Computer Programming, Systems Analysis and Information Technology Audit. Following 20 years in the telecommunications field, Kevin moved to a Senior Auditor position with the State of Oregon where he was a member of the Governor’s IT Security Subcommittee and performed audits on courts and court-related IT systems. The co-chair of the CBK for the CISSP and several other certifications, as well as an author with published articles in over ten books and magazines, Kevin is the principal of KMHenry Management Inc. and served until recently as the Head of Education for (ISC)2 and Vice President of ITPG, responsible for all educational systems, products and instructors for training programs. Currently Kevin is an Authorized Instructor for (ISC)2, ISACA, and BCI.

 

Visit the BUCSU website for more information on enterprise consultancy, research and education

EU Radar – Societal Challenges – Secure societies – protecting freedom and security of Europe and its citizens

The following EU Horizon 2020 Societal Challenges’ calls are all closing after April 2015. If you are thinking of applying to any of these calls, please contact RKEO Funding Development Team as soon as you are able, so that we can help you with your submission.

The date given is the funder’s deadline with all closing at 17:00 Brussels local time, unless stated otherwise

Secure societies – protecting freedom and security of Europe and its citizens
Digital security,: Cyber security, privacy and trust – please check the specific topics – 27/8/15
Fight against terrorism and crime – please check the specific topics – 27/8/15
Border security and external security – please check the specific topics – 27/8/15

 

General / Multiple Topics

Horizon 2020 dedicated SME instrument phase 1 and phase 2 –  deadlines – 17/6/15, 17/9/15 and 25/11/15

Please check the specific topics within this call which may meet your research funding needs.

For more information on EU funding opportunities, contact Paul Lynch or Emily Cieciura, in the RKEO Funding Development Team.

Join us for today’s cyber security seminar…

Staff and students are invited to join us for today’s cyber security seminar on:

‘Persuasive Technology for Information Security’

Tuesday, 27th January at 4pm. 

Room: P335 LT

In the seminar, participants will hear about design principles for persuasive technology for promoting information security and also about methods to evaluate persuasive technology. Concrete examples and “best practices” will be given from a recent research project, in which it is used in organizations to make employees comply with information security policies.

Our speaker will be Marc Busch.  Marc is a scientist at the AIT – Austrian Institute of Technology and is active at the intersection of persuasive technology and usable privacy and security. Furthermore, he is specialized in advanced quantitative and qualitative usability and user experience methodology, research methods and statistics in Human-computer interaction. Marc is involved in several international and national research and industrial projects, such as MUSES – Multiplatform Usable Endpoint Security Before joining AIT, Marc was at CURE – Center for Usability Research & Engineering, where he focused on user experience and usability.

Secure and cross border digital identity: issues and perspectives

Staff and students are invited to join us for the next cyber security seminar on:

‘Secure and cross border digital identity: issues and perspectives’

Tuesday 25th November, 4pm – 5pm

Room: P335

 

The talk will discuss requirements, issues and perspectives for an interoperability solution that allows citizens and organizations to establish new e-relations across borders, just by presenting their national eID.

Our speaker will be Dr Andrea Atzeni, from the “Dipartimento di Automatica e Informatica, Politecnico di Torino” who is based in the TORSEC Security group.

Dr Atzeni’s work addresses the definition of security requirements and mobile security, plus, investigation and modelisation of user expectation on security and privacy; risk analysis and threat modeling for complex cross-domain systems; specification of functional and security architectures; development of cross-domain usable security; development and integration of cross-border authentication mechanisms (including legal and technical issues).

Join us for today’s cyber security seminar…

 

‘Pattern- and Security-Requirements-Engineering-based Establishment of Security Standards’

Tuesday, 19th August

Coyne Lecture Theatre, Talbot Campus

4pm -5pm.

Security standards such as Common Criteria or ISO 27001 are ambiguous on purpose, because these standards shall be usable for a large set of different scenarios. The establishment of a security standard requires removing all ambiguities, eliciting concrete security requirements and selecting appropriate security measures.

Dr Kristian Beckers is a security requirements engineering researcher at the University of Duisburg-Essen. He investigates how security requirements engineering methods can be used to support the development and documentation of security standards. In this seminar Dr Beckers will introduce you to the methods and systems which have been created to fit a specific security scenario. In particular, you will find out about the Information Security Management System (ISMS) which was built in compliance with the ISO 27001 standard.

If you would like to join us for this seminar, please book your place via EventBrite.

We will look forward to seeing you!

How security requirements engineering methods can be used to support the development and documentation of security standards…

 

You are invited to join us for the next Cyber Security seminar:

‘Pattern- and Security-Requirements-Engineering-based Establishment of Security Standards’

Tuesday, 19th August

Coyne Lecture Theatre, Talbot Campus

4pm -5pm.


Security standards such as Common Criteria or ISO 27001 are ambiguous on purpose, because these standards shall be usable for a large set of different scenarios. The establishment of a security standard requires removing all ambiguities, eliciting concrete security requirements and selecting appropriate security measures.

Dr Kristian Beckers is a security requirements engineering researcher at the University of Duisburg-Essen. He investigates how security requirements engineering methods can be used to support the development and documentation of security standards. In this seminar, Dr Beckers will introduce you to the methods and systems which have been created to fit a specific security scenario. In particular, you will find out about the Information Security Management System (ISMS) which was built in compliance with the ISO 27001 standard.

If you would like to join us for this seminar, please book your place via EventBrite.

We will look forward to seeing you!

 

National Security: Advancing Capabilities to Meet Current and Future Threats

 

On Thursday 3rd July, the BU Cyber Security Unit (BUCSU) will be exhibiting at the National Security: Advancing Capabilities to Meet Current and Future Threats conference in London.

The conference will offer delegates an opportunity to investigate the key threats and risks to the UK’s national security. They will also learn of the latest developments in developing the UK’s cyber security and the role technology can play in protecting infrastructure and ensuring business and service continuity.

Facing the issue of developing the UK’s cyber security, there are two important areas which need to be tackled – the shortage of security practitioners and the increasing skills gap between existing knowledge and new cyber threats.

In response to these issues, BUCSU will be launching at the conference its ‘job retention through education plan’.  The unit is already working closely with the Police and there is traction to work with other government agencies too; this conference will provide an excellent opportunity to engage with these agencies and UK businesses.


Goal Modelling for Investigating Fraud

Staff and students are invited to join us for the next Cyber Security Seminar…

‘Goal Modelling for Investigating Fraud’

Tuesday 17th June 2014

Lawrence Lecture Theatre, Talbot Campus

4pm – 5pm

 

Join us for this informative seminar presented by Clive Blackwell, who is currently a Research Engineer at Airbus Innovation Works.

This seminar will present a systematic process for analysing fraud using the KAOS tool, which is widely used in requirements engineering. Interestingly, Clive will analyse the case of Paul Ceglia vs Mark Zuckerberg and Facebook, where Ceglia claims 50% of Facebook supported by an alleged contract signed by Zuckerberg. Clive believes this technique could be extended to help provide a general model for fraud and also aid better analysis of the cyber security of complex systems in general.

 If you would like to join us for this presentation, please book your place via Eventbrite. We will look forward to seeing you!

Speaker Bio: Clive Blackwell is currently a Research Engineer at Airbus Innovation Works where his main research is in threat detection and modelling. Clive was formerly a Research Fellow at Oxford Brookes University between 2010 and 2013, where his main area of research was in cyber security and digital forensics with a particular interest in the development of a scientific basis for digital forensics. He has over 50 publications including two books to his name.