ACCEPT: Addressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing human-relaTed risks
Lead Research Organisation:
University of Kent
Department Name: Sch of Computing
Abstract
Researchers and practitioners have acknowledged human-related risks among the most important factors in cybersecurity, e.g. an IBM report (2014) shows that over 95% of security incidents involved "human errors". Responses to human-related cyber risks remain undermined by a conceptual problem: the mindset associated with the term 'cyber'-crime which has persuaded us that that crimes with a cyber-dimension occur purely within a (non-physical) 'cyber' space, and that these constitute wholly new forms of offending, divorced from the human/social components of traditional (physical) crime landscapes. In this context, the unprecedented linking of individuals and technologies into global social-physical networks - hyperconnection - has generated exponential complexity and unpredictability of vulnerabilities.
In addition to hyperconnectivity, the dynamic evolving nature of cyber systems is equally important. Cyber systems change far faster than biological/material cultures, and criminal behaviour and techniques evolve in relation to the changing nature of opportunities centring on target assets, tools and weapons, routine activities, business models, etc. Studying networks and relationships between individuals, businesses and organisations in a hyperconnected environment requires understanding of communities and the broader ecosystems. This complex, non-linear process can lead to co-evolution in the medium-longer term.
The focus on cybersecurity as a dynamic interaction between humans and socio-technic elements within a risk ecosystem raises implementation issues, e.g. how to mobilise diverse players to support security. Conventionally they are considered under 'raising awareness', and many initiatives have been rolled out. However, activities targeting society as a whole have limitations, e.g. the lack of personalisation, which makes them less effective in influencing human behaviours.
While there is isolated research across these areas, there is no holistic framework combining all these theoretical concepts (co-evolution, opportunity management, behavioural and business models, ad hoc technological research on cyber risks and cybercrime) to allow a more comprehensive understanding of human-related risks within cybersecurity ecosystems and to design more effective approaches for engaging individuals and organisations to reduce such risks.
The project's overall aim is therefore to develop a framework through which we can analyse the behavioural co-evolution of cybersecurity/cybercrime ecosystems and effectively influence behaviours of a range of actors in the ecosystems in order to reduce human-related risks. To achieve the project's overall aim, this research will:
(1) Be theory-informed: Incorporate theoretical concepts from social, evolutionary and behavioural sciences which provide insights into the co-evolutionary aspect of cybersecurity/cybercrime ecosystems. (2) Be evidence-based: Draw on extensive real-world data from different sources on behaviours of individuals and organisations within cybersecurity/cybercrime ecosystems. (3) Be user-centric: Develop a framework that can provide practical guidance to system designers on how to engage individual end users and organisations for reducing human-related cyber risks. (4) Be real world-facing: Conduct user studies in real-world use cases to validate the framework's effectiveness.
The new framework and solutions it identifies will contribute towards enhanced safety online for many different kinds of users, whether these are from government, industry, the research community or the general public.
This project will involve a group of researchers working in 5 academic disciplines (Computer Science, Crime Science, Business, Engineering, Behavioural Science) at 4 UK research institutes, and be supported by an Advisory Board with 12 international/UK researchers and a Stakeholder Group formed by 12 non-academic partners (including LEAs, NGOs and industry).
In addition to hyperconnectivity, the dynamic evolving nature of cyber systems is equally important. Cyber systems change far faster than biological/material cultures, and criminal behaviour and techniques evolve in relation to the changing nature of opportunities centring on target assets, tools and weapons, routine activities, business models, etc. Studying networks and relationships between individuals, businesses and organisations in a hyperconnected environment requires understanding of communities and the broader ecosystems. This complex, non-linear process can lead to co-evolution in the medium-longer term.
The focus on cybersecurity as a dynamic interaction between humans and socio-technic elements within a risk ecosystem raises implementation issues, e.g. how to mobilise diverse players to support security. Conventionally they are considered under 'raising awareness', and many initiatives have been rolled out. However, activities targeting society as a whole have limitations, e.g. the lack of personalisation, which makes them less effective in influencing human behaviours.
