The Research Institute in Science of Cyber Security (RISCS)

The Research Institute in Science of Cyber Security is the UK’s first academic Research Institute to focus on understanding the overall security of organisations, including their constituent technology, people and processes. It is now in its second phase, RISCS2. If you want to find out more about the history of RISCS, please read the blog post here.

RISCS2 will have three annual community meetings plus an academic conference shared with its siblings, the Research Institute in Automated Program Analysis and Verification (RIAPAV), led by Philippa Gardner (Imperial), and the Research Institute in Trustworthy Industrial Control Systems (RITICS), led by Chris Hankin (Imperial).

RISCS is focused on giving organisations more evidence, to allow them to make better decisions, aiding to the development of cybersecurity as a science. It collects evidence about what degree of risk mitigation can be achieved through a particular method – not just the costs of its introduction, but ongoing costs such as the impact on productivity – so that the total cost of ownership can be balanced against the risk mitigation that’s been achieved. Its main goal is to move security from common, established practice to an evidence base, the same way it happened in medicine.

The institute is managed by the RISCS Hub team based at University College London.

The RISCS Annual Report 2016 was released at the UK Cyber Security Research Institutes Conference in October 2016.  The 2013, 2014 and 2015 reports are also available.