Helping your Cyber Security Journey

by Alan Settery, SICSA Cyber Security Network Integrator
9 October 2017

As always Freshers week was full of enthusiasm and energy as students were welcomed across Scotland’s universities and now settle down to start their new computing science and cyber security courses.

It’s an exciting time to be involved and set out on this journey; technology is evolving at a fast pace and there are a lot of interesting areas to be involved in – from bit coins and block chain to artificial intelligence, robotics and autonomous cars; from a raspberry pi and hackathons to the cloud, supercomputers and big data analytics. Of course cyber security needs to be considered in all of these areas and many more. We know the importance being digitally safe and secure plays in our day to day lives and the role industry has in dealing with cyber threats to our services and infrastructure.

Cyber UpdateRecently, some students may have attended the CyberFirst events held across universities – Edinburgh Napier University and University of Glasgow. These courses are organised by the National Cyber Security Centre and aimed at encouraging 11 – 17 year olds to the world of cyber security. It is worth noting that CyberFirst is a Student Bursary scheme which is available to first year students at university too – details are available and applications are usually open in April each year. https://www.ncsc.gov.uk/articles/cyber-first-bursary-scheme.

Interestingly Lockheed Martin have sponsored CyberFirst too. http://www.lockheedmartin.co.uk/uk/news/press-releases/2017-press-releases/lockheed-martin-backs-governments-cyberfirst-initiative-to-find-tomorrows-online-security-experts.html

For those of you with an interest in, but not already on a cyber security course, if would like to know more about the topic there is a free on-line Open University introduction through Future Learn. https://www.futurelearn.com/courses/introduction-to-cyber-security/12 This covers, Threat landscape, Authentication, Malware, Networking & Comms, Cryptography, Network Security, Defences and Risks and could be a flexible way to understand more.

Did you know?

 – October is the raising Cyber Security awareness month in Europe  https://cybersecuritymonth.eu and in the USA https://www.dhs.gov/national-cyber-security-awareness-month

New MSc IT Cyber Security for non-computing graduates

Cyber Security is growing in importance as more and more of what we do moves online.  Both public and private sector organisations are employing more cyber security professionals, both because they want to secure their information, but also, increasingly, because they are required to do so by new legislation.

The University of Glasgow School of Computing Science is delighted to announce the availability of a new programme designed for graduates who have a good non-computing degree and an interest in cyber security.  On the security side it teaches general cyber security techniques with Cyber Security Fundamentals and Cryptography and Secure Development.  Enterprise Cyber Security covers security in business organisations, while Human Centred Security, Cyber Security Forensics and Safety Critical Systems (protecting critical infrastructure) rounds off this part of the programme.

On the IT side, students are taught to program with a Programming course and Team Project, and also learn about Databases, Computer Systems and Software Project management.  The programme finishes with a Cyber Security based summer project.  No prior computing education is required.

Further information at www.glasgow.ac.uk/postgraduate/taught/itcybersecurity/

 

Christmas Cyber Lectures

by Alan Settery, SICSA Cyber Security Network Integrator

Once again the annual Cyber Security Christmas lectures has been a huge success with over 2,600 school pupils having a fun experience in the world of Cyber Security and chocolate!

The 5 day lecture series was held just before Christmas across Scotland at universities UHI – Inverness, RGU – Aberdeen, Abertay – Dundee, Edinburgh and Glasgow Caledonian and is designed to complement the new National Progression Award in Cyber Security are based on: Digital Forensics, Ethical Hacking and Data Security.

It has to be said that this year’s event is probably the largest of it’s kind in the UK and was a logistics challenge with pupils from 81 schools being co-ordinated and transported (lots of buses!) to and from the events. So well done to all involved and thank you SICSA for kindly sponsoring 5 bus loads of pupils to come who otherwise would not have done so, including one all the way from the borders.
Christmas LectureThe presentations were exciting, fun, often thought provoking and engaging – tackling a range of areas; from Bill Buchanan hacking and taking control of mobile devices and cameras, Police Scotland raising awareness of on-line cyber crime, Strathclyde / Edinburgh university linking school pupils into a physical “block chain” and Abertay’s talk about “a fridge full of spam”.  Brian Higgins from ISC2 showed a cyber wheel of fortune game and for the first time the lectures attracted an international keynote speaker – Amalie Wedege from Alpha-zero presented about “Zero days and Stuxnet”.  There were further talks about Public key encryption and NCCGroup’s discussed ‘Why after 15 years of web security was the web not fixed yet?”  All of the presentations were interactive with high energy audience participation – being provided by the numerous chocolate prizes – over the week 55 kg handed out!!!

