Academic Centre of Excellence in Cyber Security Research - Newcastle University

Lead Research Organisation: Newcastle University
Department Name: Sch of Computer Science

Abstract

Following the insight that cyber security does not only come from protecting critical infrastructures, the Centre for Cybercrime and Computer Security at Newcastle University (referred to as Cybercrime Centre in what follows, http://cccs.ncl.ac.uk) complements core security research - such as cryptography, secure system engineering, information and operational assurance techniques, quantitative security - with initiatives to protect and support stakeholders (victims and investigators) and a strong focus on science and human factors of cyber security.

This insight shapes up the key strategic aim of Newcastle University's ACE-CSR, which is to improve and expand the relationships between private and public sector parties in cyber security for a joint push towards Protecting Society's Fabric. To achieve this, the ACE-CSR will execute the following operational plan to be able to benefit from the ACE-CSR status:
- We will involve cyber security professionals in the advisory board, expanding the current board of the Cybercrime Centre, to help gain insight in the problem domain and steer our research.
- We will invite guest colloquium speakers for colloquium series at various Schools in Newcastle, from the area of cyber security, to educate and inspire researchers. Furthermore, we plan to invite international researchers to share their expertise and to provide keynote speech at some of our events.
- We will expand our initiative to have collaborations with cyber security partners through smaller projects such as MSc Summer projects, utilising our thriving advanced MSc in Security and Resilience and PhD interruptions of study.

We will do this by building a world-leading multidisciplinary research team with expertise in security, privacy and trust and leveraging the work already undertaken through on-going initiatives including the Cybercrime Centre, the Digital Institute and the RCUK funded Digital Economy Hub on Social Inclusion (SiDE) - which will enable the proposed ACE to address a new focus area related to "Protecting Society's Fabric".

Planned Impact

We envisage potential impact of this work on various beneficiaries: end users (including business and public sector); as well as interdisciplinary academic researchers in computer security in general, and cyber security in particular.

Public Engagement:
The main interaction with potential end users will be carried out through annual targeted events, addressing the three main strands of our research as stated in the work plan. Where appropriate, other public events will be organised to gather ideas and challenges that people face in dealing with cyber security, and to disseminate results and findings from our research further.

Training:
The Cybercrime Centre runs master classes and training workshops led by Phil Butler, such as the ones organised in collaboration with the North East Fraud Forum. On top of that, the School of Computing Science at Newcastle University offers an MSc and a BSc program on Computer Security and Resilience; modules of which are taught by members of the Cybercrime Centre. We will leverage these existing capabilities in ensuring the ACE-CSR's impact through training.

Academic Impact:
Our main academic contribution is the opening of dialogue between various disciplines, facilitating a more inclusive perspective of cyber security, the impact of cybercrime and ways to tackle it, from a wide range of fields such as computing science, electronic engineering, sociology, psychology, economy and law. In particular, we will focus on the main strands of the ACE-CSR, namely protection of critical infrastructures, human factors and science of cyber security, as well as usable and experience-centred security. We intend to disseminate our approach, methodologies and developed solutions/systems through an open source and open data approach, allowing other researchers (both in academia and industry) to build on our work, or even collaborate together in order to exploit the contribution of the ACE-CSR further.

National and International Collaborations:
The ACE-CSR will pursue collaborations and consulting opportunities with organisations on a national level, such as law enforcement agencies, SMEs and victim support organisations, ensuring a knowledge transfer to these organisations as well as obtaining problem statements that impact practice. In addition, the ACE-CSR will continue to establish relationships with global companies active in cyber security. Such relationships range from placements and consulting to project collaborations and memberships on external advisory boards.

Impact on Policy:
The ACE-CSR will engage in consulting UK policy makers, in particular as the coordinator of the UK Cybercrime Network (EPSRC EP/K003410/1). We will also endeavour to influence cyber security policies in the EU, through lobbying and extended networking activities with appropriate EU-funded projects, clusters, and agencies. We will achieve this impact by active participation in forums, such as the EU Cyber Security and Privacy Forum.
 
