Academic Centre of Excellence in Cyber Security Research -University of Oxford
Lead Research Organisation:
University of Oxford
Department Name: Computer Science
Abstract
In collaboration with a range of departments across the University, we are developing a Cyber Security Centre. It will incorporate and extend the work of eleven academics drawn from Computer Science, Oxford Internet Institute and Oxford e-Research centre, together with other Oxford Academics from as wide a spectrum of disciplines as we can manage. Mindful of the known difficulties of pursuing genuine inter-disciplinary research (including the challenges of finding funding, finding publication venues, and undertaking research recognised as leading-edge by each of the contributing disciplines), we have consulted at some length on the means to make such engagement fruitful.
As a result, we anticipate that our new Centre will have both a real and a virtual existence. As a real centre, the Computer Science department provides office space - eventually co-located for all who wish to share expertise in Cyber Security Research. We intend to expand this to provide both laboratory space for experimental work with security systems, and also to host environments where usability experiments and evaluations can be undertaken. We will also offer to host visiting researchers from academia, industry, and government, and will hold short, intensive by-invitation workshops as the need arises. A measure of co-location of this kind is essential for the development of serendipitous conversations and research ideas. A virtual existence will enable us to integrate members of other departments into the Cyber Security activity, without forcing them to lose touch with their own disciplines. This is important both for individuals' own career development, but also in order that the best live scholarship can be brought to bear upon the difficult problems encountered in this domain. By actively maintaining these academic connections, we expect to be able to form collaborations to respond to new research challenges, and prospectively to explore and shape responses to open problems. As more and more disciplines - in academia and outside - depend on strong inter-connectivity and shared data, we see our existing shared activity across departments as a mere shadow of possible paths to impact in the future.
As a centre of excellence, we will aim to be a principle point of contact for those inside and outside the University seeking to engage with leading research in Cyber Security. We will actively seek to develop new partnerships to embrace the range of disciplines necessary to make a significant impact in the improvement of theory, technology, techniques, policies and practice in cyber security.
As a result, we anticipate that our new Centre will have both a real and a virtual existence. As a real centre, the Computer Science department provides office space - eventually co-located for all who wish to share expertise in Cyber Security Research. We intend to expand this to provide both laboratory space for experimental work with security systems, and also to host environments where usability experiments and evaluations can be undertaken. We will also offer to host visiting researchers from academia, industry, and government, and will hold short, intensive by-invitation workshops as the need arises. A measure of co-location of this kind is essential for the development of serendipitous conversations and research ideas. A virtual existence will enable us to integrate members of other departments into the Cyber Security activity, without forcing them to lose touch with their own disciplines. This is important both for individuals' own career development, but also in order that the best live scholarship can be brought to bear upon the difficult problems encountered in this domain. By actively maintaining these academic connections, we expect to be able to form collaborations to respond to new research challenges, and prospectively to explore and shape responses to open problems. As more and more disciplines - in academia and outside - depend on strong inter-connectivity and shared data, we see our existing shared activity across departments as a mere shadow of possible paths to impact in the future.
As a centre of excellence, we will aim to be a principle point of contact for those inside and outside the University seeking to engage with leading research in Cyber Security. We will actively seek to develop new partnerships to embrace the range of disciplines necessary to make a significant impact in the improvement of theory, technology, techniques, policies and practice in cyber security.
Planned Impact
The main purpose of this ACE-CSR proposal is for impact. In addition to the pre-existing academic disciplines which benefit from the research through the usual means, the following beneficiaries exist:
* the wider academic community: the breath of concerns faced in the challenges of Cyber Security are not always appreciated by the academic community at large. Some may be undertaking research which might fall into this category, without realising it; others have techniques and expertise which could be brought to bear, but are unaware of the opportunities - for research funding and for engaging with real, pressing problems for society.
* the information security community: practitioners of security and vendors of solutions will always need to drawn on expertise which helps to address new and emerging threats - research which covers those topics which are not yet mundane or every-day in character. The centre will improve communication with this community - both for dissemination and for motivating new research.
