UK centre leading the way in security research
Whether you need to understand the behaviour of terrorists or potential risks of employees in sensitive positions, the role of research and evidence in identifying and mitigating these risks is essential.
In 2015 the UK started a programme to fund and apply research to these security driven questions. The Centre for Research and Evidence on Security Threats (CREST) is funded by the UK’s security and intelligence agencies to identify and produce social science that enhances our understanding of security threats and our capacity to counter them.
Led by Lancaster University, in collaboration with the universities of Bath, Birmingham, Cranfield, Portsmouth and West England, it has established an international network of over 80 researchers, commissioned research in priority areas, and begun to tackle some of the field’s most pressing questions.
CREST security research
CREST brings together the UK’s top economic, behavioural and social scientists with partners in industry and government to break new ground in our understanding of and capacity to counter contemporary security threats. As well as conducting world-class, independent research, this work stimulates public and professional debate, connects disciplinary communities, informs security policy and practice, as well as providing training to research leaders of the future. This innovative and open partnership not only benefits the UK security and intelligence agencies through cutting edge applied research, but is also helping to build capacity in related research relevant to the UK’s large and small business sector, critical infrastructure, policy development and community organisations.
Commissioning independent research as well as synthesising the best of existing knowledge, CREST has programmes investigating a broad variety of security problems. These include: examining how extremist ideologies are transmitted and countered; exploring online behaviour and its connections to offline behaviour; developing effective ethical deception detection techniques and research into protective security and risk assessment; as well as shorter programmes including understanding terrorists’ perceptions of risk; and decision-making by the emergency services during critical incidents.
In CREST’s programme on protective security, for example, research demonstrates how security cannot be achieved through technology alone. Protective security depends on us understanding how physical, personnel and cyber vulnerabilities are exploited by hackers, criminal gangs, terrorist groups and hostile powers. Leading the protective security and risk theme of CREST, Professor Debi Ashenden’s research looks at employees who fail to follow security processes (either intentionally or inadvertently), in particular those who sit at the intersection of these two states. The research draws on findings from two recent projects that highlighted the way that language can be used to change security behaviours, and the importance of productive dialogues between security practitioners and employees in the management of risk. Future research on this will look at extending these ideas and exploring the notion that we need to move towards relationship-based security rather than relying on security provided by technology.
CREST shapes police actions
CREST research on information elicitation, which includes telling when someone is lying, is shaping the way police and other agencies interview witnesses, victims and suspects. Led by Professor Aldert Vrij, this research has informed short accessible guides to particular techniques which can be used by investigators and interviewers. These focus on communicative techniques rather than mechanical methods – interviewing can be cheaper and has a less contentious evidence base than the polygraph machine, for example. One technique is to look for the amount of checkable detail an interviewee gives. Liars know that more detail in a statement makes it look more truthful, but are hamstrung by the risk of that detail being checked and found false. So they tend to provide detail that they think can’t be checked – “I was at home reading a really interesting article about research on security threats” is a detail that can’t be verified. “I was reading an interesting vignette about deception detection on the tube – you’ll see me on the CCTV” is a detail which can be verified. Regardless of whether the investigator checks the CCTV or not, the very fact that that kind of checkable detail is given suggests that the statement (or that part of it) is truthful.
Using academic research on these techniques and topics to provide sound evidence is essential in a field where the stakes are so high. Whether we’re running a business or the country, or looking for a safe and secure home and work environment, having confidence in the tools and techniques that people use to provide that security is really important. CREST’s research sits on the frontline of that effort – pulling together global expertise from practitioners and researchers to produce evidence that people can understand and use.
Dr Matthew Francis
Researcher at Lancaster University and CREST’s Communications Director.