Closing the window between becoming aware of a potential technical exploit and action to plug the vulnerability reduces exposure to systems compromise. How can we best apply automation across government’s cyber security practices to ensure that potential exploits are addressed as quickly as possible? What are the risks and opportunities? What are the dependencies on other technology? Are there ethical or considerations in this area?

Background

The challenges have become more complex, intertwined and dangerous as the world has become more uncertain and volatile. Domestic, overseas and online threats are increasingly integrated as adversaries develop capabilities and exploit vulnerabilities across borders and between the cyber and physical worlds. We are seeking research to help Government adapt to a changing security environment based on research and evidence.

Next steps

Should you have questions relating to this ARI please contact co_aris@cabinetoffice.gov.uk. If your query relates to a specific question please state its title in your email.

Source

This question was published as part of the set of ARIs in this document:

CO AR Is 2019 20190429

Related UKRI funded projects

  • Academic Centre of Excellence in Cyber Security Research - Cardiff University

    Cardiff University is a leading UK academic institution for cyber security analytics and artificial intelligence - the interpretation and effective communication of applied data science and AI methods through interdiscip...

    Funded by: EPSRC

    Why might this be relevant?

    The project focuses on cyber security analytics and artificial intelligence, which can be applied to address potential exploits and vulnerabilities in government's cyber security practices.

  • Leveraging the Multi-Stakeholder Nature of Cyber Security

    Cyber Security (CyS) is a challenging, distributed, multi-stakeholder problem. It is distributed in the sense that the expertise to comprehensively assess the level of security of a given IT system is commonly not all av...

    Funded by: EPSRC

    Why might this be relevant?

    The project aims to leverage the multi-stakeholder nature of cyber security and develop a framework to improve user access to tailored cyber security information, which can help address potential exploits and vulnerabilities in government's cyber security practices.

  • Cyber-R: Securing Businesses through Generative AI-based Adaptive Cyber Resilience Service

    According to the UK Cyber Security Breaches Survey 2024, UK businesses faced approximately 7.78 million cybercrimes over the past year, with phishing attacks accounting for 84% of these incidents. Additionally, 50% of bu...

    Funded by: Innovate UK

    Lead research organisation: UNIVERSITY OF WOLVERHAMPTON

    Why might this be relevant?

    The project addresses the need for automation in cyber resilience to address potential exploits quickly.

  • RISKREVELATION AI

    Planet Pen Test Ltd (PPT), led by Shannon Simpson and Anna Standley, is a UK cybersecurity SME developing an AI platform (RISKREVELATION AI) to help companies proactively tackle cybersecurity issues. Even before COVID-19...

    Funded by: Innovate UK

  • Machine Learning, Robust Optimisation, and Verification: Creating Synergistic Capabilities in Cybersecurity Research

    The need for better support to deal with the threats of cybersecurity is undisputed. Organisations are faced with an ever growing number of malware and integrated malware attack tools, attempted attacks on infrastructure...

    Funded by: EPSRC

  • Proactive Security Decision Support System informed by Cyber Threat Intelligence (PSDSS-CTI)

    This project will develop a proactive security decision supporting system that helps decision makers prioritise security investment within a changing threat landscape. This system will incorporate cyber threat intelligen...

    Funded by: Innovate UK

  • Evaluating Cyber Security Evidence for Policy Advice: The Other Human Dimension

    The quality of a state's capacity to respond to the challenges of cyber security is rapidly coming to be recognised as an important element of global competitiveness. This project seeks to understand the challenges faced...

    Funded by: EPSRC

  • Cyber Enterprise Security - predict it, fix it

    This project is a new approach to making sure an enterprise (be that a business, defence such as the MoD or Health) can function as best as possible as the state of cyber changes. This could be as a result of cyber-attac...

    Funded by: Innovate UK

  • Aurelian Protect

    Aurelian Protect is your very own easy-to-use personal cybersecurity defence, powered by a suite of AI-driven tools. At its core lies a simple yet revolutionary idea: bringing institutional-grade cybersecurity to every u...

    Funded by: Innovate UK

  • Customized and Adaptive approach for Optimal Cybersecurity Investment

    The proposed research aims to help organisations to make better cybersecurity investments. For example is it better in a given organization to prioritise a policy of changing passwords over patching software regularly? A...

    Funded by: EPSRC