* the public sector: by providing a flagship centre, the University will enable public bodies (as well as the private sector) better to understand the capabilities which it can offer and the partnerships which are possible - in some contexts, the University having much more flexibility in undertaking projects (unclassified projects with useful results for more high-assurance contexts, for example), or a range of untapped expertise hard to assemble elsewhere.
* the general public: the University takes seriously a public education and dissemination mission. Members of the University frequently participate in the Media in order to explain or comment upon issues of security or privacy - and how members of the public are impacted or can protect themselves. Through the better linkages and internal communications enabled by the centre, this public engagement will be strengthened.
* the wider academic community: the breath of concerns faced in the challenges of Cyber Security are not always appreciated by the academic community at large. Some may be undertaking research which might fall into this category, without realising it; others have techniques and expertise which could be brought to bear, but are unaware of the opportunities - for research funding and for engaging with real, pressing problems for society.
* the information security community: practitioners of security and vendors of solutions will always need to drawn on expertise which helps to address new and emerging threats - research which covers those topics which are not yet mundane or every-day in character. The centre will improve communication with this community - both for dissemination and for motivating new research.
* the public sector: by providing a flagship centre, the University will enable public bodies (as well as the private sector) better to understand the capabilities which it can offer and the partnerships which are possible - in some contexts, the University having much more flexibility in undertaking projects (unclassified projects with useful results for more high-assurance contexts, for example), or a range of untapped expertise hard to assemble elsewhere.
* the general public: the University takes seriously a public education and dissemination mission. Members of the University frequently participate in the Media in order to explain or comment upon issues of security or privacy - and how members of the public are impacted or can protect themselves. Through the better linkages and internal communications enabled by the centre, this public engagement will be strengthened.
| Description | This is not a regular research grant - and we are barred under the funding conditions from conducting research within it. |
| Exploitation Route | This grant exists to enable us to share our research with the wider community, and to garner further support. |
| Sectors | Communities and Social Services/Policy,Digital/Communication/Information Technologies (including Software),Education,Energy,Financial Services, and Management Consultancy,Government, Democracy and Justice,Security and Diplomacy,Other |
| URL | http://www.cybersecurity.ox.ac.uk |
| Description | This is not a regular research grant, and has no research findings of its own. It has, however, had a very clear impact - as demonstrated by the list of engagement activities - on the growth of cyber security as an inter-disciplinary initiative in Oxford. The Centre of Excellence provided the platform for the creation of the Global Cyber Security Capacity Centre, whose worldwide impact is reported elsewhere. It also brought together the necessary individuals for our far-reaching Centre for Doctoral Training in Cyber Security, also reported on elsewhere. It has provided the context for integration between STEM and Politics/International Relations: first in the Cyber Studies Programme and then in the wider Centre for Technology and Global Affairs (started Q3 2017): these, too have their own reports of impact, but have, for example led to numerous computer scientists becoming published in International Relations. Each of these activities - and smaller, subsidiary ones, has its own impacts, and the Centre of Excellence is the catalyst for this. The Academic Centre of Excellence status was renewed in 2017, in recognition of the ongoing research and impact of the Centre, and outcomes from this second phase are reported under grant EP/R006784/1. |
| First Year Of Impact | 2013 |
| Sector | Digital/Communication/Information Technologies (including Software),Education,Financial Services, and Management Consultancy,Government, Democracy and Justice,Security and Diplomacy |
| Impact Types | Societal,Economic,Policy & public services |
| Description | Academic Centre of Excellence in Cyber Security Research |
| Amount | £81,931 (GBP) |
| Funding ID | EP/R006784/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 07/2017 |
| End | 06/2022 |
| Description | Centre for Doctoral Training in Cyber Security |
| Amount | £3,650,000 (GBP) |
| Funding ID | EP/K035606/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 04/2013 |
| End | 12/2019 |
