Tech 100: ‘We need to know how a malicious hacker will break into our network to understand how to defend it’

Written by Dr Natalie Coull on 12 January 2017 in Comment

Abertay University lecturer Dr Natalie Coull on the need to focus on offensive security within education

Dr Natalie Coull, Abertay University

It has been over 11 years since Abertay introduced the UK’s first BSc Ethical Hacking degree, followed by the MSc for graduates with a computing background.

We received a lot of attention from both the media and others in the academic community surrounding the ethics of teaching people how to hack and the value of specialist undergraduate computing degrees.

That initial criticism is a distant memory: there is great demand from industry for graduates from the programmes and we continue to recruit healthy numbers of students.


RELATED CONTENT

Updated UK cyber security strategy to narrow the gap between convenience and security

US election hack could inspire political interference in Britain, according to cyber security head

Cyber security centre to research 'developer-friendly' approaches


Many companies who employ our students comment that they simply can’t find graduates with the same skills elsewhere.

Part of the reason that companies struggle to recruit in this space is a gap in specialist undergraduate degrees where students are taught cyber security skills that are required by industry, underpinned by core computing.

There are two fundamental approaches to teaching cyber security: defensive and offensive.

Defensive cyber security teaching is relatively mature and there exist a number of highly valued university programmes that develop the skills relevant to defensive security such as cryptography and intrusion prevention.

Skills in this defensive domain are vitally important but it is equally important that an organisation also considers offensive security in order to better understand its weaknesses and strengthen resources.

Offensive cyber security focuses on attack techniques – in order to defend a system, we need to know how a malicious hacker can exploit vulnerabilities and weaknesses to gain access and control.

Simulating an attack by a malicious hacker, utilising the same tools and techniques that a hacker would use, can be a very effective way of identifying security weaknesses that need addressed.

We need to know how a malicious hacker will break into our network in order to understand how to defend it properly.

The UK Government has recently acknowledged the need for offensive cyber security skills in the National Cyber Security Strategy, to actively target and disrupt criminal activity.

Defensive security has received considerable investment in this area to date. Offensive cyber security is comparatively less well developed, perhaps due to the stigma associated with teaching people how to hack.

We firmly believe that academia and industry need to overcome that stigma and develop this field to ensure that graduates have the skills necessary to address the cyber security shortage and ensure that the workforce has sufficient personnel equipped with offensive cyber security skills.

Dr Natalie Coull is a lecturer in computer security at the Abertay University and won the Outstanding Woman in Cyber award at the inaugural Scottish Cyber Awards in November 2016.

Tags

Categories

Related Articles

Related Sponsored Articles

Health Innovators You Should Know About: FlowForma's no-code, logic-only solution
19 December 2016

Microsoft partner FlowForma walks through its efforts to empower local government as part of a series that highlights local government innovators across the UK

Ready to innovate: How local government is responding to budget pressure
19 December 2016

Microsoft partner CPS walks through its efforts to empower local government as part of a series that highlights local government innovators across the UK

Transforming the Public Sector with Dynamics 365
7 December 2016

Microsoft looks at how intelligent business applications can help the public sector improve service delivery

Share this page