Media wise, the lectures always attract a large coverage and here are some of the links;

Special recognition is given to Dr Martin Beaton – the main organizer for the event who’s motivation is “… helping pupils to understand the risks they face as well as the opportunities available if they choose a career in the sector.”

Thanks also to everyone who contributed to make the Cyber Christmas lectures a great success; to the speakers who have freely contributed their time; to the sponsors PwC, CGI, Fujitsu, Scottish Government, Scottish Enterprise, SDS, University of Glasgow (USB wristbands!), SICSA and the hosting universities.

For more information please contact:
Alan Settery
SICSA Cyber Security Network Integrator, University of Glasgow
Email: Alan.Settery@glasgow.ac.uk
Phone: +44 (0) 141 330 4845

Christmas Lecture Data

Welcome from our newest member of staff

Cyber Security Researcher - Maria Evangelopoulou

Cyber Security Researcher, Maria Evangelopoulou, at DEMOfest 2016

By Alan Settery, SICSA Cyber Security Network Integrator

I began my role as the new SICSA Cyber Security Network Integrator role just over a week ago and I look forward to working in this exciting and growing area. Of course, I’m not new to SICSA having been the first SICSA Business Development Executive and more recently managing the SICSA Smart Tourism programme, so I know many of you very well! In-line with the increased activity in this area, we have recently launched a new permanent SICSA Research Theme in Cyber Security.

To carry out some ground work for this new role I attended SICSA Demofest 2016 where it was good to see a strong Cyber Security presence at the event, with a key note from Edinburgh Napier University’s Professor Bill Buchanan on “The Key Risks of the Cyber Age”; and 4 exhibiting researchers in this area;

  • DEAV: IoT Security Threat Detection Analysis & Visualisation, Robert Gordon University.
  • Securitometer, an Overall Security Metrics App for Android, University of Edinburgh
  • Market-Scale Behavioural Security Analysis for Android Apps, University of Edinburgh
  • The “What, when, why, how and what now?” of an attack in an ICS/SCADA network, University of Glasgow

It was interesting to notice how topical these research areas are, especially considering the recent cyber-attacks on Tesco Bank and the Distributed Denial of Service (DDoS) attack on company Dyn through the IoT Mirai botnet malware, which brought down sites including Netflix, Twitter and Reddit.

With cyber-attacks becoming more prolific and sophisticated, Government, Industry and Academia are joining forces to address the issue.

I recently attended the first Scottish Cyber Awards 2016 event held in the Waldorf Astoria – Caledonian Hotel in Edinburgh.  The awards, organized by the Scottish Business Resilience Centre and Scottish Enterprise had 13 categories.  There was an impressive academic performance, with awards for many of the Scottish Institutions (including Abertay, Edinburgh Napier, Edinburgh, Glasgow Caledonian and Kyle Academy).  The Champion of Champions Award went to Zonefox, a spinout from Edinburgh Napier University. https://www.sbrcentre.co.uk/news/2016/november/scottish-cyber-awards-2016-winners/

It is apparent that the needs for skills in this sector are growing quickly and a key part of my activity will be in growing this expertise through raising awareness and encouraging the next wave of graduates into our industry.

The Cyber Security Christmas lectures are next on the horizon, taking place in cities across Scotland – Inverness, Aberdeen, Dundee, Edinburgh and Glasgow and attracting 3000 school pupils! http://www.sicsa.ac.uk/events/cyber-security-christmas-lectures/

The Cyber Academy at Edinburgh Napier University are also holding a Christmas Cyber and STEM event for P7 Girls http://thecyberacademy.org/christmas-cyber-and-stem-event-for-school-girls-6-december-2016/

I look forward to a busy 2017!

For more information please contact me:

Alan Settery
SICSA Cyber Security Network Integrator, University of Glasgow
Email: Alan.Settery@glasgow.ac.uk
Phone: +44 (0) 141 330 4845