ACCEPT: Addressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing human-relaTed risks
Lead Research Organisation:
University of Surrey
Department Name: Computing Science
Abstract
Researchers and practitioners have acknowledged human-related risks among the most important factors in cybersecurity, e.g. an IBM report (2014) shows that over 95% of security incidents involved "human errors". Responses to human-related cyber risks remain undermined by a conceptual problem: the mindset associated with the term 'cyber'-crime which has persuaded us that that crimes with a cyber-dimension occur purely within a (non-physical) 'cyber' space, and that these constitute wholly new forms of offending, divorced from the human/social components of traditional (physical) crime landscapes. In this context, the unprecedented linking of individuals and technologies into global social-physical networks - hyperconnection - has generated exponential complexity and unpredictability of vulnerabilities.
In addition to hyperconnectivity, the dynamic evolving nature of cyber systems is equally important. Cyber systems change far faster than biological/material cultures, and criminal behaviour and techniques evolve in relation to the changing nature of opportunities centring on target assets, tools and weapons, routine activities, business models, etc. Studying networks and relationships between individuals, businesses and organisations in a hyperconnected environment requires understanding of communities and the broader ecosystems. This complex, non-linear process can lead to co-evolution in the medium-longer term.
The focus on cybersecurity as a dynamic interaction between humans and socio-technic elements within a risk ecosystem raises implementation issues, e.g. how to mobilise diverse players to support security. Conventionally they are considered under 'raising awareness', and many initiatives have been rolled out. However, activities targeting society as a whole have limitations, e.g. the lack of personalisation, which makes them less effective in influencing human behaviours.
While there is isolated research across these areas, there is no holistic framework combining all these theoretical concepts (co-evolution, opportunity management, behavioural and business models, ad hoc technological research on cyber risks and cybercrime) to allow a more comprehensive understanding of human-related risks within cybersecurity ecosystems and to design more effective approaches for engaging individuals and organisations to reduce such risks.
The project's overall aim is therefore to develop a framework through which we can analyse the behavioural co-evolution of cybersecurity/cybercrime ecosystems and effectively influence behaviours of a range of actors in the ecosystems in order to reduce human-related risks. To achieve the project's overall aim, this research will:
(1) Be theory-informed: Incorporate theoretical concepts from social, evolutionary and behavioural sciences which provide insights into the co-evolutionary aspect of cybersecurity/cybercrime ecosystems. (2) Be evidence-based: Draw on extensive real-world data from different sources on behaviours of individuals and organisations within cybersecurity/cybercrime ecosystems. (3) Be user-centric: Develop a framework that can provide practical guidance to system designers on how to engage individual end users and organisations for reducing human-related cyber risks. (4) Be real world-facing: Conduct user studies in real-world use cases to validate the framework's effectiveness.
The new framework and solutions it identifies will contribute towards enhanced safety online for many different kinds of users, whether these are from government, industry, the research community or the general public.
This project will involve a group of researchers working in 5 academic disciplines (Computer Science, Crime Science, Business, Engineering, Behavioural Science) at 4 UK research institutes, and be supported by an Advisory Board with 12 international/UK researchers and a Stakeholder Group formed by 12 non-academic partners (including LEAs, NGOs and industry).
In addition to hyperconnectivity, the dynamic evolving nature of cyber systems is equally important. Cyber systems change far faster than biological/material cultures, and criminal behaviour and techniques evolve in relation to the changing nature of opportunities centring on target assets, tools and weapons, routine activities, business models, etc. Studying networks and relationships between individuals, businesses and organisations in a hyperconnected environment requires understanding of communities and the broader ecosystems. This complex, non-linear process can lead to co-evolution in the medium-longer term.
The focus on cybersecurity as a dynamic interaction between humans and socio-technic elements within a risk ecosystem raises implementation issues, e.g. how to mobilise diverse players to support security. Conventionally they are considered under 'raising awareness', and many initiatives have been rolled out. However, activities targeting society as a whole have limitations, e.g. the lack of personalisation, which makes them less effective in influencing human behaviours.
