The UK cyber security sector is already world-leading with cutting-edge capabilities – but it can be difficult for companies, small and large, to access the expertise they need to defend their organisation.
Now, an innovative new cyber security system is being developed by experts at Nottingham, supporting companies to prevent cyber attacks through tailored security assessment of their digital infrastructure.
Underpinned by scientific research
The £1 million project brings Nottingham's experts in cyber security, information integration and decision making together with academics at Carnegie Mellon University in the USA and the UK's National Cyber Security Centre to establish a digital 'Online Cyber Security System' decision support service (OCYSS) which will rapidly gather information on system vulnerabilities and alert organisations which may be affected.
"While the UK has access to some of the world's leading experts in cyber security, the scale and variety of systems in UK organisations makes it extremely challenging to flag potential system threats in a timely fashion," explains Dr Christian Wagner, School of Computer Science at the University. "This international-collaborative project targets a novel approach to semi-automatically identify vulnerabilities, greatly increasing the efficiency and capacity to respond to emerging threats."
This new approach is underpinned by cutting-edge research on integrating information from a number of different sources while managing discord between individual components within systems. The aim is to enable systems to maximise available cyber security insights and rapidly deliver user-tailored, up-to-date threat analysis to help organisations mitigate potential cyber attacks before they happen.
"Computer systems are built from hundreds, if not thousands, of hardware and software components. System analysts must pay special attention to how these components interact, placing them in the context of specific threats," adds Dr Travis Breaux, Carnegie Mellon University. "The number of configurations and possible cyber threats is simply insurmountable for human analysts to comprehend and evaluate on their own, which necessitates a semi-automated response that can stay ahead of emerging technology."
Tailored to real-world security challenges
With knowledge on vulnerabilities in systems developing rapidly, it's essential to ensure organisations maintain up-to-date awareness on their systems' potential exposure. The new approach is designed to capture and integrate security assessments from a number of sources, including government services such as the National Cyber Security Centre. The key challenge is to develop ways to gather and model this complex information effectively, while assessing discord in the security assessments provided by individual sources.
By building up a continuously evolving database of system vulnerabilities, the OCYSS framework will provide organisations with real-time threat assessments, tailored to their specific systems. Providing direct awareness of newly emerging vulnerabilities arising from individual system components or their interactions, the framework avoids delays in threat detection and mitigation.
"By publishing our research and re-usable open source software, we hope the results can be replicated internationally," said Dr Wagner. "Delivering a functional framework enables us to conduct an exceptional level of evaluation, tailored to the real-world cyber security challenges we face."