While there is isolated research across these areas, there is no holistic framework combining all these theoretical concepts (co-evolution, opportunity management, behavioural and business models, ad hoc technological research on cyber risks and cybercrime) to allow a more comprehensive understanding of human-related risks within cybersecurity ecosystems and to design more effective approaches for engaging individuals and organisations to reduce such risks.
The project's overall aim is therefore to develop a framework through which we can analyse the behavioural co-evolution of cybersecurity/cybercrime ecosystems and effectively influence behaviours of a range of actors in the ecosystems in order to reduce human-related risks. To achieve the project's overall aim, this research will:
(1) Be theory-informed: Incorporate theoretical concepts from social, evolutionary and behavioural sciences which provide insights into the co-evolutionary aspect of cybersecurity/cybercrime ecosystems. (2) Be evidence-based: Draw on extensive real-world data from different sources on behaviours of individuals and organisations within cybersecurity/cybercrime ecosystems. (3) Be user-centric: Develop a framework that can provide practical guidance to system designers on how to engage individual end users and organisations for reducing human-related cyber risks. (4) Be real world-facing: Conduct user studies in real-world use cases to validate the framework's effectiveness.
The new framework and solutions it identifies will contribute towards enhanced safety online for many different kinds of users, whether these are from government, industry, the research community or the general public.
This project will involve a group of researchers working in 5 academic disciplines (Computer Science, Crime Science, Business, Engineering, Behavioural Science) at 4 UK research institutes, and be supported by an Advisory Board with 12 international/UK researchers and a Stakeholder Group formed by 12 non-academic partners (including LEAs, NGOs and industry).
Planned Impact
The Je-S form's "Academic Beneficiaries" field explains the expected academic impact in detail, so here we focus on economic and societal impact.
The project will benefit citizens and communities they belong to by providing 1) better protection against human-related cyber risks leading to victimisation or harm; 2) better feeling of being safe and secure in cyber(-physical) space due to improved engagement; 3) better education about cyber risks due to more personalised, contextualised and thus easier-to-understand guidelines and recommendations; 4) better value of their personal data via controlled data sharing with trusted stakeholders. As a whole, the project can help foster a better culture of more active collaboration between individuals, communities and other stakeholders to reduce the whole society's risk level to cyber threats.
Product/system/service/social innovation designers will benefit from the project, which will provide clearly-defined and practical design principles and knowledge/understanding based on research and theory, hence improved capacity to generate plausible crime preventive innovations, and integrate security with other requirements.
The project can benefit businesses who are end users of cybersecurity products and services, which include financial institutes, online (not limited to payment) service providers, transportation service (e.g. transportation service, railway and road network) operators and vehicle vendors. Those businesses are key stakeholders of the two use cases in the project, and our work will help them better protect their customers and infrastructures via reduced cyber risks from their customers and employees and increased capacity of engaging users to behave more securely.
NGOs managing cybersecurity and cybercrime awareness activities such as Neighbourhood and Home Watch Network (our research partner) will benefit from the project as the developed framework will provide a more effective way to engage human users and organisations working with government to raise awareness of individual citizens and businesses.
LEAs and governments will benefit from the project in a number of ways: 1) improved policing capacity and efficiency due to more contextualised information received from individual citizens and other organisations via more active engagement of stakeholders; 2) improved relationship with citizens, communities, businesses and NGOs by collaborating with them more closely; 3) better information collection and knowledge presentation tools which can help operation, decision making and internal staff training on cybersecurity and cybercrime.
Policy and law makers will also benefit from the project because the socio-technical framework when applied (widely) to real world will help produce better insights about what is going on in the cybersecurity and cybercrime ecosystems, thus making them more informed to design policies and adapt regulations which will fit more into its purpose and encourage compliance.
Another group of stakeholders who will benefit from the project is cybersecurity product vendors and service providers such as IBM and NCC Group on our Stakeholder Group. They can benefit due to two main reasons: 1) new opportunities to improve/adapt existing products and services; 2) opportunities to create completely new products and services e.g. new data management and user engagement systems which can be used by all the above beneficiaries listed.