| Description | Commitment to Privacy and Trust in Internet of Things Security (ComPaTrIoTS) Research Hub |
| Amount | £23,000,000 (GBP) |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 01/2016 |
| End | 12/2018 |
| Description | Cyber Security CDT Phase Two (University of Oxford) |
| Amount | £3,489,711 (GBP) |
| Funding ID | EP/P00881X/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 10/2016 |
| End | 03/2023 |
| Description | GCHQ Small Grant - Cremers |
| Amount | £21,400 (GBP) |
| Funding ID | 5365 |
| Organisation | Government Communications Headquarters (GCHQ) |
| Sector | Public |
| Country | United Kingdom |
| Start | 02/2016 |
| End | 02/2017 |
| Description | Global Cyber Security Capacity Centre |
| Amount | £1,000,000 (GBP) |
| Organisation | Foreign Commonwealth and Development Office (FCDO) |
| Sector | Public |
| Country | United Kingdom |
| Start | 04/2013 |
| End | 03/2015 |
| Description | Adjunct Professor at Griffith University, Queensland Australia |
| Organisation | Griffith University |
| Country | Australia |
| Sector | Academic/University |
| PI Contribution | Andrew Martin has been appointed Adjunct Professor in the INSTITUTE FOR INTEGRATED AND INTELLIGENT SYSTEMS in Griffith University. He has visited twice, giving four research seminars so far, and undertaken a variety of research discussions - not yet leading to funded projects, but which are anticipated in future. |
| Collaborator Contribution | Prof. Dong, who is a formal collaborator for the Smart Grid Security and Privacy project (the project was established in a joint call with Sinagpore; he is PI for that side of the project, at the National University of Singapore) now divides his time between Singapore and Griffith University, where he directs the Institute. He has facilitated this collaboration, and informally brings his research team there into the project. |
| Impact | Four research seminars at Griffith University and, sponsored by Griffith, for the Queensland Government. |
| Start Year | 2017 |
| Description | APPG-AI |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Policymakers/politicians |
| Results and Impact | Various members of the Academic Centre of Excellence in Cyber Security Research take part in the APPG on AI: Marina Jirotka's ORBIT project is rapporteur for the APPG, and Professor Jirotka gave evidence at Evidence Meeting 2 (27 March 2017). The Oxford ACE Network Coordinator has attended several of these meetings, and arranged for Oxford's Sandra Wachter to give evidence (11 September 2017) and contributed to discussions. Informally, this networking has resulted in seminars given in Oxford and exchange of ideas. |
| Year(s) Of Engagement Activity | 2017,2018 |
| URL | http://www.appg-ai.org/ |
| Description | ATI Symposium: Responsible Human Data Interaction |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Other audiences |
| Results and Impact | How we engage in responsible research and innovation as we study the interaction of the data-driven society with individuals is currently the topic of considerable debate. This debate is being carried out at all levels: technical, legal, economical, political, and ethical. This symposium helped set the scene for responsible research and innovation, targeting issues of privacy and ethics in data science. The symposium focused particularly on the design and development of systems, tools, methodologies, and algorithms to provide transparency and fairness, while supporting new and existing business models that provide data-driven services of benefit to people. |
| Year(s) Of Engagement Activity | 2016 |
| Description | ATI: Data protection and security at scale |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Other audiences |
| Results and Impact | Differential privacy is a statistical method which imposes precise limits on the quantity of information revealed by database queries, provided a budget is imposed on the number and accuracy of the queries. But the ultimate challenges of data security cannot be solved by mathematics and computer science alone; they require a multi-disciplinary viewpoint to also consider, for legal and regulatory frameworks, societal and governance mechanisms, economic perspectives to understand multi-stakeholder settings and conflicting incentives, and psychology and human factors considerations to explore meanings behind personal data and identity and (data) privacy. This workshop discussed the interwoven concepts and attempted to map out some promising approaches. |
| Year(s) Of Engagement Activity | 2015 |
| URL | https://turing.ac.uk/data-protection-and-security-at-scale/ |
| Description | Cyber Risk and Connected/Autonomous Vehicles workshop |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Policymakers/politicians |
| Results and Impact | A Workshop held in Oxford at the request of CESG and the Centre for Connected and Autonomous Vehicles, to bring together academics, industry, policy-makers and other stakeholders. The purpose was to gain a common understanding of the technical, ethical, legal and other challenges for securing connected and autonomous vehicles. |