While there is isolated research across these areas, there is no holistic framework combining all these theoretical concepts (co-evolution, opportunity management, behavioural and business models, ad hoc technological research on cyber risks and cybercrime) to allow a more comprehensive understanding of human-related risks within cybersecurity ecosystems and to design more effective approaches for engaging individuals and organisations to reduce such risks.
The project's overall aim is therefore to develop a framework through which we can analyse the behavioural co-evolution of cybersecurity/cybercrime ecosystems and effectively influence behaviours of a range of actors in the ecosystems in order to reduce human-related risks. To achieve the project's overall aim, this research will:
(1) Be theory-informed: Incorporate theoretical concepts from social, evolutionary and behavioural sciences which provide insights into the co-evolutionary aspect of cybersecurity/cybercrime ecosystems. (2) Be evidence-based: Draw on extensive real-world data from different sources on behaviours of individuals and organisations within cybersecurity/cybercrime ecosystems. (3) Be user-centric: Develop a framework that can provide practical guidance to system designers on how to engage individual end users and organisations for reducing human-related cyber risks. (4) Be real world-facing: Conduct user studies in real-world use cases to validate the framework's effectiveness.
The new framework and solutions it identifies will contribute towards enhanced safety online for many different kinds of users, whether these are from government, industry, the research community or the general public.
This project will involve a group of researchers working in 5 academic disciplines (Computer Science, Crime Science, Business, Engineering, Behavioural Science) at 4 UK research institutes, and be supported by an Advisory Board with 12 international/UK researchers and a Stakeholder Group formed by 12 non-academic partners (including LEAs, NGOs and industry).
Planned Impact
The Je-S form's "Academic Beneficiaries" field explains the expected academic impact in detail, so here we focus on economic and societal impact.
The project will benefit citizens and communities they belong to by providing 1) better protection against human-related cyber risks leading to victimisation or harm; 2) better feeling of being safe and secure in cyber(-physical) space due to improved engagement; 3) better education about cyber risks due to more personalised, contextualised and thus easier-to-understand guidelines and recommendations; 4) better value of their personal data via controlled data sharing with trusted stakeholders. As a whole, the project can help foster a better culture of more active collaboration between individuals, communities and other stakeholders to reduce the whole society's risk level to cyber threats.
Product/system/service/social innovation designers will benefit from the project, which will provide clearly-defined and practical design principles and knowledge/understanding based on research and theory, hence improved capacity to generate plausible crime preventive innovations, and integrate security with other requirements.
The project can benefit businesses who are end users of cybersecurity products and services, which include financial institutes, online (not limited to payment) service providers, transportation service (e.g. transportation service, railway and road network) operators and vehicle vendors. Those businesses are key stakeholders of the two use cases in the project, and our work will help them better protect their customers and infrastructures via reduced cyber risks from their customers and employees and increased capacity of engaging users to behave more securely.
NGOs managing cybersecurity and cybercrime awareness activities such as Neighbourhood and Home Watch Network (our research partner) will benefit from the project as the developed framework will provide a more effective way to engage human users and organisations working with government to raise awareness of individual citizens and businesses.
LEAs and governments will benefit from the project in a number of ways: 1) improved policing capacity and efficiency due to more contextualised information received from individual citizens and other organisations via more active engagement of stakeholders; 2) improved relationship with citizens, communities, businesses and NGOs by collaborating with them more closely; 3) better information collection and knowledge presentation tools which can help operation, decision making and internal staff training on cybersecurity and cybercrime.
Policy and law makers will also benefit from the project because the socio-technical framework when applied (widely) to real world will help produce better insights about what is going on in the cybersecurity and cybercrime ecosystems, thus making them more informed to design policies and adapt regulations which will fit more into its purpose and encourage compliance.
Another group of stakeholders who will benefit from the project is cybersecurity product vendors and service providers such as IBM and NCC Group on our Stakeholder Group. They can benefit due to two main reasons: 1) new opportunities to improve/adapt existing products and services; 2) opportunities to create completely new products and services e.g. new data management and user engagement systems which can be used by all the above beneficiaries listed.