Economically speaking, the project can help 1) prevent or reduce costs from user side by reduced victimisation and more informed decisions of end users; 2) enhance trust between consumers and cybersecurity products and services due to improved user experience (which can encourage consumption of such products and services); 3) reduce costs of investigating and pursuing criminals by LEAs with improved policing tools and procedures; 4) create new business opportunities that contribute to the economy directly.
The project will benefit citizens and communities they belong to by providing 1) better protection against human-related cyber risks leading to victimisation or harm; 2) better feeling of being safe and secure in cyber(-physical) space due to improved engagement; 3) better education about cyber risks due to more personalised, contextualised and thus easier-to-understand guidelines and recommendations; 4) better value of their personal data via controlled data sharing with trusted stakeholders. As a whole, the project can help foster a better culture of more active collaboration between individuals, communities and other stakeholders to reduce the whole society's risk level to cyber threats.
Product/system/service/social innovation designers will benefit from the project, which will provide clearly-defined and practical design principles and knowledge/understanding based on research and theory, hence improved capacity to generate plausible crime preventive innovations, and integrate security with other requirements.
The project can benefit businesses who are end users of cybersecurity products and services, which include financial institutes, online (not limited to payment) service providers, transportation service (e.g. transportation service, railway and road network) operators and vehicle vendors. Those businesses are key stakeholders of the two use cases in the project, and our work will help them better protect their customers and infrastructures via reduced cyber risks from their customers and employees and increased capacity of engaging users to behave more securely.
NGOs managing cybersecurity and cybercrime awareness activities such as Neighbourhood and Home Watch Network (our research partner) will benefit from the project as the developed framework will provide a more effective way to engage human users and organisations working with government to raise awareness of individual citizens and businesses.
LEAs and governments will benefit from the project in a number of ways: 1) improved policing capacity and efficiency due to more contextualised information received from individual citizens and other organisations via more active engagement of stakeholders; 2) improved relationship with citizens, communities, businesses and NGOs by collaborating with them more closely; 3) better information collection and knowledge presentation tools which can help operation, decision making and internal staff training on cybersecurity and cybercrime.
Policy and law makers will also benefit from the project because the socio-technical framework when applied (widely) to real world will help produce better insights about what is going on in the cybersecurity and cybercrime ecosystems, thus making them more informed to design policies and adapt regulations which will fit more into its purpose and encourage compliance.
Another group of stakeholders who will benefit from the project is cybersecurity product vendors and service providers such as IBM and NCC Group on our Stakeholder Group. They can benefit due to two main reasons: 1) new opportunities to improve/adapt existing products and services; 2) opportunities to create completely new products and services e.g. new data management and user engagement systems which can be used by all the above beneficiaries listed.
Economically speaking, the project can help 1) prevent or reduce costs from user side by reduced victimisation and more informed decisions of end users; 2) enhance trust between consumers and cybersecurity products and services due to improved user experience (which can encourage consumption of such products and services); 3) reduce costs of investigating and pursuing criminals by LEAs with improved policing tools and procedures; 4) create new business opportunities that contribute to the economy directly.