| Year(s) Of Engagement Activity | 2016 |
| Description | CyberInvest conference |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | Attended EPSRC/GCHQ launch event for the CyberInvest programme - met representatives of the companies involved in the CyberInvest scheme, who pledge to support UK academic research in cyber security. Made various contacts for future Oxford follow-up. |
| Year(s) Of Engagement Activity | 2016 |
| URL | https://www.ncsc.gov.uk/articles/cyberinvest-securing-our-future-through-research |
| Description | E-safety lessons |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Local |
| Primary Audience | Schools |
| Results and Impact | Three members of the ACE network in Oxford delivered e-safety talks to local primary schools (years 5-6, two schools so far). These lessons built on best-practice and curriculum materials developed by the Digital Wildfires project in Oxford, but the lessons were delivered by people unaffiliated with the project. These links were possible because of the ACE network within Oxford enabling us to share information about ongoing work. |
| Year(s) Of Engagement Activity | 2016 |
| URL | https://www.youtube.com/watch?v=5nXaEctiVhs&feature=youtu.be |
| Description | Engagement with Cyber Security Challenge UK |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Other audiences |
| Results and Impact | Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cyber security professionals. Established to bolster the national pool of cyber skills, it offers a unique programme of activities to introduce sufficient numbers of appropriately skilled individuals to learning and career opportunities in the profession. We met a representative of Cyber Security Challenge UK to see how Oxford University could engage with this programme: this led to our Competitive Computer Security Club joining (and winning) one of their competitions, and also to plans for a Cyber Security Challenge UK hackathon to be hosted in Oxford, to focus on ethics and responsible coding in the context of cyber security. The event (an Ethicon) will take place in Oxford in April 2017. |
| Year(s) Of Engagement Activity | 2016 |
| URL | https://cybersecuritychallenge.org.uk/ |
| Description | Engagement with ICANN |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Third sector organisations |
| Results and Impact | We are developing a relationship with ICANN: This began as a meeting with the VP for UN and IGO Engagement and the Vice-President (Europe) for ICANN, describing the various approaches under development in Oxford which might be of interest - in particular the work of the Global Cyber Security Capacity Centre. We subsequently arranged a public seminar by ICANN's Senior Advisor to the President on Global Strategy, on "ICANN's Multi-Stakeholder model gaining independence : Internet Governance maturing with the transition of the US Government stewardship of IANA functions." The attendees were mostly drawn from academia, opening the door for what we hope will be an ongoing relationship with one of the most important organisations in the field of Internet governance. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Engagement with UKTI |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Third sector organisations |
| Results and Impact | Met the Cyber Security Ambassador, UK Trade and Investment/Defence & Security Organisation, to discuss how to involve Oxford academics in their trade missions. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Engaging the media with research workshop |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Local |
| Primary Audience | Media (as a channel to the public) |
| Results and Impact | Attended a workshop on "Engaging the media with research." We brought the lessons learned back to the wider network of cyber security researchers in Oxford, which led to three pitches to radio documentary companies to do stories on Cyber Security. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Hosted International Delegations |
| Form Of Engagement Activity | Participation in an open day or visit at my research institution |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Policymakers/politicians |
| Results and Impact | The ACE-CSR hosted visiting delegations from China, Singapore, Japan, Malaysia, Thailand, and other groups. Areas of common interest and collaboration were discussed. . |
| Year(s) Of Engagement Activity | 2012,2013,2014 |
| Description | Internet and Jurisdiction Observatory networking meeting |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Third sector organisations |
| Results and Impact | Working group/discussion between Oxford University students and acdaemics, and representatives of the Internet & Jurisdiction Observatory: discussed directions that the external partner viewed as important for academic exploration, and the academic audience briefed the I&J Observatory on the latest opinions in academic research, related to how Internet Governance is achieved. |
| Year(s) Of Engagement Activity | 2011,2017 |
