15 young researchers are getting started. Over the next four years, Ruhr-Universität Bochum (RUB) is coordinating the new state-wide Research Training Group “Human Centered Systems Security – North Rhine-Westphalian Experts on Research in Digitalization”, in short Nerd NRW. In their doctoral studies, the young scientists focus on the human factor in IT security.
Isabel Pfeiffer-Poensgen, Minister of Culture and Science of the state of North Rhine-Westphalia, opened the research training group on 23 March 2018. The Group is based at the Horst Görtz Institute for IT Security (HGI) at the RUB. The doctoral students work in tandems across disciplines and locations. The facility is funded by the state with about four million euros.
Professionals urgently needed
“IT security is central to the success of digitisation. That’s why we need qualified professionals in this field. With the interdisciplinary Research Training Group Nerd NRW we support the academic education of a new generation of IT security experts, and at the same time the networking of IT research locations in North Rhine-Westphalia”, said Pfeiffer-Poensgen at the ceremony at the RUB.
Excellent research at the RUB
“The establishment of the Research Training Group underlines the excellence of our IT security research”, says RUB Rector Prof Dr Axel Schölmerich. “Due to the broad interdisciplinary cooperation, including with the humanities and social sciences, and the close cooperation with the Center for Advanced Internet Studies in Bochum, we are an international leader in cyber security research. In cooperation with the partners in NRW, this is a great asset for the young scientists in the Research Training Group.”
Humans, mistakes, vulnerabilities
The human factor is the focus of the Research Training Group Nerd NRW. Whether as developers or users, IT integrators or system administrators: each of these groups is responsible for IT security and anyone can make mistakes that create vulnerabilities. The young researchers will therefore work on the questions: Where and why do these groups make mistakes? How can they be avoided?
“Nerd NRW covers the entire spectrum of topics in IT security, from the usability of security solutions to industry-specific problems and new cryptographic processes used in instant messaging apps”, says Prof Dr Jörg Schwenk from the HGI, spokesperson for the Research Training Group.
One of the goals is to develop easy-to-use and well-explained end-user solutions that are transparent and tailored to users’ specific needs. The topics covered come from real life, for instance:
- Instant messaging: How secure or insecure are messaging services such as Whatsapp and similar?
- Smart Home: How can you simplify the setup of the various devices at home so that, for instance, your TV is not hacked?
- “Medi-Sec”: How can hospital devices be checked for vulnerabilities? IT in hospitals is of particularly critical importance, but also particularly susceptible to cyber-attacks.
A total of nine universities are involved in the graduate programme; in addition to the RUB, these are the universities of Aachen, Bonn, Paderborn, the University Hospital Münster, the universities of applied sciences of Aachen, Münster, Ruhr-West and the technical university of Cologne. With securing the Research Training Group, the RUB was successful in the “Digital Security” competition of the state of North Rhine-Westphalia.