Related Projects
Project Reference | Relationship | Related To | Start | End | Award Value |
---|---|---|---|---|---|
EP/P011896/1 | 01/04/2017 | 30/11/2017 | £880,980 | ||
EP/P011896/2 | Transfer | EP/P011896/1 | 01/12/2017 | 29/02/2020 | £767,982 |
Description | We identified new use cases that can benefit from the proposed research methodology and adjusted the original use cases. One new use case led to collaboration with another EPSRC project PriVELT (EP/R033749/1) and another one was co-developed with some new collaborators from the University of Greenwich. We significantly evolved the design of the technical framework, and produced a comprehensive new design with many new components. The software prototype is still being developed and will be made available soon. For one use case (location privacy), we conducted a comprehensive survey of existing privacy scales and discovered a simpler way to combine all scales with a much smaller number of questions. A pre-study was performed to help design a large-scale survey, which is to be conducted soon. We also found out that it was much harder to work on use cases requiring real data from law enforcement, so we decided to focus more on cyber security and privacy related use cases, for which we can depend on data collected from participants of our user studies. For crime related use cases, we decided to focus more on theoretical research especially on building cyber crime related ontology. |
Exploitation Route | We will produce a software based technical framework, which will be made publicly available by other researchers and organisations. Most software components are defined in such a way that they can be reused for other purposes, and some will be used in a new EPSRC project PriVELT (EP/R033749/1). If the software becomes popular, we will consider setting up a university spin-out to manage licensing and provide additional services to organisations. |
Sectors | Aerospace, Defence and Marine,Digital/Communication/Information Technologies (including Software),Education,Financial Services, and Management Consultancy,Healthcare,Leisure Activities, including Sports, Recreation and Tourism,Government, Democracy and Justice,Manufacturing, including Industrial Biotechology,Transport |
Description | Beyond Control: The Need for Broader Data Ownership Rights: Briefing Note to Government |
Geographic Reach | National |
Policy Influence Type | Membership of a guideline committee |
URL | https://medium.com/@irene.cl.ng/beyond-control-the-need-for-broader-data-ownership-rights-d3eba688e9... |
Description | Giving Economic Power of Personal Data Back to Citizens: A briefing note to government |
Geographic Reach | National |
Policy Influence Type | Membership of a guideline committee |
Description | Dynamic, Real time, On-demand Personalisation for Scaling (DROPS) |
Amount | £982,155 (GBP) |
Funding ID | EP/R033838/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Academic/University |
Country | United Kingdom |
Start | 08/2018 |
End | 08/2020 |
Description | Human-machine teaming for supporting human decision making to enhance security of cyber-physical systems |
Amount | £87,000 (GBP) |
Organisation | Defence Science & Technology Laboratory (DSTL) |
Sector | Public |
Country | United Kingdom |
Start | 01/2019 |
End | 12/2021 |
Description | Modelling Active Cyber Defence |
Amount | £13,857 (GBP) |
Organisation | Government Communications Headquarters (GCHQ) |
Sector | Public |
Country | United Kingdom |
Start | 01/2018 |
End | 03/2018 |
Description | PRIvacy-aware personal data management and Value Enhancement for Leisure Travellers (PriVELT) |
Amount | £1,138,799 (GBP) |
Funding ID | EP/R033749/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Academic/University |
Country | United Kingdom |
Start | 09/2018 |
End | 09/2021 |
Title | Cyber Domain Specific Risk Attitudes Scale |
Description | Cyber Domain Specific Risk Attitude Scale (CyberDoSpeRT scale) allows to measure individual risk taking and risk perception over risky activities in cyber space. The methodology is described in our working paper: Kharlamov, A., Jaiswal, A., Parry, G., & Pogrebna, G. (2018). "A CYBER DOMAIN-SPECIFIC RISK ATTITUDES SCALE TO ADDRESS SECURITY ISSUES IN THE DIGITAL SPACE", accessible at https://bit.ly/2OTiy2E |
Type Of Material | Model of mechanisms or symptoms - human |
Year Produced | 2018 |
Provided To Others? | Yes |
Impact | The tool is taken up by private sector organisations who apply the tool to measure cybersecurity perceptions of their staff and clients. |
URL | https://bit.ly/2OTiy2E |
Title | Questionnaire for measuring attitudes towards within cyber-physical and transport domains |
Description | Development of a cyber-physical attitudes to risk questionnaire, including attitudes towards new forms of transport o Meta-survey of multiple cyber (IUIPC, EARP)and physical (DOPSERT) surveys to develop a single survey measuring attitudes within both the cyber and physical domain o Includes questions about future transport systems and technologies (MaaS; Connected Cities; Autonomous transport) Final survey developed: 17 question survey, providing four distinct clusters with different attitudes to privacy/risk with the cyber-physical and transport domains. |
