Brit unis get £7.5m of taxpayers' cash for cybersecurity PhDs

22 scholarships at Oxford and Royal Holloway up for grabs


Two UK universities are going to split £7.5m in government funding to train the next generation of cybersecurity experts.

The University of Oxford and Royal Holloway University bagged £3.65m and £3.8m respectively to run doctoral courses in computer security from the Engineering and Physical Sciences Research Council and the Department for Business, Innovation and Skills.

Universities minister David Willetts said Blighty had to do everything it could to handle threats to its networks and electronic systems.

"Businesses are facing more cyber-attacks than ever before, putting their confidential information and intellectual property at risk. We must do everything we can to tackle this threat and make them less vulnerable," he said.

"These new centres will produce a new generation of cyber security specialists, able to use their skills and research expertise to improve cyber security and drive growth."

The multimillion-pound handouts are part of the National Cybersecurity Programme, and will add PhD places on top of the 30 GCHQ-sponsored slots the scheme already supports.

The UK government has joined the US administration and other nations in classing cyber attacks as a priority for national security, sticking them on the same level of terrorism.

Oxford uni said its programme would include the security of big data, real-time safety, and effective systems verification and assurance.

"The Centre for Doctoral Training (CDT) team will not draw from just the technical perspective, but also disciplines such as social science, business, and strategic studies," said Dr Andrew Martin, who will run the centre.

"Mixing these with practitioner experiences from business and government, the students will gain a unique insight into the context of their work, and undertake research that makes a real, long-lasting contribution."

The funding would allow the top uni to offer 12 full scholarships for starting periods of three years, while Royal Holloway said it would have ten PhD scholarships in three annual intakes.

Organisations including IBM, McAfee, Thales and Logica had already agreed to back Royal Holloway's programme, the university said. ®


Other stories you might like

  • IBM buys Randori to address multicloud security messes
    Big Blue joins the hot market for infosec investment

    RSA Conference IBM has expanded its extensive cybersecurity portfolio by acquiring Randori – a four-year-old startup that specializes in helping enterprises manage their attack surface by identifying and prioritizing their external-facing on-premises and cloud assets.

    Big Blue announced the Randori buy on the first day of the 2022 RSA Conference on Monday. Its plan is to give the computing behemoth's customers a tool to manage their security posture by looking at their infrastructure from a threat actor's point-of-view – a position IBM hopes will allow users to identify unseen weaknesses.

    IBM intends to integrate Randori's software with its QRadar extended detection and response (XDR) capabilities to provide real-time attack surface insights for tasks including threat hunting and incident response. That approach will reduce the quantity of manual work needed for monitoring new applications and to quickly address emerging threats, according to IBM.

    Continue reading
  • OMIGOD: Cloud providers still using secret middleware
    All the news you may have missed from RSA this week

    RSA Conference in brief Researchers from Wiz, who previously found a series of four serious flaws in Azure's Open Management Infrastructure (OMI) agent dubbed "OMIGOD," presented some related news at RSA: Pretty much every cloud provider is installing similar software "without customer's awareness or explicit consent."

    In a blog post accompanying the presentation, Wiz's Nir Ohfeld and Shir Tamari say that the agents are middleware that bridge customer VMs and the provider's other managed services. The agents are necessary to enable advanced VM features like log collection, automatic updating and configuration syncing, but they also add new potential attack surfaces that, because customers don't know about them, can't be defended against.

    In the case of OMIGOD, that included a bug with a 9.8/10 CVSS score that would let an attacker escalate to root and remotely execute code. Microsoft patched the vulnerabilities, but most had to be applied manually.

    Continue reading
  • Costa Rican government held up by ransomware … again
    Also US warns of voting machine flaws and Google pays out $100 million to Illinois

    In brief Last month the notorious Russian ransomware gang Conti threatened to overthrow Costa Rica's government if a ransom wasn't paid. This month, another band of extortionists has attacked the nation.

    Fresh off an intrusion by Conti last month, Costa Rica has been attacked by the Hive ransomware gang. According to the AP, Hive hit Costa Rica's Social Security system, and also struck the country's public health agency, which had to shut down its computers on Tuesday to prevent the spread of a malware outbreak.

    The Costa Rican government said at least 30 of the agency's servers were infected, and its attempt at shutting down systems to limit damage appears to have been unsuccessful. Hive is now asking for $5 million in Bitcoin to unlock infected systems.

    Continue reading

Biting the hand that feeds IT © 1998–2022