GCHQ establishes vulnerability detection research group

Intelligence and Security Committee report highlights cyber security failings and GCHQ staffing issu
Intelligence and Security Committee report highlights cyber security failings and GCHQ staffing issu

GCHQ has announced that it is to open an academic research institute that will seek vulnerabilities in software.

According to Computer Weekly, the group will provide businesses, individuals and government with details on software behaviour in a secure way when it is installed on operational networks.

The group is funded by a £4.5 million grant and made up of teams from: Queen Mary, University of London working with University of Kent and University College London; University of Edinburgh; Imperial College London; University College London; University of Kent working with University College London; and the University of Manchester.

Also involved are partnerships with the Engineering and Physical Sciences Research Council (EPSRC) through the Research Councils UK (RCUK) Global Uncertainties Programme and the Department for Business, Innovation and Skills (BIS).

Imperial College London will host the research institute, with Professor Philippa Gardner appointed as director of research. She said: "The creation of this research institute recognises the excellence of UK research in automated program analysis and verification. It provides an exciting opportunity to focus this research on cyber security."

David Delpy, EPSRC's chief executive, said: "Academic research that both evaluates threats and devises appropriate defences and safeguards is vital to our national and personal security. Fundamental and applied science and engineering have important roles to play here."

David Willetts, minister for universities and science, said: "This institute will build on the UK's global reputation for cyber security research and innovation. It complements wider work government in partnership with academia and industry to boost the economy through improved cyber security. This includes the Cyber Growth Partnership, which met for the first time this week"

Ash Patel, regional director of Stonesoft, said: “Today's cyber battles have no geographic boundaries and the attack methods used by hackers are fast gaining complexity. The creation of a vulnerability research unit by GCHQ is a positive move forward and helps further demonstrate to UK businesses that the government is truly committed to fighting cyber crime and threats.

“This builds upon the UK government's call to work closer with industry and academia in developing an endorsed standard for cyber security earlier this month.

“In the current economic climate, Britain needs to promote the fact it is doing everything possible to develop a safe trading environment and encouraging investment from global enterprises. Security is a key factor in this. However, businesses cannot rely on the government alone. For ultimate success, businesses must work in parallel with the institute, ensuring protocols are in place that help employees identify potential cyber security risks.”

Sign up to our newsletters