Experts from the University of Nottingham have been awarded funding from EPSRC to lead a project to help businesses understand and improve their cyber security.
The University of Nottingham’s School of Computer Science has been awarded almost £700,000 in funding from EPSRC to lead a project to help businesses understand and improve their cyber security and streamline access to targeted support.
The research aims to create Cyber Security Communities of Support (CyCOS), bringing together SMEs and advisory sources for practical help and support.
The team includes Dr Maria Bada from Queen Mary University of London and Dr Jason Nurse from the University of Kent, and is led by Steven Furnell, Professor of Cyber Security at the University of Nottingham.
The importance of helping small businesses improve cyber security
The UK Cyber Security Breaches Survey showed that half of small and a third of micro businesses experienced breaches or attacks in the last year.
Although they seek external guidance in relation to cyber security, this is done via a large range of sources. This leaves small businesses overwhelmed with information and unable to understand advice and ultimately improve cyber security needs.
“Businesses know there is a need to protect themselves from cyber attacks, but knowing just how to do this and where to go for trusted help can be a minefield. We want to make the process of accessing help easier and more targeted.
“Our research will improve understanding of SME needs and the perspective of those that they turn to for support. We will then use these insights as a foundation for the design and evaluation of a new and more accessible model for support with the Communities of Support pilots,” said Professor Furnell.
Establishing business’ understanding of cyber security
The research will explore the support needs of small businesses to find out their current understanding and confidence around cyber security and their awareness of available support.
The investigation aims to determine the scenarios in which advice regarding improving cyber security is sought and whether it is deemed effective.
The project will also look at support routes available to these businesses, focusing on the coverage and consistency of advice and the confidence of those providing it.
The findings will help establish three pilot CyCOS
The findings from the research will be used by the team to establish three pilot CyCOS. This will include the development of an online Support Broker, allowing small businesses to improve cyber security through the identification of support needs.
Upskilling opportunities for advisors and interested small businesses will also be available through the project’s foundational cyber security certification to increase their related knowledge capability.
Strong collaboration supporting the project
The research is supported by strong industry collaboration, with partners including the Home Office, (ISC)2, IASME, the Chartered Institute of Information Security, the Centre for the New Midlands, and three regional Cyber Resilience Centres.
Professor Furnell concluded: “This project is an exciting opportunity to plug a gap that exists in cyber security for SME’s. We hope that if successful the CyCOS model could be rolled out nationally and become a vital tool in the fight against cyber attacks.”