| Description | Meet Brazilian delegation |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Other audiences |
| Results and Impact | Meet members of Brazilian Armed Forces to discuss Cyber Security approaches and expertise available in Oxford. One of the members of the delegation subsequently enquired about enrolling as a student of Oxford University, and the delegation is also in contact with Oxford's Global Cyber Security capacity Centre with regard to Brazil's national cyber security capacity maturity. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Meet CERT UK / CiSP |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | Met Bethany Yates from CERT UK (Cyber-security Information Sharing Partnership/ CiSP) to give an overview of Oxford University activities relevant to their work, and understand more about how we might engage with CERT UK / CiSP in future. |
| Year(s) Of Engagement Activity | 2016 |
| URL | https://www.ncsc.gov.uk/cisp |
| Description | Meet Cyjax |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Professional Practitioners |
| Results and Impact | Meet (and subsequently develop relationship with) Cyjax, a company that provides high-quality cyber threat intelligence reports. We discussed the possibility for joint research (this was of mutual interest but we are still working to identify the right topic and vehicle), the possibility of Oxford student interns at Cyjax (now underway), and the possibility of Oxford students making use of "spare" data Cyjax has collected - enabling students to interact with real data (and possibly end-users of the analysis reports), and giving Cyjax access to Oxford expertise. These meetings have gone well and we look forward to building a productive relationship with this company. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Meet Japanese delegation |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Other audiences |
| Results and Impact | Meet members of Japanese consortium (a mix of industry, academia and government) attempting to build an International Network of Centres of Excellence in Cyber Security. For this discussion we linked the visitors to various people in Oxford, as well as our designated GCHQ Academic Liaison Officer. We discussed the options for building such a network, and how it might work if they were to involve the UK Academic Centres of Excellence in Cyber Security Research. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Meet Kazakh delegation |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Other audiences |
| Results and Impact | Meet members of Kazakh Armed Forces to discuss Cyber Security approaches and expertise available in Oxford. The delegation is now in contact with Oxford's Global Cyber Security capacity Centre with regard to Kazakhstan's national cyber security capacity maturity. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Meet delegation from Cyber Security Malaysia |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Professional Practitioners |
| Results and Impact | Met the Vice Chancellor of the National University of Malaysia, 3 members from an academic CyberSecurity unit in collaboration with Cyber Security Malaysia, and the CEO of Cyber Security Malaysia. We discussed work in Oxford and in Malaysia, and learned how to engage with each other. This meeting has led to a follow-up meeting in Oxford with another representative of Cyber Security Malaysia, and a follow-on conversation with an Oxford academic who is interested to become engaged in their work. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Meeting (and subsequent relationship): MasterCard |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | We met representatives of MasterCard, to discuss current research in Oxford: this preliminary meeting led to funded research in Oxford (still ongoing and likely to grow). |
| Year(s) Of Engagement Activity | 2016 |
| Description | Meetings with ACPO, National Crime Agency, and Regional Cyber Crime Units |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | Talked covered areas of mutual interest and led to discussion of how the University can work with the Police. None so far. |
| Year(s) Of Engagement Activity | 2014 |
| Description | Oxford Cyber Security Cluster |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Professional Practitioners |
| Results and Impact | The Oxford Cyber Security Cluster (part of the national UK Cyber Security Forum) meets regularly. We first engaged with the Oxford Cyber Cluster by offering them meeting space in University of Oxford premises and giving an overview talk of research in Oxford and how cluster members could get involved. Representatives of Oxford University have attended nearly all their subsequent meetings and have begun establishing relationships with various members in our local community (local SMEs, academic faculty at Oxford Brookes University, etc). |
| Year(s) Of Engagement Activity | 2016 |
| URL | https://www.cybersecforum.com/clusters/oxfordcybersecuritycluster/ |
