Professor Andrew Blyth | Head of Information Security Research Group | University of South Wales
tel: +44 (0)1443 482245 |firstname.lastname@example.org | w ww.southwales.ac.uk
he cybersecurity experts at the University of South Wales, UK, understand that agile cyber defence is essential
to protect everything from the infrastructure of organisations to critical information. With this understanding
in mind, they are working on a £1.5m (~€2.08m) project for the Defence Science and Technology Laboratory
which could dramatically change the way high-end cyber attacks are detected and mitigated.
Together with partners at Oxford University, the team is developing a prototype visualisation tool on behalf of prime
contractor Northrop Grumman.
This prototype will work towards realising key user requirements such as: visibility of all network traffic, the ability
to exchange computer network defence (CND)-related data within the community, visibility of high priority network
and service dependencies, high CND capability for threat detection, network vulnerability assessment, informative
risk management decision making, and the ability to mitigate against known risks.
Situational awareness poses a particular challenge in cyberspace, where the physical manifestations of an attack may
only become apparent after the event. Being able to quickly identify and eradicate these risks is crucial in the case of
the armed forces. The ability to visualise cyber events in new ways will help create greater situational awareness and
enable users to improve the speed and effectiveness of network defence decision making. In order to face this matter
head on, it has become a solid part of key challenges in the area.
This important research and the resulting capability it produces will not only be key enablers in helping the Ministry
of Defence (MoD) to defend its digital assets intelligently, but are also crucial to maintaining the ministry’s core
business processes. Cyber defence and how risks are managed and dealt with are a huge and ever-changing issue
for the defence industry. The systems we are working with hold vast amounts of data, and so the prototype we are
developing has to be capable of analysing it and identifying high-end threats. What is crucial in defence is that any
potential breaches or attacks must be identified and dealt with very quickly. The systems we are working on could
be used to deliver services for the UK MoD throughout the world, and so it is vital to prevent or minimise any disruption
caused by cyber attacks.
This new analytical system will identify cyber breaches and link them to a particular business process of the
organisation concerned. Therefore, not only will the current threat be identified, but also the threat posed to