Credit: CyBOK project
Some of the world's leading experts in cybersecurity have pooled their academic and industry insights to produce an authoritative guide that could help organizations to future proof their resources. The guide, the first of its kind, will also help expand the capabilities of those who will be at the forefront of tackling the challenges of an increasingly connected world.
Despite cyberattacks costing the global economy hundreds of billions of pounds each year, the cybersecurity sector has historically suffered from a skills gap and a lack of consistent knowledge and advice for people to reliably follow.
The Cyber Security Body of Knowledge (CyBOK) has been developed in a bid to fill that gap and is accompanied by further resources, all available for free and open source online.
Funded by the UK's National Cyber Security Programme and initiated by the National Cyber Security Centre (NCSC), CyBOK is a major landmark and unique resource, covering the full breadth and depth of cybersecurity issues - from the role of human agency in compromising and safeguarding systems, to the importance of hardware security and protecting critical national infrastructures from cyberattacks.
It comprises 19 Knowledge Areas, documents that comprehensively explore the strengths, limitations and implications of issues such as risk management and governance, law and regulations, privacy and online rights, malware and criminal behaviors, securing mobile and web technologies, and large networked systems, software and hardware.
"Cybersecurity is becoming an important element in curricula at all education levels. However, the foundational knowledge upon which the field of cybersecurity is being developed is fragmented and, as a result, it can be difficult for both students and educators to map coherent paths of progression through the subject," said project lead Awais Rashid, Professor of Cyber Security in the University of Bristol's Department of Computer Science.
"By comparison, mature scientific disciplines like mathematics, physics, chemistry and biology have established foundational knowledge and clear learning pathways.
"Our hope is that CyBOK will provide a consolidated body of knowledge that can become a universal guidebook and authoritative reference tool for academia, industry and government. Educational programs ranging from secondary and undergraduate education through to post-graduate and continuing professional development programs can then be developed on the basis of CyBOK."
Chris Ensor, the National Cyber Security Centre's Deputy Director for Growth, added: "This is the first time we have written down what you need to know to work in the field and a real enabler for developing cybersecurity as a profession. It's been developed by the community, for the community and I believe it will play a major role in education, training and professional practice."
The project, which is the result of almost three years' work, also involved Professor Andrew Martin (Oxford University), Professor George Danezis (UCL), Professor Emil Lupu (Imperial College London), Dr Howard Chivers (University of York) and Professor Steve Schneider (University of Surrey).
Provided by University of Bristol
