The Power of Partnerships

Professor Keith Martin writes about how academic and business collaboration is crucial to cyber security, and how the government is tackling this with a number of new initiatives.

Much has been said about the need for academic, business and government to work together to address the future cyber security challenges that society faces. This is a sensible proposition since cyber security affects everyone, and each sector brings different strengths and capabilities. Grand words and aspirations are one thing, but making such partnerships work is something else entirely.

Full credit must be paid to the UK Government for setting the ball rolling with a number of constructive initiatives, most of which stem from the UK National Cyber Security Strategy. For example, the Academic Centre of Excellence in Research (ACE-CSR) scheme has made it simpler for external partners to identify academic institutions with a critical mass of cyber security research capability and experience. The National Cyber Security Centre (NCSC) certified degree programme has provided welcome pointers towards quality academic cyber security education programmes. Perhaps most directly addressing collaboration, the NCSC’s CyberInvest initiative has sought to create partnerships between external funders and academic research institutions in order to promote cyber security research. All these have made positive contributions and helped to foster a more cohesive cyber security environment.

Who doesn’t want more collaboration? Meeting new people is fun. Discovering what other organisations are doing is interesting. Working across sectors can be satisfying, and raises profile.

There are two barriers that fruitful partnerships need to overcome. The first is the potential for mismatch of expectations. The motivational drivers behind academia, business and government are not always the same, so successful engagement requires the identification of common ground. The second, arguably more significant, issue is that good relationships need time to grow. And time is something we all seem to lack these days.

One of the initiatives that emerged from the first UK National Cyber Security was the establishment of two Centres for Doctoral Training (CDTs) in Cyber Security, one at Royal Holloway and the other at Oxford. Since 2013, these centres have funded over 100 doctoral students to undertake PhD research in cyber security. These programmes involve a first year of immersive cyber security training, before students undertake three years of research. The first graduates from these programmes are now emerging to take up leadership roles across the cyber security profession.

The CDTs in Cyber Security have been extremely successful initiatives, not just because they are producing the intended cyber security leaders, but because they demonstrate a vehicle for constructive cross-sector collaboration. External organisations actively support the training programme (this year the Royal Holloway CDT made full-day visits to the NCSC, KPMG, HP Labs and Thales), host three-month internships (recent hosts included IBM, NATO and The Cabinet Office) and play an active role in governance (advisory panel representatives include Roke Manor, PwC and DCMS). Through these relationships students have, amongst other successes, worked with Mozilla to develop the new TLS1.3 standard, improved performance of CloudFare technology, and designed cyber war games that have been played in numerous boardrooms. Through these collaborations, CDT students have been making a real difference.

However, none of this has come easily, nor quickly. Good partnerships require investments from all sides – financially, emotionally and in terms of time. In cyber security we need more mechanisms, like the CDTs, where true partnerships can be given both the freedom and the time to develop, nurture and grow.


Comments

Post a Comment

Popular posts from this blog

Post-PhD thoughts on the Cyber Security field: Amy Ertan, 2017 CDT Cohort, now Cyber and Hybrid Policy Officer at NATO HQ in Brussels.

It has been just over a year since I successfully completed my viva – a milestone that initially felt both terrifying and insurmountable when I first joined the CDT. Now, I have the privilege of reflecting on my PhD journey and how its opportunities have shaped my present. I also wish to inspire curious students to embrace the full potential of the CDT and similar programs.   When I first came across the CDT application form, I initially envisioned transforming from a disillusioned city worker into a technical cyber security wizard, focusing on governance or incident response – as those were the only cyber security functions I was familiar with at the time. Very quickly, the CDT taught me that cyber security encompasses a vast and comprehensive range of approaches, offering me a holistic perspective on the field. Supported by the CDT, I engaged with exciting research and practitioner communities to learn about security governance, feminist and critical approaches, geography, the philos
Read more

Remote working and Cyber Security: Georgia Crossland and Amy Ertan

Image
Introducing the project The shift to remote working represents a huge shift for employees and organisations alike, introducing significant implications for cyber security. Amy Ertan and Georgia Crossland are currently working on a research project, in collaboration with the Research Institute for Sociotechnical Cyber Security (RISCS) and funded by the UK National Cyber Security Centre (NCSC), on the impact of remote working on cyber security and wellbeing. This blog post will give an overview of a section of this project, how remote working impacts cyber security. In response to COVID-19, in March 2020, organisations across the world made the rapid shift away from physical office working to remote working, wherever possible. This shift has had a significant impact across many aspects of organisations. This blog post will offer a high-level overview of how the cyber threat landscape was impacted for many organisations and may further change organisational cyber resilience. Remote workin
Read more

New Publication: Remote Working and (In)Security?: Amy Ertan

Image
A recent research report by CDT researchers Amy Ertan and Georgia Crossland has been published with the Research Institute for Sociotechnical Cyber Security (RISCS). The report examines ‘The Impact of Pandemic-Driven Remote Working on Employee Wellbeing, the Psychological Contract and Cyber Security’, with research carried out through a series of interviews with senior cyber security colleagues between January and April 2021. The full report can be found on the RISCS website: New publication: Remote Working and (In)Security | RISCS. Context In the UK and around the world, the impact of COVID-19 represented a total shift away from what was considered ‘normal living’. One aspect of this change was the rapid transition to remote working as people were encouraged to work from home and limit contact with others as far as possible through repeated lockdown conditions. Fellow CDT colleague Georgia Crossland and I were curious to explore how remote working has impacted the experiences - and se
Read more