Cyber Security

The Global Cyber Security Capacity Centre

What are we doing?

Our aim is to understand how to deliver effective cyber security both within the UK and internationally. We will make this knowledge available to governments, communities and organisations to underpin the increase of their capacity in ways appropriate to ensuring a cyber space which can continue to grow and innovate in support of well-being, human rights and prosperity for all.

We treat cyber security as a multi-dimensional concept spanning:

  • National and international policy and our ability to effectively deter and defend against cyber attacks.
  • Society, culture and the susceptibility of people to cyber crime, and their views on what is acceptable in terms of apportioning of responsibility for cyber risk and the use of cyber security tools.
  • The availability of a high-quality cyber security-skilled workforce and leadership, across the public, private and voluntary sectors, and the underpinning educational and training platforms required to develop and support them.
  • The legal and regulatory environments at large and their ability to stimulate good cyber security practice and to generally increase the resilience of cyber space and the people and organisations dependent upon it.
  • Availability and use of technology, processes, business models and standards to support control of cyber risk in the home, in the enterprise, across national critical infrastructures and across international cyberspace.

The Centre will research and understand the nuances of capacity across and within these dimensions, the types of activities which can be undertaken in order to deliver and increase capacity, where best practice exists, the conditions under which increase in capacity should be sought, and the ways in which the dimensions relate to and depend upon each other for success.

Why is it important?

Our work is focused on developing a framework for understanding what works and what doesn’t work across all of these dimensions so that we might adopt policies which have the potential to significantly enhance our safety and security in cyber space in ways that respect other core values and interests, such as in privacy and freedom of expression.

Funded by the UK Government we are working with a wide range of global partners, including Governments, international organisations and the private sector.

Visit our website Contact Us


Sadie Creese

Professor Sadie Creese

Professor of Cybersecurity

Principal Investigators

Ivan Arreguín-Toft

Professor Ivan Arreguín-Toft

Departmental Lecturer in Public Policy, Blavatnik School of Government, University of Oxford
Ian Brown

Professor Ian Brown

Associate Director of the Cyber Security Centre, University of Oxford
Paul Cornish

Professor Paul Cornish

Professor of Strategic Studies, University of Exeter
William Dutton

Professor William Dutton

Professor of Internet Studies, Oxford Internet Institute, University of Oxford
Marco Gercke

Professor Dr Marco Gercke

Director of the Cybercrime Research Institute
Michael Goldsmith

Professor Michael Goldsmith

Senior Research Fellow, Dept of Computer Science, University of Oxford
Andrew Martin

Professor Andrew Martin

University Lecturer, Dept of Computer Science, University of Oxford
M. Angela Sasse

Professor M. Angela Sasse

Professor of Human-Centred Technology, Dept of Computer Science, UCL
David Upton

Professor David Upton

American Standard Companies Professor of Operations Management, University of Oxford


Maria Bada

Dr Maria Bada

Research Assistant
Erwin Dotzauer

Dr Erwin Dotzauer

Senior Research Fellow, Dept of Computer Science, University of Oxford
Taylor Roberts

Taylor Roberts

Research Assistant