Economically speaking, the project can help 1) prevent or reduce costs from user side by reduced victimisation and more informed decisions of end users; 2) enhance trust between consumers and cybersecurity products and services due to improved user experience (which can encourage consumption of such products and services); 3) reduce costs of investigating and pursuing criminals by LEAs with improved policing tools and procedures; 4) create new business opportunities that contribute to the economy directly.
The project will benefit citizens and communities they belong to by providing 1) better protection against human-related cyber risks leading to victimisation or harm; 2) better feeling of being safe and secure in cyber(-physical) space due to improved engagement; 3) better education about cyber risks due to more personalised, contextualised and thus easier-to-understand guidelines and recommendations; 4) better value of their personal data via controlled data sharing with trusted stakeholders. As a whole, the project can help foster a better culture of more active collaboration between individuals, communities and other stakeholders to reduce the whole society's risk level to cyber threats.
Product/system/service/social innovation designers will benefit from the project, which will provide clearly-defined and practical design principles and knowledge/understanding based on research and theory, hence improved capacity to generate plausible crime preventive innovations, and integrate security with other requirements.
The project can benefit businesses who are end users of cybersecurity products and services, which include financial institutes, online (not limited to payment) service providers, transportation service (e.g. transportation service, railway and road network) operators and vehicle vendors. Those businesses are key stakeholders of the two use cases in the project, and our work will help them better protect their customers and infrastructures via reduced cyber risks from their customers and employees and increased capacity of engaging users to behave more securely.
NGOs managing cybersecurity and cybercrime awareness activities such as Neighbourhood and Home Watch Network (our research partner) will benefit from the project as the developed framework will provide a more effective way to engage human users and organisations working with government to raise awareness of individual citizens and businesses.
LEAs and governments will benefit from the project in a number of ways: 1) improved policing capacity and efficiency due to more contextualised information received from individual citizens and other organisations via more active engagement of stakeholders; 2) improved relationship with citizens, communities, businesses and NGOs by collaborating with them more closely; 3) better information collection and knowledge presentation tools which can help operation, decision making and internal staff training on cybersecurity and cybercrime.
Policy and law makers will also benefit from the project because the socio-technical framework when applied (widely) to real world will help produce better insights about what is going on in the cybersecurity and cybercrime ecosystems, thus making them more informed to design policies and adapt regulations which will fit more into its purpose and encourage compliance.
Another group of stakeholders who will benefit from the project is cybersecurity product vendors and service providers such as IBM and NCC Group on our Stakeholder Group. They can benefit due to two main reasons: 1) new opportunities to improve/adapt existing products and services; 2) opportunities to create completely new products and services e.g. new data management and user engagement systems which can be used by all the above beneficiaries listed.
Economically speaking, the project can help 1) prevent or reduce costs from user side by reduced victimisation and more informed decisions of end users; 2) enhance trust between consumers and cybersecurity products and services due to improved user experience (which can encourage consumption of such products and services); 3) reduce costs of investigating and pursuing criminals by LEAs with improved policing tools and procedures; 4) create new business opportunities that contribute to the economy directly.
Publications
Perroni C
(2019)
Are Donors Afraid of Core Costs? Economies of Scale and Contestability in Charity Markets*
in The Economic Journal
Li Z
(2017)
Attitudes to Uncertainty in a Strategic Setting*
in The Economic Journal
Pogrebna G
(2018)
Female babies and risk-aversion: Causal evidence from hospital wards
in Journal of Health Economics
Ng, Irene C L
(2017)
Hub of All Things: Creating a Shared Purpose Service Ecosystem
Borrion H
(2020)
Measuring the resilience of criminogenic ecosystems to global disruption: A case-study of COVID-19 in China.
in PloS one
Butler D.J.
