Academic Centre of Excellence in Cyber Security Research - University of Northumbria at Newcastle

Northumbria University applies knowledge from multiple disciplines, into digital security through the work of the Cyber Security Research Group (CSRG) - a cross university group that combines (i) technical research on biometric encryption, wireless sensor networks, web security protocols, sonification and image recognition, with (ii) human-centred work on usable security, privacy, trust and behaviour change.
Our work ensures that the individual disciplines optimise their contribution to their own discipline, while working together to understand the point of interaction; the different strengths and weaknesses of computers and humans and how they can best work together to defend the enterprise.
The vision of this research group is to secure our digital tomorrow by maximising technological developments, understanding human cybersecurity behaviours and exploring the factors that influence behaviour change including design, law, policy and the social context. We seek to optimise our citizens behaviours as cyber-defenders as well as optimise our technology defences against intrusions.
Northumbria's Digital Living theme provides an opportunity to integrate work across the computational & behavioural sciences, law and design, particularly around secure Big Data & IoT, personal security across the lifespan and building resilient smart cities (where we are currently working in partnership with Newcastle University and Newcastle & Gateshead City Councils as part of the EPSRC funded Urban Living Partnership). In addition as part of the Health and Social Care multidisciplinary research theme, we are growing our research focusing on cybersecurity in the health and social care domains as they struggle to reconcile advances in personal informatics, AI and embedded wireless medical devices with outdated legacy systems, poor security behaviours and vulnerable populations.
We will achieve this vision by (i) incorporating multiple disciplines to broaden our understanding of cybersecurity behaviours. This will include law, ethics, policy and design. (ii) exploring how best to facilitate cybersecurity behaviour change (iii) exploring the needs of diverse populations and designing for inclusivity. At the same time work will continue to (iv) build adaptive technology defences for access control, network intrusion detection and phishing detection - thus reducing the burden on users.

CSRG has a good track record of policy and practice impact in the areas of biometrics, forensics, network intrusion, surveillance and human aspects of cybersecurity and this will remain the focus if the ACE is successful.

In regard to policy: CSRG recognises the importance of emerging policy developments for cybersecurity in the UK and the EU, particularly around new areas such as cybersecurity and digital forensics. To achieve policy impact we will engage with a number of networks including RISCS, the National Centre for Cyber Security (NCSC) and the scientific advice mechanism of the European Commission and UK networks such as the newly awarded TIPS Network+ (where Coventry has been asked to join the Expert Panel) and the Not-Equal Network+ (where Briggs is interim PI and where cybersecurity is one of three core themes). We will build on our existing work, where we delivered two UK Government Office for Science reports, produced a state of the art review for ESRC on 'Cyber Situational Awareness' and made a contribution to Blackett Review and the Secure by Design initiative on the Internet of Things (IOT). We have also made a contribution to the House of Commons Science and Technology Committee Report on Responsible use of Data (November 28th, 2014) and have worked proactively with Skills for Justice, the National Occupational Standards; Northumbria Police; CPE-ASET; European Network & Information Security Agency) and the APPG on Cyber Security. We will continue to provide comment to any parliamentary discussions or green papers.

In regard to business and community engagement, we will build on our track record of working with SMEs, charities and the public sector as part of Create FUSE North East. Within this context in partnership with Northumbria Police we hosted A Cyber-Wellbeing Solution Hack to explore cybersecurity solutions. We have hosted several educational workshops for members of the University of the Third Age (U3A) where members discussed topics including user authentication, phishing, and privacy settings. Through our new multidisciplinary centre for Policing, Crime and Criminal Justice we will continue to seek impactful activities in these areas. Through our EU and EPSRC funding we will continue to work with companies with regards to cybersecurity insurance and with Health Trusts and hospitals to improve cybersecurity within the Health domain. Nationally, we have secured good partnerships with, inter alia, CESG and the new National Cyber Security Research Centre; British Telecom; Hewlett Packard Enterprise; Price Waterhouse Cooper; Microsoft Research, Atom Bank, Cambridge, AXA and the Home Office. Internationally we are working with Future Cities Lab 2 (Singapore), Pacific Northwest National Laboratories (USA); Mobile Life Centre (Sweden) and Smart Living Lab (Switzerland), Qatar Police and Qatar Ministry of Interior seek to test our Video Surveillance innovations and potentially apply them to FIFA 2022 . Coventry is on the research board of Cybsafe and will provide input into their research strategy.

To ensure businesses and healthcare are engaged, the work will be disseminated directly to national bodies such as CBI, and regional agencies including the LEPs and Health Trusts. We will seek to disseminate our work at industry-government events such as Cyber UK in Practise and through SASIG which specialises in taking human behaviour views to industry.

In regard to public understanding and dissemination: We will create a project website, where findings and outputs from the research group will be hosted. The website will also allow for the collection of participant and public responses, as well short briefing notes. Social media outputs including Facebook and Twitter will be incorporated into the communication strategy and links to other relevant projects. Our communication will be predominately public/business facing rather than researcher facing.