GCHQ Browser Heading GCHQ Print Heading

Developing the Cyber Experts of the future - GCHQ certifies Master's Degrees in Cyber Security

Press release - 1 Aug 2014
 
The certification of six Master’s degrees in Cyber Security was announced by Rt.Hon Francis Maude, Minister for the Cabinet Office, when he visited GCHQ today.
 
This marks another significant step in the development of the UK’s knowledge, skills and capability in all fields of Cyber Security as part of the National Cyber Security Programme.
 
The National Cyber Security Strategy recognises education as key to the development of Cyber Security skills and, earlier in the year, UK universities were invited to submit their Cyber Security Master’s degrees for certification against GCHQ’s stringent criteria for a broad foundation in Cyber Security.
 
Partnerships have been key throughout the process with the assessment of applicants based on the expert views of industry, academia, professional bodies, GCHQ and other government departments.
 
The six successful Master’s degrees were judged to provide well-defined and appropriate content, delivered to the highest standard.
 
The development of GCHQ-certified Master’s degrees will help the successful universities to promote the quality of their courses and assist prospective students to make better informed choices when looking for a highly valued qualification. It will also assist employers to differentiate between candidates when employing Cyber Security staff.
 
A further call for Master’s certification will take place in late 2014 and will be extended to degrees which are focused on critical areas of Cyber Security such as digital forensics.
 
The six successful universities, whose Cyber Security Master’s degrees have been awarded GCHQ-certified status, are:
 
Full certified status:
  • Edinburgh Napier University - Degree - MSc in Advanced Security and Digital Forensics
  • Lancaster University - Degree - MSc in Cyber Security
  • University of Oxford - Degree - MSc in Software and Systems Security
  • Royal Holloway, University of London - Degree - MSc in Information Security
Provisional certified status:
  • Cranfield University - Degree - MSc in Cyber Defence and Information Assurance
  • University of Surrey - Degree - MSc in Information Security
 

Francis Maude, Minister for the Cabinet Office said:

'Every time I visit GCHQ I see first-hand their tremendous work on Cyber Security. Cyber Security is a crucial part of this government's long term plan for the British economy. We want to make the UK one of the safest places in the world to do business online. Through the excellent work of GCHQ, in partnership with other government departments, the private sector and academia, we are able to counter threats and ensure together we are stronger and more aware.'
 

Nigel Smart, Professor of Cryptology, University of Bristol said:

'I am delighted to have been appointed as Independent Chair of the panel that assessed applications and am excited that GCHQ has introduced this rigorous standard for judging general Cyber Security Master's Degrees.
 
'For the first time, UK universities which become certified will have a means to promote the quality of the Cyber Security they teach. Over the next few years, as GCHQ certification is applied to more specialised areas of Cyber Security, I expect the number of UK universities achieving certification of their Master’s degrees to increase, thereby helping to raise the overall standard of teaching in Cyber Security at Master's level.'
 

Mark Hughes, President, BT Security said:

'At BT we are acutely aware of the impact of the UK cyber skills gap and recruiting the right people with the right knowledge and skills is a big deal for us. As a leading Internet service provider we want to employ the very best.  That is why we welcome GCHQ's certification of Master's degrees in Cyber Security.
 
'The fact that GCHQ recognises these courses as high calibre gives us, at BT, the confidence that those graduating with a Master's from one of these universities will have the sound knowledge base in Cyber Security that we would be looking for. This is a great step forward in developing the cyber specialist of tomorrow.'
 

Chris Ensor, Deputy Director for the National Technical Authority for Information Assurance at GCHQ said:

'As the National Technical Authority for Information Assurance, GCHQ recognises the critical role academia plays in developing the UK's skill and knowledge base. I'd like to congratulate the universities which have been recognised as offering a Master’s degree which covers the broad range of subjects that underpin a good understanding of Cyber Security. I'd also encourage those that didn't quite make it this time around to reapply in the near future, especially as we start to focus on more specialised degrees. Recognition of these degrees is an important first step towards recognising Academic Centres of Excellence in Cyber Security Education (ACEs-CSE).'

Notes for editors

Background

 
  1. Certification of Master’s degrees is the first step towards recognising universities which may qualify as Academic Centres of Excellence in Cyber Security Education (ACEs-CSE). It is anticipated that invitations for ACE-CSE applications will be issued to the academic community in summer 2015.

  2. GCHQ is offering two types of certification: Full certification for those Master’s degrees which are currently running and had a cohort of students complete the degree in academic year 2012 to 2013; provisional certification for those Master’s degrees that are currently running but did not have a cohort complete in academic year 2012 to 2013, or for new Master's degrees due to start in September/October 2014.

  3. Each university which wanted its Master’s degree in cyber security to be fully certified had to submit an application which described:
    1. the academic team delivering the Master's
    2. the subject areas taught
    3. the examinations used for assessment of students
    4. how students undertake their original research dissertations
    5. applicants also had to supply example dissertations; entry requirements for the Master's, student numbers, grades achieved and student feedback.
    Applications for provisional certification were not required to provide example dissertations or information on student numbers.

  4. An assessment panel with representatives from academia, GCHQ, industry, wider government and professional bodies assessed the applications against a set of criteria. Each application was read in depth by at least 3 assessors (one of whom was from academia) and the panel as a whole agreed a score for each section of an application and the overall outcome.

  5. The UK Cyber Security Strategy (November 2011) sets out how the UK will support economic prosperity, protect national security and safeguard the public’s way of life by building a more trusted and resilient digital environment.

  6. The National Cyber Security Programme (NCSP) is run by the Office of Cyber Security and Information Assurance (OCSIA) within Cabinet Office and coordinates work undertaken by government departments to implement the UK Cyber Security Strategy.

  7. GCHQ aims to recognise UK universities which are excellent in Cyber Security and can be seen by Government and Industry as a core focal point for academic engagements on research and education.

  8. There are 11 Academic Centres of Excellence in Cyber Security Research (ACEs-CSR) to date. They have been recognised as conducting world-leading research in the field of Cyber Security and are helping to set the research agenda for the future. For more information see the CESG website.

  9. GCHQ is also developing a programme to identify and recognise Academic Centres of Excellence in Cyber Security Education (ACEs-CSE). The first applications from universities wishing to be recognised as excellent in Cyber Security Education will be judged in late 2015. It is anticipated that only universities whose Master’s degrees have been GCHQ-certified will be eligible to apply for ACE-CSE recognition.

  10. GCHQ is one of the three UK intelligence agencies.