| Description | Participation in CyberInvest meetings |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | As an Academic Centre of Excellence in Cyber Security Research, we are invited to attend CyberInvest meetings, where the ACE Universities are introduced to companies who are looking to invest in UK academic research in our field. We have attended a number of these events (at London in March 2016, Nova South in November 2017, Liverpool March 2018, Manchester in April 2018, Stratford on Avon in June 2018, etc) and have made several good contacts. |
| Year(s) Of Engagement Activity | 2017,2018 |
| Description | Participation in Oxford Cyber Cluster |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Professional Practitioners |
| Results and Impact | The ACE Network Coordinator is an active member of the Oxford Cyber Cluster, part of the UK Cyber Security Forum cluster network. The Cluster exists to provide an independent source of cyber secutiyy news and information for the Oxfordshire business community, and to create a network amongst cyber security practitioners. Whilst there has not been any direct tangible outcome of membership, being part of this network is a useful way to keep in touch with developments in our local area. In the longer term, we hope to develop ideas for research projects which would be of interest to our local community. We have also used the Cluster as a way to improve our links to Oxford Brookes University, who also does teaching in research in this area, and with whom it would be sensible to work together on areas of joint interest. We have discussed running joint recruitment/outreach events (e.g. a capture-the-flag type challenge), inviting each other's researchers to give seminars, and potentially co-developing a "Smart House" test environment which both universites could make use of. We haven't got any tangible success yet but we would never even have had these discussions were it not for the Cluster. |
| Year(s) Of Engagement Activity | 2017,2018 |
| URL | https://www.oxcyber.uk/cx/ |
| Description | Participation in Royal Society Cyber Security Research Review |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | Yes |
| Geographic Reach | National |
| Primary Audience | Policymakers/politicians |
| Results and Impact | Contributed to the formation of the report. Impact will come later. |
| Year(s) Of Engagement Activity | 2014 |
| URL | https://royalsociety.org/policy/projects/cybersecurity-research/ |
| Description | Participation in Universities UK Cyber Security Development Activities |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | Yes |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | Early input effected the direction of the activity; later input contributes to reports. Merging of operational practice with research focus led to a better understanding for participants and policy makers of the practical issues surrounding cyber security for Universities, and so influenced the shape of guidance to be issued. |
| Year(s) Of Engagement Activity | 2013,2014 |
| Description | Talk to Korean Delegation |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Policymakers/politicians |
| Results and Impact | Talk to representatives of ETRI (Electronics and Telecommunications Research Institute) from Korea. Followed by long discussion with director of Cyber Security division. Impacts are still awaited. |
| Year(s) Of Engagement Activity | 2014 |
| Description | Talk/Panel on Experiences of Inter-Disciplinary Cyber Security Research, at ACCS Canberra |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Industry/Business |
| Results and Impact | Invited member of a panel (with presentation) at the conference of the Australian Centre for Cyber Security, Canberra, on "Redefining R&D Needs for Australian Cyber Security". Opportunity to describe our experience of the ACE-CSR programme, and to compare expreriences with the Australians. |
| Year(s) Of Engagement Activity | 2015 |
| URL | https://www.unsw.adfa.edu.au/school-of-engineering-and-information-technology/events/redefining-rd-n... |
| Description | Talks about the ACE-CSR in Singapore |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Policymakers/politicians |
| Results and Impact | Talks given at National University of Singapore, Singapore University of Design and Technology, and at Singapore Ministry of Home Affairs. Talk promoted understanding of the UK ACE-CSR programme, and led to further collaborations in Singapore Cyber Security Projects. Singapore recently funded a large portfolio of Cyber Security Projects. Oxford staff were named as collaborators on several successful projects. |
| Year(s) Of Engagement Activity | 2013 |
| Description | Visit: Chunhua Chen and 40 students |
| Form Of Engagement Activity | Participation in an open day or visit at my research institution |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Undergraduate students |
