What is BU-CERT?
BU Computer Emergency Response Team (BU-CERT) is the product of the fusion of Bournemouth University’s IT Services, the Department of Computing and Informatics and the Department of Psychology.
BU-CERT primarily offers threat intelligence to its constituency. Our analyst team triages, evaluates and prioritises threat information and feeds and communicates their findings to BU employees and students through security announcements and publication of security advisories. The following services are offered:
- Alerts and Warnings
- Incident Handling
- Development of Security Tools
- Configuration and Maintenance of Security Tools, Applications and Infrastructures
- Awareness Building
- Education and Training
BU IT Services are responsible for the operational aspects of BU-CERT offering incident and vulnerability handling, assessments and alerts and warning services.
To complement and support IT Services, the Department of Computing conducts a number of research activities in the area of incident response, malware analysis and threat intelligence. The interdisciplinary research draws upon the competency and expertise of the Department’s research groups, encompassing data science, HCI, social informatics and security awareness and education.
The Department of Psychology conducts research in a range of relevant topics, including risk perception, trust, social engineering and behaviour change. This includes work on understanding the motivations, group dynamics, social identity and decision making of individual hackers and hacker groups. Using this work we aim to promote understanding of how threats may be detected, prevented and mitigated; and how people may be best educated and empowered to minimise the harm associated with cyber attacks.
What is an academic CERT?
A typical IS of a modern academic environment is far from plain, simple and straightforward. It is an extremely complex mix of different devices, systems and people with a substantial range of needs. Unlike other domains, academic IT infrastructures should be capable of supporting research, education and innovation, underpinned by the so-called academic freedom. Consequently, in order for IT to act as an enabler, it should be capable of offering a wide range of services and a plethora of different types of software, systems and applications. As such, the cybersecurity challenges in such environments are non-trivial.
Due to the large diversity of services and heterogeneity of the network, a CERT serving an academic constituency would face a large number of challenges. BU-CERT serves about 20,000 users who are primarily students or staff.
Apart from the operational aspects, an academic CERT is expected to inform research in cybersecurity and more particularly in areas such as malware analysis, digital forensics, incident response, as well as in the pedagogical aspects of information security education. Conversely, the research outputs are expected to provide innovative solutions for incident response approaches through SIEM practices.