Scotland: A world-leader in Cyber Security Innovation

by Professor Bill Buchanan,
23 May 2018

 

We are moving from an Industrial Age into an Information Age, and increasingly the focus for our world is data. With new regulations such as GDPR and NIS, we thus need to react quicker to data breaches, and also create more secure and resilient data infrastructures, and which are increasingly citizen-focused. The analysis of data is thus a core part of this, whether it is applying filtering methods to reduce the number of alerts that human analysts see, or in the application of machine learning to detect new threats.

The world of Cyber Security is thus all about sharing knowledge, and the SICSA Cyber Nexus supported Conference on Big Data in Cyber Security will be one of the largest Cyber Security conferences to be held in Scotland. It all kicks off on 31 May 2018 at Edinburgh Napier University and then will span the planet over the next 24 hours. The event – named the Cyber Revolution and organised by Adrian Smales and Basil Manoussos – starts in Edinburgh, and then moves onto Canada, Australia, and then across the planet, and returning back to Edinburgh on 1 June 2018. Along the way there will be hundreds of leading Cyber Security presentators, which share best practice and knowledge.

Included in the Edinburgh event are local innovators such as Dr Jamie Graves (Zonefox), Harry McLaren (ECS), David Stubley (7elements) and Federico Charosky (Quorum Cyber), along with leading companies in the field such as Carbon Black, Secureworks, and LogRhythm. The event thus aims to develop cross-collaboration between SMEs in Scotland and those in Canada, and promote international links.

Overall this is a unique event and we hope will build strong bonds across the world, and to develop collaborations. The world of Cyber Security needs more collaboration and the sharing of knowledge and expertise, especially as there are many key stakeholders involved, including industry, the public sector, academia, and law enforcement. Just now, the City of Edinburgh has one of the most advanced infrastructures for research and innovation related to Cyber Security, and this event highlights its importance to the local economy, and for its presence on a world-stage.

Alongside two industry-focused themes, the Edinburgh event includes a SICSA Cyber Nexus sponsored research track, and which is being run by Dr Naghmeh Moradpoor (winner of the most inspiring women in Cyber Security at a recent award ceremony). All three streams of the conference will be broadcast live to the world, and showcase that Scotland is a true innovator with Cyber Security, and embraces collaboration across traditional borders and boundaries.

Few countries can rival the innovation infrastructure that Scotland provides, and, at every turn, there are those who are helping support new ideas and visions. Overall, we need to do everything that we can to support the growth of our innovative companies, and in the transformation of our public services, and thus to fully take advantage of this Information Age.

If you’re interested we are currently setting up a Blockchain Identity Lab – known as the Blockpass Identity Lab – on our Merchiston Campus and have funding for five fully funded PhD studentships in Blockchain focused work, and are keen to work with people and companies with a vision on how we could transform our world with more trusted methods. So, go and get engaged, and collaborate with others. Our future will not be built by the large and faceless companies that are at the core of the Internet, but by our amazing little companies who have a vision for a new future. If you want to see some of them, come along to the conference, and meet them in person.

Helping your Cyber Security Journey

by Alan Settery, SICSA Cyber Security Network Integrator
9 October 2017

As always Freshers week was full of enthusiasm and energy as students were welcomed across Scotland’s universities and now settle down to start their new computing science and cyber security courses.

It’s an exciting time to be involved and set out on this journey; technology is evolving at a fast pace and there are a lot of interesting areas to be involved in – from bit coins and block chain to artificial intelligence, robotics and autonomous cars; from a raspberry pi and hackathons to the cloud, supercomputers and big data analytics. Of course cyber security needs to be considered in all of these areas and many more. We know the importance being digitally safe and secure plays in our day to day lives and the role industry has in dealing with cyber threats to our services and infrastructure.

Cyber UpdateRecently, some students may have attended the CyberFirst events held across universities – Edinburgh Napier University and University of Glasgow. These courses are organised by the National Cyber Security Centre and aimed at encouraging 11 – 17 year olds to the world of cyber security. It is worth noting that CyberFirst is a Student Bursary scheme which is available to first year students at university too – details are available and applications are usually open in April each year. https://www.ncsc.gov.uk/articles/cyber-first-bursary-scheme.

Interestingly Lockheed Martin have sponsored CyberFirst too. http://www.lockheedmartin.co.uk/uk/news/press-releases/2017-press-releases/lockheed-martin-backs-governments-cyberfirst-initiative-to-find-tomorrows-online-security-experts.html

For those of you with an interest in, but not already on a cyber security course, if would like to know more about the topic there is a free on-line Open University introduction through Future Learn. https://www.futurelearn.com/courses/introduction-to-cyber-security/12 This covers, Threat landscape, Authentication, Malware, Networking & Comms, Cryptography, Network Security, Defences and Risks and could be a flexible way to understand more.

Did you know?

 – October is the raising Cyber Security awareness month in Europe  https://cybersecuritymonth.eu and in the USA https://www.dhs.gov/national-cyber-security-awareness-month

New MSc IT Cyber Security for non-computing graduates

Cyber Security is growing in importance as more and more of what we do moves online.  Both public and private sector organisations are employing more cyber security professionals, both because they want to secure their information, but also, increasingly, because they are required to do so by new legislation.

The University of Glasgow School of Computing Science is delighted to announce the availability of a new programme designed for graduates who have a good non-computing degree and an interest in cyber security.  On the security side it teaches general cyber security techniques with Cyber Security Fundamentals and Cryptography and Secure Development.  Enterprise Cyber Security covers security in business organisations, while Human Centred Security, Cyber Security Forensics and Safety Critical Systems (protecting critical infrastructure) rounds off this part of the programme.

