The Research Institute in Science of Cyber Security (RISCS)

The Research Institute in Science of Cyber Security is the UK’s first academic Research Institute to focus on understanding the overall security of organisations, including their constituent technology, people and processes.

The Institute is one of three Research Institutes formed as part of the UK National Cyber Security Strategy. The other two Institutes are the Research Institute in Automated Program Analysis and Verification and the Research Institute in Trustworthy Industrial Control Systems.

RISCS is focused on giving organisations more evidence, to allow them to make better decisions, aiding to the development of cybersecurity as a science. It collects evidence about what degree of risk mitigation can be achieved through a particular method – not just the costs of its introduction, but ongoing costs such as the impact on productivity – so that the total cost of ownership can be balanced against the risk mitigation that’s been achieved. Its main goal is to move security from common, established practice to an evidence base, the same way it happened in medicine.

The institute, funded by a £3.8 million grant, is a virtual collaboration between researchers at:

The institute is managed by the RISCS Hub team based at University College London.

The RISCS Annual Report 2016 was released at the UK Cyber Security Research Institutes Conference in October 2016.  The 20132014 and 2015 reports are also available.