Type Of Material | Model of mechanisms or symptoms - human |
Year Produced | 2019 |
Provided To Others? | No |
Impact | No impact yet |
Description | Collaboration with University of Greenwich - Human as a Security Sensor |
Organisation | University of Greenwich |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Project PIs and RAs met and agreed on collaboration |
Collaborator Contribution | Project PIs and RAs met and agreed on collaboration |
Impact | No outcome yet |
Start Year | 2018 |
Description | 'Cyber-attacks bought as easily as online shopping |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | News story covering research |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.ft.com/content/b5273822-548a-11e8-84f4-43d65af59d43 |
Description | 'Global Cybercrime worth $1.5tn a year, study reveals |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | News story covering research |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.computerweekly.com/news/252439584/Global-cyber-crime-worth-15tn-a-year-study-reveals |
Description | A presentation on Future Crime opportunities arising from Artificial Intelligence (AI): Eco-Devo-Evo framework |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Prof Paul Ekblom presented the basic Eco-Devo-Evo framework to a sandpit run by the Dawes Centre for Future Crime.The main outcome was a ranked set of AI-crime scenarios which would then be taken forward to generate research proposals in various ways e.g. PhD, scoping project, main project, funded partly/wholly by the Dawes Centre |
Year(s) Of Engagement Activity | 2019 |
URL | https://www.ucl.ac.uk/jill-dando-institute/research-projects/2019/jan/future-crime-opportunities-ari... |
Description | AI & future crime sandpit |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Other audiences |
Results and Impact | Academia, Government, Commerce & Creative came together to identify, discuss and assess future crimes enabled through AI. We developed and influenced understanding and future focus in Academia, Government, Commerce & Creative. |
Year(s) Of Engagement Activity | 2018 |
Description | Addressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing human-relaTed risks: Healthcare as a use case |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | This is an invited talk at the Global Cyber Security in Healthcare & Pharma Summit 2018, organized by Global Engage in London, UK. |
Year(s) Of Engagement Activity | 2018 |
Description | Article in WIRED in 2019 issue: Decentralised AI has the potential to upend the online economy |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | An article in WIRED magazine's annual issue that looks at how analysing big data on the edge will outclass offerings by more cumbersome centralised systems |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.wired.co.uk/article/decentralised-artificial-intelligence |
Description | BBC News article: Meet the data guardians taking on the tech giants |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | An article in the BBC about whether people care enough to bother about your personal data, featuring project PI Irene Ng speaking on the HAT and how data ownership rights. |
Year(s) Of Engagement Activity | 2019 |
URL | https://www.bbc.co.uk/news/business-47027072 |
Description | Bitcoin is leading to a huge upswing in money laundering, new research says |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | News interview with Fox News covering research |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.foxnews.com/tech/bitcoin-is-leading-to-a-huge-upswing-in-money-laundering-new-research-s... |
Description | Competitive Advantage in the Digital Economy (CADE) 2018 (Venice, Italy) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | The 5th Competitive Advantage in the Digital Economy (CADE) Forum was an exclusive three-day event, bringing together academics and practitioners to discuss the challenges of the digital economy and present the latest cutting edge research. This year saw the CADE Forum enter its fifth year, and specifically, it focused on personal data, smart service systems and digital transformation. CADE's core objective is to facilitate interdisciplinary collaborations and to continue building a platform for the development of a common language for digital economy research. The Forum has already built a reputation for creating new synergies between research groups both at Warwick and other institutions, and emphasis will continue to be placed on this as well as developing collaborative opportunities between participants at CADE. At CADE, emphasis was placed on discussion and collaboration, with plenty of time allocated to both your presentation, the subsequent discussion and additional time between parallel sessions and workshops for further in depth discussions with other participants. For the first time in 2018, the CADE Forum ran four workshops related to the personal data economy: Product Design in the Personal Data Economy; Student Experience and Teaching; Data-Driven Business Models; and Behavioural Visibility in Data (BeVID)- Experiencing New Research Methods with Reality Mining. |
