Some of the world’s leading experts in cyber security have pooled their academic and industry insights to produce an authoritative guide that could help organisations to future proof their resources. The guide, the first of its kind, will also help expand the capabilities of those who will be at the forefront of tackling the challenges of an increasingly connected world.
Despite cyber attacks costing the global economy hundreds of billions of pounds each year, the cyber security sector has historically suffered from a skills gap and a lack of consistent knowledge and advice for people to reliably follow.
Funded by the UK’s National Cyber Security Programme and initiated by the National Cyber Security Centre (NCSC), CyBOK is a major landmark and unique resource, covering the full breadth and depth of cyber security issues – from the role of human agency in compromising and safeguarding systems, to the importance of hardware security and protecting critical national infrastructures from cyber attacks.
It comprises 19 Knowledge Areas, documents that comprehensively explore the strengths, limitations and implications of issues such as risk management and governance, law and regulations, privacy and online rights, malware and criminal behaviours, securing mobile and web technologies, and large networked systems, software and hardware.
“Cyber security is becoming an important element in curricula at all education levels. However, the foundational knowledge upon which the field of cyber security is being developed is fragmented and, as a result, it can be difficult for both students and educators to map coherent paths of progression through the subject,” said project lead Awais Rashid, Professor of Cyber Security in the University of Bristol’s Department of Computer Science.
“By comparison, mature scientific disciplines like mathematics, physics, chemistry and biology have established foundational knowledge and clear learning pathways.
“Our hope is that CyBOK will provide a consolidated body of knowledge that can become a universal guidebook and authoritative reference tool for academia, industry and government. Educational programmes ranging from secondary and undergraduate education through to post-graduate and continuing professional development programmes can then be developed on the basis of CyBOK.”
Chris Ensor, the National Cyber Security Centre’s Deputy Director for Growth, added: “This is the first time we have written down what you need to know to work in the field and a real enabler for developing cyber security as a profession. It’s been developed by the community, for the community and I believe it will play a major role in education, training and professional practice.”
The project, which is the result of almost three years’ work, also involved Professor Andrew Martin (Oxford University), Professor George Danezis (UCL), Professor Emil Lupu (Imperial College London), Dr Howard Chivers (University of York) and Professor Steve Schneider (University of Surrey).
It was developed as part of the National Cyber Security Programme, with funding provided by the National Cyber Security Centre.