Today a research team from the University of Bristol, Imperial College London and University of Surrey publish a report that asks - Is this global position sustainable? Or as other countries up their game and invest heavily in cyber security research, does the UK risk falling behind?
The analysis focussed on strategic investments in the UK and its key competitor nations with regard to cyber security research – France, Germany, Israel, Singapore, USA - between 01 January 2012 and 31 December 2019. The data for each country was collected from public information sources and cross-validated with funders’ online databases, wherever possible.
The research found that:
- Significant capacity has been developed in the UK between 2012 and 2019 through the 19 Academic Centres of Excellence in Cyber Security Research (ACE-CSRs), the four EPSRC-NCSC Research Institutes, the four Centres for Doctoral Training, the Centre for Security Information Technologies (CSIT) and The PETRAS National Centre of Excellence for IoT Systems Cybersecurity.
- However, major long-term investments in other nations, especially, the USA, France and Germany, are leading to the development of large clusters of research excellence. These pose risks not only with regards to brain drain from the UK but also, based on levels of investment from 2012–2019 and continuing investments beyond 2019, to maintaining the UK’s position as a leading nation for research and innovation in cyber security.
- In absolute terms, and as a percentage of GDP, UK investment in cyber security research falls significantly behind our major competitors. There is a need for a step change in investment in cyber security research in various forms – strategic clusters of excellence, doctoral training and the creation of national research facilities – in order to sustain and maintain the UK’s cyber security research position in the world.
The report makes three recommendations to UK policy makers and funders of research:
- The UK needs to make long-term large-scale investments in developing clusters of research excellence in cyber security.
- The long-term health of UK cyber security research requires significant growth in capacity building through strategic investment in doctoral research funding to train future R&D leaders in cyber security.
- National research facilities are critical for researchers to validate their ideas on large-scale experimental platforms – providing a competitive edge for innovative products and services that are evidence-based and globally leading in enhancing cyber security of emerging hyperconnected environments.
Professor Awais Rashid (University of Bristol) co-author of the report, Head of Bristol Cyber Security Group and Director of Cyber Security Centre for Doctoral Training.
"Research at UK universities plays a leading role in making the UK the safest place to do business online in the world. Our analysis shows that in order to remain at the forefront of cyber security research, maximising economic benefit and maintaining our competitiveness, the UK must expand its current research capacity by making large long-term investments in clusters of excellence, complemented by national-scale research facilities and doctoral training."
Professor Chris Hankin (Imperial College London) co-author of the report and Director of RITICS said:
"The cyber landscape is constantly evolving and thus it is important that the UK continues its investment in longer term research to make sure we are ready to face the challenges of tomorrow."
Professor Steve Schneider (University of Surrey), co-author of the report and Director of the Surrey Centre for Cyber Security, said:
"We believe that a long-term focus on research is the right approach to cementing the UK's enviable position as a leader in cyber security. 5G enabled technologies and the increase use of AI - especially in ways which link to our critical infrastructure such as the NHS – will mean that the role of cyber security will become even more crucial in the years to come. We must invest in that future now."