Year(s) Of Engagement Activity | 2018 |
URL | https://warwick.ac.uk/fac/sci/wmg/research/business_transformation/ssg/ssgabout/sswmgactivities/cade... |
Description | Crypto money-laundering: Will crypto help the money-launderers of the future? |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Economist article covering research |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.economist.com/finance-and-economics/2018/04/26/crypto-money-laundering |
Description | Cyber Defence Alliance 3rd Annual Conference |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Industry/Business |
Results and Impact | Profesor Ganna Pogrebna have contributed to the roundtable on "Understanding the Criminal Mind". |
Year(s) Of Engagement Activity | 2018 |
Description | Data ownership, rights and controls: Reaching a common understanding - Discussions at a British Academy, Royal Society and techUK seminar on 3 October 2018 |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Policymakers/politicians |
Results and Impact | Participation at discussions at a British Academy, Royal Society and techUK seminar on 3 October 2018 which provided an opportunity to explore and understand the concept, value and limitations of the idea of 'data ownership'. It considered the sound bases from which to consider and probe the concept of data ownership and discussed issues relating to the ability to exert rights and control over data use. The dialogue was a follow-up to a British Academy and Royal Society seminar on 16 October 2017 that focused on data governance, resulting in a report Data management and use: Governance in the 21st Century. This year's seminar led to the production of a report entitled Data ownership, rights and controls: Reaching a common understanding. |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.thebritishacademy.ac.uk/data-ownership-rights-and-controls-reaching-common-understanding |
Description | FT podcast: Irene Ng on redistributing the economic power of data |
Form Of Engagement Activity | A broadcast e.g. TV/radio/film/podcast (other than news/press) |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | An interview on the FT with project PI Irene Ng on redistributing the economic power of data |
Year(s) Of Engagement Activity | 2018 |
Description | Forbes article - Relaxed, Anxious, Ignorant: Our Attitudes Towards CyberSecurity Are Making The Problem Worse |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | Article in Forbes magazine discussing an August 2018 study conducted by project Co-Is Ganna Pogrebna and Glenn Parry on individuals' perception of cybercrime and behaviour online, and how it can be categorized into four key 'risk attitudes' that vary depending on demographic and environment: opportunistic (worth the risk), anxious (not worth the risk), ignorant (don't know, don't engage) and relaxed (I'm not at risk). |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.forbes.com/sites/charlestowersclark/2018/11/09/relaxed-anxious-ignorant-our-attitudes-to... |
Description | Forbes coverage of CyberDoSPERT scale research |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Media (as a channel to the public) |
Results and Impact | Media coverage of CyberDoSPERT scale research in Forbes - 'Relaxed, Anxious, Ignorant: Our Attitudes Towards CyberSecurity Are Making The Problem Worse' on 9th Nov 2018 |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.forbes.com/sites/charlestowersclark/2018/11/09/relaxed-anxious-ignorant-our-attitudes-to... |
Description | Human Factors in Cyber Security: User authentication as a use case |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | This is an invited keynote speech given to participants of ISWRACS (International Symposium and Workshop on Research Advances in Cyber Security) 2018, organized by the Hindustan Institute of Technology & Science (Hindustan University), India. A significant portion of participants were students from the hosting institution. The speech was delivered remotely via video. |
Year(s) Of Engagement Activity | 2018 |
Description | Human-in-the-Loop (HITL) AI and its Applications in Cyber Security |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | This is an internal event with an industrial partner, SecureData, on discussing potential collaboration. Work done in the project ACCEPT was covered as part of the talk. |
Year(s) Of Engagement Activity | 2018 |
Description | Hybrid Human-Machine Computing: a new paradigm of computing? |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | This was a talk given as an invited OpenTech talk at a cyber security company Clearswift Ltd, which is the cyber arm of the Swiss Defence and Security company RUG. |