Description ACE-CSR is a small amount of funding, of about £10K per year, to provide support for research excellence in cyber security and maintain connections with NCSC. There are close to 20 such centres in the UK. Positive outcomes there are indirect. That is, it is not this specific project that leads to outcome, but this project is an enabler to achieve outcomes in other projects. In particular, the funds allowed us access to NCSC, and to some of their funding means. Newcastle therefore has facilities that fulfil certain cyber security standards, including a data vault and equipment for experimentation in Internet of Things. The ACE-CSR also provides access to a community of parties in cyber security. Such access to these stakeholders has led to a variety of engagements with industry, non-profits, and individuals. This has had educational impact on industry, School children, and others. It also has impact on information security practices in industry or non-profit, such as advising about GDPR (Age UK), payment systems (Virgin Money), CPD at Cyber UK event, etc.
First Year Of Impact 2014
Sector Digital/Communication/Information Technologies (including Software),Education
Impact Types Societal

 
Description Blockchain for Secured Lending KTP
Amount £180,000 (GBP)
Funding ID KTP011059 
Organisation Innovate UK 
Sector Public
Country United Kingdom
Start 03/2018 
End 09/2020
 
Description FinTrust: Trust Engineering for the Financial Industry
Amount £1,000,000 (GBP)
Funding ID EP/R033595/1 
Organisation Engineering and Physical Sciences Research Council (EPSRC) 
Sector Public
Country United Kingdom
Start 07/2018 
End 07/2021
 
Description Fostering Collaboration Between two ACE-CSRs
Amount £10,202 (GBP)
Organisation Government Communications Headquarters (GCHQ) 
Sector Public
Country United Kingdom
Start 11/2015 
End 03/2016
 
Description NCSC/EPSRC FinTech Research Directions Workshop
Amount £5,700 (GBP)
Organisation Engineering and Physical Sciences Research Council (EPSRC) 
Sector Public
Country United Kingdom
Start 03/2018 
End 03/2018
 
Description Science of Security Systems
Amount £170,000 (GBP)
Organisation National Security Agency 
Sector Public
Country United States
Start 03/2014 
End 04/2017
 
Description Shaping University Curricula to Critical-infrastructure Employer Needs
Amount £67,000 (GBP)
Organisation European Commission 
Sector Public
Country European Union (EU)
Start 01/2014 
End 01/2016
 
Description Collaboration with GCHQ on Data Safe Haven 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach Local
Primary Audience Industry/Business
Results and Impact Establishing an accredited data safe haven for research on confidential data, such as of NCA or regional police forces.
Year(s) Of Engagement Activity 2016,2017
 
Description UNDERWARE Conference - University of Warwick March 2017 (UNDERstanding Weate African culture to pRevent cybercrimEs) 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Study participants or study members
Results and Impact PhD Student & Researcher -Uchechi Nwadike (Newcastle) attended & participated to feedback to Project Group
Items Discussed in related subject areas:
Prof. Monica Whitty, WMG, Cyber Security Center
Yahoo Boys - Oludayo Tade, Department of Sociology, University of Ibadan, Ibadan, Nigeria
International Cooperation in Fighting Cybercrime: The Nigerian Perspective. Speaker: Abdulkarim Chukkkol (Nigerian Economic and Financial Crimes Commission)
Prof. Richard Boateng, Department of Operations and MIS, University of Ghana Business School, Ghana
Combatting Cybercrime in Nigeria: Awareness and Challenge
Geoffrey Okolorie, Forensic Unit, EFCC Headquarters
Paul Davies (NCA, 3 year secondment in Nigeria training law enforcement - officers dealing with cybercrimes)
Year(s) Of Engagement Activity 2017
 
Description Visit from Northumbria Police to Centre for Cybercrime & Computer Security (T.Gross & A. Van Moorsel) 16th March 2017 
Form Of Engagement Activity Participation in an open day or visit at my research institution
Part Of Official Scheme? No
Geographic Reach Regional
Primary Audience Study participants or study members
Results and Impact Introduction (Northumbria Police) on current research. Introduction to Centre for Cybercrime & Computer Security (CCCS) a UK Academic Centre of Excellence in Cyber Research ACE-CSR.
Discussion in Relevant Research Initiatives and developments..
Included: EPSRC Northern Cloud Crime Centre(talk by Thomas Gross)
and UNCOVER (talk by Brian Randell)
Open discussion of joint interests and avenues for collaboration
Year(s) Of Engagement Activity 2017