Oxford Offers GCHQ-Approved Cyber Intelligence Degree

University of Oxford students now have the option to pursue a Master’s degree in software and system security accredited by GCHQ (Government Communications Headquarters) – the British counterpart of the US NSA (National Security Agency).

gchq

Photo: michaeljung / Shutterstock

This means Oxford joins only five other universities in the UK that have their cyber security courses signed off by the intelligence agency in the country, reports the BBC.

Francis Maude, Cabinet Office minister, said that cyber security was a critical element of the UK government’s long-term vision for the economy, pointing out that the courses would make UK one of the safest places in the world to conduct online businesses.

He also stated:

“Through the excellent work of GCHQ, in partnership with other government departments, the private sector and academia, we are able to counter threats and ensure together we are stronger and more aware.”

University of Oxford now joins Edinburgh Napier University, Lancaster University, Royal Holloway, University of London in the list of universities running fully-accredited GCHQ programs. The intelligence agency has also given provisional accreditation to University of Surrey’s information security course, and Cranfield University’s cyber defense and information assurance course.

Another call for universities to get their courses in Masters Certification accredited by the agency will take place in the fourth quarter of 2014, and will be extended to degrees focusing on critical areas of information security, like digital forensics.

It is noticeable that these aren’t brand new courses, rather the courses that have been recognized by the UK government for meeting the criteria.

“The National Cyber Security Strategy recognises education as key to the development of cyber security skills and, earlier in the year, UK universities were invited to submit their cyber security Masters degrees for certification against GCHQ’s stringent criteria for a broad foundation in cyber security,” announced GCHQ.

“Partnerships have been key throughout the process with the assessment of applicants based on the expert views of industry, academia, professional bodies, GCHQ and other government departments.”

University of Oxford and others “were judged to provide well-defined and appropriate content, delivered to the highest standard”.

The strategy becomes a part of the UK’s cyber security strategy – it was published back in 2011 and recognized that education was the key to prevent cyber threats and improving defenses against online fraud and hackers.

Could it lead to pro-surveillance?

There may be concerns that GCHQ-approved courses could be slanted towards pro-surveillance. While the NSA has been under the raw end of the sword when it comes to cyber spying, whistleblower Edward Snowden has also accused GCHQ, even calling them far worse than their American counterparts.

“Their respect for the privacy right, their respect for individual citizens, their ability to communicate and associate without monitoring and interference is not strongly encoded in law or policy,” Snowden said in a statement The Guardian. “They enjoy authorities that they really shouldn’t be entitled to.”

GCHQ has been accused of deploying tactics such as using honey traps and smearing cyber criminals online. However, the cyber surveillance watchdog has cleared it over the utilization of data obtained through the Prism program (of the NSA) to scrutinize the databases of telecom companies. The government has also passed new laws to allow surveillance in the country, and even rushed legislation through parliament.

The outlook

The UK has not seen the kind of cyber intelligence controversies that have surfaced in Brazil, the US, and Germany over cyber spying. So it isn’t a surprise to see UK universities coming up with such course programs.

The GCHQ certified Masters degrees will assist successful universities in promoting the quality of their courses while helping prospective students make better decisions when searching for a valuable qualification. Such accredited courses will assist employers in differentiating between candidates when hiring cyber security staff.

However, the openness of surveillance by the authorities mean that several students graduating from these courses could end up getting jobs in agencies that engage in mass public monitoring practices. But the effect remains to be seen in the future as GCHQ and other cyber agencies will have to be more transparent about their approach while recruiting new graduates; otherwise there could be more whisteblowers in the making.

That said, the cyber security industry is growing at a staggering pace worldwide, so universities offering these courses means more genuine security experts could emerge from educational institutions. A lot, however, will depend on how the universities approach cyber security coursework and how many chances the students get to engage in the practical side of things.

What are your thoughts? Do you see any future effect on the UK’s cyber intelligence landscape from such courses? Feel free to leave comments.