Year(s) Of Engagement Activity | 2018 |
Description | Industrial Roundtable on Cybersecurity Information Sharing (2018) |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Industry/Business |
Results and Impact | Professor Ganna Pogrebna have contributed to the follow-up document on Behavioural Analytics for Cybersecurity which was circulated to the participating businesses and beyond. |
Year(s) Of Engagement Activity | 2018 |
Description | Interview with Anna Maria Tremonti on Canadian national radio's "The Current" |
Form Of Engagement Activity | A broadcast e.g. TV/radio/film/podcast (other than news/press) |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Project PI Irene Ng was interviewed by Anna Maria Tremonti of CBC Radio "The Current" on 13 April 2018 about the activities and implications of the breaches in trust that landed Facebook's Mark Zuckerberg in front of Congress. The interviewe also looked at what the Hub of All Things was, and how it would change the data landscape. |
Year(s) Of Engagement Activity | 2018 |
URL | https://medium.com/hub-of-all-things/irene-on-how-very-little-of-our-zetabytes-of-data-is-controlled... |
Description | Keynote Address at The Institution of Engineering and Technology Conference on Behavioural Science in Transport |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | Ganna Pogrebna gave a keynote talk at the Behavioural Science in Transport Event organised on November 5, 2018 by the Institution of Engineering and Technology in London (UK). The talk title was "Behavioural Aspects of the Cybersecurity of Transport". The event was attended by policy makers, practitioners, academics, students, and the general public. |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.theiet.org/events/documents/bst-presentations.cfm |
Description | Keynote Talk at the Data Debate: "Cyber Attacks: Is Artificial Intelligence the New Defence?" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Public/other audiences |
Results and Impact | From drones and ransomware to disinformation, new technologies are enabling new kinds of conflict. Is a cyber attack an act of war? With artificial intelligence poised to revolutionise the speed and impact of attacks, how can we prevent cyberspace turning into a battleground? Prof. Pogrebna was a part of an expert panel on September 14, 2018 at the British Library which discussed these and other issues. The Debate was chaired by writer and broadcaster Timandra Harkness. Timandra presents BBC Radio 4 series, FutureProofing, and has presented the documentaries, Data, Data Everywhere, Personality Politics & The Singularity. |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.youtube.com/watch?v=KIrrA1-O6LE |
Description | MietSpiegel article: Facebook and Google: The Data Guards Fight Back |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Public/other audiences |
Results and Impact | An article in MietSpiegel on how the data guards are fighting back - German version of the BBC article entitled HAT as data guardian |
Year(s) Of Engagement Activity | 2019 |
Description | Nowhere to hide? Privacy challenges and solutions in smart cities: From ANPR to social IoT |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | This is an invited talk at the UK-India Workshop on Managing Privacy in the age of IoT, organized by the City, University of London, UK. |
Year(s) Of Engagement Activity | 2018 |
Description | Poster presentation of ACCEPT at Annual ACE-CSR Conference 2018 |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | This is a poster presented for the project at the NCSC organised Annual ACE-CSR Conference in June 2018. The event was participated by researchers from all ACE-CSRs and UK cyber security Research Institutes, including PhD students, people from government, industry and other organisations. |
Year(s) Of Engagement Activity | 2018 |
Description | Poster presentation of ACCEPT in Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) Public Engagement Event 2018 |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Public/other audiences |
Results and Impact | Two posters were presented by Tasmina Islam. Overall aim of the project and technical framework were explained to the audience through poster presentation and Q&A. |
Year(s) Of Engagement Activity | 2018 |
URL | https://cyber.kent.ac.uk/events.html |
Description | Socio-technical Aspects of Privacy Protection |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | This is an invited keynote speech at PriCom 2018 (4th International Symposium on Privacy Computing), in Boppard, Germany. The event was mainly for researchers but had PhD students attending as well. |
Year(s) Of Engagement Activity | 2018 |
URL | http://www.pricom2018.de/programme/ |
Description | Socio-technical Aspects of Privacy Protection |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | This is an invited keynote speech at PST 2018 (16th Annual Conference on Privacy, Security and Trust), in Belfast, Northern Ireland, UK. |
