The Cyber Security Knowledge Transfer Network (KTN), funded by the Department of Trade and Industry (DTI) and managed by QinetiQ, will address a number of significant information security challenges facing the UK, including cyber crime, identity management and biometrics.
The KTN has announced the creation of four working groups, each tasked with addressing a specific cyber security challenge and required to deliver a particular output. One working group will address the issue of identity management in a digital networked world by investigating how current users, such as the financial services industry, have tackled the issue on a global scale in a cost effective manner.
The creation of this particular group reflects the fact that good ID management is key to the financial sector remaining profitable and maintaining customer confidence. The group will examine what lessons can be learnt and shared with government and other industries looking to implement large scale identity management programmes. It is expected that initial recommendations will be produced within three months.
QinetiQ's Sadie Creese, Director of the Cyber Security KTN, said: "With an increasing need to manage digital identity effectively and securely it makes absolute sense to turn to an industry that has a good track record on this issue to help understand what works. With initiatives such as national ID cards being implemented the financial services industry is keen to share best practice and ensure such programmes benefit from that experience. By drawing together industry, government and academia in this and other working groups, the Cyber Security KTN has a great opportunity to be at the centre of the UK's digital security."
Welcoming the launch of the network, Creese continued: "Since the KTN was first announced last month we have had an excellent response from all sectors with a major interest in cyber security. I very much intend to ensure that the network is inclusive and represents a forum that delivers tangible results. Our ultimate aims are to improve the nation's security and also our ability to export British security expertise to the global market. By setting tight timescales and demanding very specific outputs from working groups I am confident we are well positioned to make a real difference."
In addition to the ID management working group, the other groups announced today comprise:
- Human issues - to investigate the potential for addressing system security weaknesses introduced via the human user, such as phishing attacks;
- Applications for trusted computing platforms - to investigate the potential applications, business models and use cases for exploiting trusted computing platforms and identify benefits and key challenges (technical or otherwise) for successful exploitation;
- Metrics for effectiveness - to investigate potential improvements in the ability to measure how good a solution is at protecting against threats and mitigating business risk.
Of these first four groups, the human factors work will be competed and funded from the network's initial £1.8 million budget. The other three groups will be unfunded and managed by individuals or organisations with relevant expertise in that area. Each is required to deliver a specific output within three months. The KTN's steering committee will continue to identify other areas of interest for future working groups and other funded projects.
The Cyber Security KTN steering committee is an expert panel that will oversee all of the network's activities. The committee has been drawn primarily from industry and includes representatives of BT, Aviva, BP, Visa, British Airways, Cisco and Microsoft. The DTI, Home Office, MOD, other government departments and various leading universities are also represented.
The steering committee will decide on strategy direction and allocate funds from the KTN budget. The KTN will also lead in collecting the views of the community on what should be covered by the £10 million Network Security Innovation Platform announced by the Technology Strategy Board on November 2005, which is expected to include calls for collaborative research and development grant projects, demonstrator projects and the development of standards.
04/06/2006