| Results and Impact | Professor Chunhua Chen from the School of Computer Science and Engineering, South China University of Technology, visited the University of Oxford Department of Computer Science for two days, with 40 of his undergraduate computer science students. We gave them a taste of the breadth of work in Oxford, and the different approaches to teaching Computer Science in the UK (which were surprisingly different: there was a strong focus on specific skills acquisition in the Chinese curriculum, with no attention given to privacy or security; whereas in Oxford we emphasise critical thinking [i.e. knowing which tool to use for the job] and give all undergraduates some exposure to security and privacy). |
| Year(s) Of Engagement Activity | 2015 |
| Description | Visit: Uzbek/Tajik military |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Professional Practitioners |
| Results and Impact | Part of a visit to the UK from a group of Uzbek and Tajik military officers researching best practice in cybersecurity. We discussed the work of the Global Cyber Security Capacity Centre in helping countries assess their cybersecurity maturity, and gave them an overview of the benefits of multidisciplinary research as it is carried out in Oxford (e.g. insights from law and sociology, as a vital complement to traditional information/network security research). |
| Year(s) Of Engagement Activity | 2015 |
| Description | What is Cyber Security in 2020? |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Other audiences |
| Results and Impact | This was a workshop to discuss the first draft of a series of Cyber Security Future Scenarios developed by colleagues at UC Berkeley. The audience was primarily academics (to discuss the value of the scenarios and make suggestions to improve their relevance) but the final document will be circulated to policymakers and practitioners. |
| Year(s) Of Engagement Activity | 2015 |
| URL | https://cltc.berkeley.edu/scenarios/ |
| Description | Workshop on Cyber Risk and Connected/Autonomous Vehicles |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | Workshop organized by Cyber Security Oxford under the EPSRC/GCHQ Centre of Academic Excellence in Cyber Security Research banner, at the request of the Centre for Connected and Autonomous Vehicles (CCAV, the cross-government team leading on connected and autonomous vehicles). With ~70 carefully picked attendees, the workshop brought together people who build the autonomous technology, experts in various types of cyber security, supply-chain suppliers, civil-liberties experts, insurers, and government/agency staff who will be responsible for helping develop UK policy in this area. The workshop was very well received and multiple participants said they had a new outlook on cyber security for these vehicles. We have had further conversations with CCAV, who hope Oxford will host a follow-on workshop. The workshop also resulted in two blog posts by attendees: http://www.pelicancrossing.net/netwars/2016/02/monster_trucks.html and http://www.boku.ac.at/news/newsitem/37287/. |
| Year(s) Of Engagement Activity | 2016 |
| URL | https://www.cybersecurity.ox.ac.uk/resources/connected-and-autonomous-vehicles |
| Description | YouTube Videos |
| Form Of Engagement Activity | A magazine, newsletter or online publication |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Media (as a channel to the public) |
| Results and Impact | The following videos have only recently been posted, but have already been viewed as shown, and mention is circulating on social media. https://www.youtube.com/watch?v=aZ9y1FdlUL4: Oxford and Cybersecurity 2 - Trusted Computing, 307 views since it was posted on 24 October 2014. https://www.youtube.com/watch?v=-Z5BzDknFmk: Oxford and Cybersecurity 1 - the Internet and Policy, 337 views since it was posted on 24 October 2014. https://www.youtube.com/watch?v=9vLnpEFdljs: Oxford and Cybersecurity (long edit), 360 views since it was posted on 24 October 2014. It is too early to report notable impacts, but we anticipate an increased general understanding of some cyber security issues, and the research we are doing to address them. |
| Year(s) Of Engagement Activity | 2011,2014 |
| URL | https://www.youtube.com/watch?v=9vLnpEFdljs |
| Description | e-Safety lessons - St Nicholas Primary School |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Local |
| Primary Audience | Schools |
| Results and Impact | Three colleagues from the Academic Centre of Excellence in Cyber Security Research presented e-safety lessons to 120 primary-school students (60 students each, years 5 and 6 6). We presented best-practice for being "good digital citizens" from the EPSRC-funded Digital Wildfire project, results of doctoral research from Oxford's EPSRC-funded Centre for Doctoral Training in Cyber Security, and general best-practice from a member of Oxford's law faculty. We also sent students home with a piece of homework (list the devices they use and how they can use them more sensibly), and a set of resources for concerned parents. The event was very well-received and children reported thinking differently about how they would approach problems encountered online. The teachers also appreciated the lessons and reported that they had not been aware of some of the potential problems that we discussed. |
| Year(s) Of Engagement Activity | 2016 |