On the IT side, students are taught to program with a Programming course and Team Project, and also learn about Databases, Computer Systems and Software Project management.  The programme finishes with a Cyber Security based summer project.  No prior computing education is required.

Further information at www.glasgow.ac.uk/postgraduate/taught/itcybersecurity/

 

Christmas Cyber Lectures

by Alan Settery, SICSA Cyber Security Network Integrator

Once again the annual Cyber Security Christmas lectures has been a huge success with over 2,600 school pupils having a fun experience in the world of Cyber Security and chocolate!

The 5 day lecture series was held just before Christmas across Scotland at universities UHI – Inverness, RGU – Aberdeen, Abertay – Dundee, Edinburgh and Glasgow Caledonian and is designed to complement the new National Progression Award in Cyber Security are based on: Digital Forensics, Ethical Hacking and Data Security.

It has to be said that this year’s event is probably the largest of it’s kind in the UK and was a logistics challenge with pupils from 81 schools being co-ordinated and transported (lots of buses!) to and from the events. So well done to all involved and thank you SICSA for kindly sponsoring 5 bus loads of pupils to come who otherwise would not have done so, including one all the way from the borders.
Christmas LectureThe presentations were exciting, fun, often thought provoking and engaging – tackling a range of areas; from Bill Buchanan hacking and taking control of mobile devices and cameras, Police Scotland raising awareness of on-line cyber crime, Strathclyde / Edinburgh university linking school pupils into a physical “block chain” and Abertay’s talk about “a fridge full of spam”.  Brian Higgins from ISC2 showed a cyber wheel of fortune game and for the first time the lectures attracted an international keynote speaker – Amalie Wedege from Alpha-zero presented about “Zero days and Stuxnet”.  There were further talks about Public key encryption and NCCGroup’s discussed ‘Why after 15 years of web security was the web not fixed yet?”  All of the presentations were interactive with high energy audience participation – being provided by the numerous chocolate prizes – over the week 55 kg handed out!!!

Media wise, the lectures always attract a large coverage and here are some of the links;

Special recognition is given to Dr Martin Beaton – the main organizer for the event who’s motivation is “… helping pupils to understand the risks they face as well as the opportunities available if they choose a career in the sector.”

Thanks also to everyone who contributed to make the Cyber Christmas lectures a great success; to the speakers who have freely contributed their time; to the sponsors PwC, CGI, Fujitsu, Scottish Government, Scottish Enterprise, SDS, University of Glasgow (USB wristbands!), SICSA and the hosting universities.

For more information please contact:
Alan Settery
SICSA Cyber Security Network Integrator, University of Glasgow
Email: Alan.Settery@glasgow.ac.uk
Phone: +44 (0) 141 330 4845

Christmas Lecture Data

Welcome from our newest member of staff

Cyber Security Researcher - Maria Evangelopoulou

Cyber Security Researcher, Maria Evangelopoulou, at DEMOfest 2016

By Alan Settery, SICSA Cyber Security Network Integrator

I began my role as the new SICSA Cyber Security Network Integrator role just over a week ago and I look forward to working in this exciting and growing area. Of course, I’m not new to SICSA having been the first SICSA Business Development Executive and more recently managing the SICSA Smart Tourism programme, so I know many of you very well! In-line with the increased activity in this area, we have recently launched a new permanent SICSA Research Theme in Cyber Security.

To carry out some ground work for this new role I attended SICSA Demofest 2016 where it was good to see a strong Cyber Security presence at the event, with a key note from Edinburgh Napier University’s Professor Bill Buchanan on “The Key Risks of the Cyber Age”; and 4 exhibiting researchers in this area;

  • DEAV: IoT Security Threat Detection Analysis & Visualisation, Robert Gordon University.
  • Securitometer, an Overall Security Metrics App for Android, University of Edinburgh
  • Market-Scale Behavioural Security Analysis for Android Apps, University of Edinburgh
  • The “What, when, why, how and what now?” of an attack in an ICS/SCADA network, University of Glasgow

It was interesting to notice how topical these research areas are, especially considering the recent cyber-attacks on Tesco Bank and the Distributed Denial of Service (DDoS) attack on company Dyn through the IoT Mirai botnet malware, which brought down sites including Netflix, Twitter and Reddit.

With cyber-attacks becoming more prolific and sophisticated, Government, Industry and Academia are joining forces to address the issue.

I recently attended the first Scottish Cyber Awards 2016 event held in the Waldorf Astoria – Caledonian Hotel in Edinburgh.  The awards, organized by the Scottish Business Resilience Centre and Scottish Enterprise had 13 categories.  There was an impressive academic performance, with awards for many of the Scottish Institutions (including Abertay, Edinburgh Napier, Edinburgh, Glasgow Caledonian and Kyle Academy).  The Champion of Champions Award went to Zonefox, a spinout from Edinburgh Napier University. https://www.sbrcentre.co.uk/news/2016/november/scottish-cyber-awards-2016-winners/

It is apparent that the needs for skills in this sector are growing quickly and a key part of my activity will be in growing this expertise through raising awareness and encouraging the next wave of graduates into our industry.

The Cyber Security Christmas lectures are next on the horizon, taking place in cities across Scotland – Inverness, Aberdeen, Dundee, Edinburgh and Glasgow and attracting 3000 school pupils! https://www.sicsa.ac.uk/events/cyber-security-christmas-lectures/

The Cyber Academy at Edinburgh Napier University are also holding a Christmas Cyber and STEM event for P7 Girls http://thecyberacademy.org/christmas-cyber-and-stem-event-for-school-girls-6-december-2016/

I look forward to a busy 2017!

For more information please contact me:

Alan Settery
SICSA Cyber Security Network Integrator, University of Glasgow
Email: Alan.Settery@glasgow.ac.uk
Phone: +44 (0) 141 330 4845