Year(s) Of Engagement Activity | 2018 |
URL | https://pstnet.ca/pst2018/2018/invited-speakers/#li |
Description | The GDPR, market disrupters and innovators: friends or foes? Article in Privacy Laws & Business UK Report, Issue 96 (March 2018) |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | The HAT was featured in this article about the GDPR in a report by Privacy Laws & Business, which provides an independent privacy laws information service to many of the world's largest companies, specialist lawyers and has over 2000 clients in 53 countries. Its clients include 70% of the Global and UK top ten companies in the Financial Times lists. |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.privacylaws.com/Publications/uk/ |
Description | The GDPR, market disrupters and innovators: friends or foes? Article in Slaughter & May newsletter |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | This article in law firm Slaughter & May's newsletter is a reprint of the article The GDPR, market disrupters and innovators: friends or foes? which appeared in Privacy Laws & Business UK Report, Issue 96 (March 2018) The HAT was featured in this article. Slaughter & May has clients throughout the world. They range from governments to entrepreneurs, from funds to leading banks, from retailers to entertainment companies and from diversified industrial conglomerates to Premier League football clubs. |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.slaughterandmay.com/media/2536727/the-gdpr-market-disrupters-and-innovators-friends-or-f... |
Description | Virtual cash helps cyber-thieves launder money, research suggests |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | News story covering research |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.bbc.co.uk/news/technology-43428264 |
Description | WHY THE GDPR SIGNALS A GREATER BATTLE OVER DATA - Article in LS:N Global |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | An article written by project PI Irene Ng on how regulations such as the GDPR are just the beginning of a new power play between consumers and service providers. This was published on LS:N Global, a subscription-based insights platform that documents new consumer behaviour and key industry trends to give business professionals the confidence to make informed decisions about the future. |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.lsnglobal.com/opinion/article/22233/why-the-gdpr-signals-a-greater-battle-over-data |
Description | Why I Believe We Should Own Our Own Data - The Day |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Schools |
Results and Impact | An excerpt from a 2017 Financial Times article on personal data featuring the HAT appeared in The Day, a daily online newspaper for teenagers focusing on the big issues transforming the world. |
Year(s) Of Engagement Activity | 2018 |
URL | https://theday.co.uk/opinions/why-i-believe-we-should-own-our-own-data |
Description | Wolfson-HAT Annual Symposium on the Digital Person 2018 |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | The Digital Person symposium is an annual event organised by the HAT Community Foundation and Wolfson College Cambridge that discusses personal data from three perspectives: (1) digital personhood, law, freedom and democracy (2) value, economics and markets and (3) data analytics, data science and technology. Symposium participants are drawn from industry captains, policy makers, government representatives, combined with thought leaders from the sciences, humanities and social sciences with discussions relating to law, computer science, history, sociology, entrepreneurship, business, economics and the global society. ConTriVE P-I Irene Ng and Co-I Jon Crowcroft were co-chairs of this This unique cross-disciplinary symposium along with Professor John Naughton. Aside from creating a unique environment for a robust discussion that is relevant and important, the symposium also produced a white paper on the state of the digital person in a connected and digital society. The paper highlighted the issues, opportunities and tensions of the digital person in 2018 and summarised the challenge that can be put into the larger context of the Internet and its implications for society, technology and the economy. |
Year(s) Of Engagement Activity | 2018 |
URL | https://www.hat-lab.org/programs/2018/9/8/output-wolfsonhat-2019 |
Description | Workshop on Refining Evidence-Based Methods in Cyber Security Research |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Other audiences |
Results and Impact | Researchers, practicioners and funding bodies spent two days taking stock in the present state of evidence-based methods in cyber security research, discuss 'what good research looks like' and explore a way ahead to provide a resource for the community and incentivise its uptake. |
Year(s) Of Engagement Activity | 2018 |
URL | https://osf.io/t3c6m/wiki/home/ |