(2018)
Predictably intransitive preferences
in Judgment and Decision Making
Yuryna Connolly A
(2022)
Reducing Ransomware Crime: Analysis of Victims' Payment Decisions
in Computers & Security
Del Vecchio M
(2018)
The Data Science of Hollywood: Using Emotional Arcs of Movies to Drive Business Model Innovation in Entertainment Industries
in SSRN Electronic Journal
Borrion H
(2020)
The Problem with Crime Problem-Solving: Towards a Second Generation Pop?
in The British Journal of Criminology
Description | This project's entry point changed and new findings and outcomes are shown under EP/P011896/2. |
Exploitation Route | The project's publications and data produced can be used by others to better design user-centric cyber security solutions. |
Sectors | Aerospace Defence and Marine Communities and Social Services/Policy Digital/Communication/Information Technologies (including Software) Education Electronics Financial Services and Management Consultancy Healthcare Government Democracy and Justice Culture Heritage Museums and Collections Security and Diplomacy Transport |
URL | http://accept.cyber.kent.ac.uk/ |
Description | The project involved human participants and industrial stakeholders, so some non-academic impacts were generated as part of the research. Wider impacts are still be to seen since the project just ended in 12/2020 and outcomes are still in a low TRL level (for research purposes only). |
First Year Of Impact | 2020 |
Sector | Aerospace, Defence and Marine,Communities and Social Services/Policy,Digital/Communication/Information Technologies (including Software),Education,Electronics,Energy,Financial Services, and Management Consultancy,Healthcare,Government, Democracy and Justice,Culture, Heritage, Museums and Collections,Security and Diplomacy,Transport |
Impact Types | Cultural Societal Economic Policy & public services |
Description | Gianluca Stringhini gave evidence to UK Parliament on "Foreign policy in changed world conditions" |
Geographic Reach | National |
Policy Influence Type | Contribution to a national consultation/review |
URL | http://parliamentlive.tv/event/index/e71e81ae-0e37-41d5-8827-67be7c8ea628 |
Title | A searchable database of key cybersecurity incidents between 2010-2016 |
Description | A database for research purposes |
Type Of Material | Database/Collection of data |
Year Produced | 2018 |
Provided To Others? | No |
Impact | We are still working on it so no outcome has been generated. |
Title | Cyber crime computational ontology and knowledge base |
Description | A computational ontology and knowledge base is being developed to capture information around cyber crime for guiding development of computational tools for prevention purposes. |
Type Of Material | Database/Collection of data |
Year Produced | 2017 |
Provided To Others? | No |
Impact | We are still working on it and have not published it. So impact has been generated. |
Description | Collaboration with Universities of Surrey and Warwick on a project bid for EPSRC TIPS2 call |
Organisation | University of Surrey |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Co-developed a research bid on privacy protection for leisure travellers |
Collaborator Contribution | Co-developed a research bid on privacy protection for leisure travellers |
Impact | The bid was not successful, but led to the setup of a nation wide mailing list (https://www.jiscmail.ac.uk/cgi-bin/webadmin?A0=CYBERSECURITY-TIPS). The collaboration is multi-disciplinary, involving people from all subjects relevant for cyber security. |
Start Year | 2018 |
Description | Collaboration with Universities of Surrey and Warwick on a project bid for EPSRC TIPS2 call |
Organisation | University of Warwick |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Co-developed a research bid on privacy protection for leisure travellers |
Collaborator Contribution | Co-developed a research bid on privacy protection for leisure travellers |
Impact | The bid was not successful, but led to the setup of a nation wide mailing list (https://www.jiscmail.ac.uk/cgi-bin/webadmin?A0=CYBERSECURITY-TIPS). The collaboration is multi-disciplinary, involving people from all subjects relevant for cyber security. |
Start Year | 2018 |
Description | Collaboration with Universities of Twente and Portsmouth on cyber crime |
Organisation | University of Portsmouth |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Co-developed a new research proposal on cyber crime |
Collaborator Contribution | Co-developed a new research proposal on cyber crime |
Impact | The collaboration led to a joint research bid to the Home Office / RISCS call on multi-year project "Understanding cyber offenders, criminal careers and business models". The bid was unsuccessful and no further collaboration took place. |
Start Year | 2018 |
Description | Collaboration with Universities of Twente and Portsmouth on cyber crime |
Organisation | University of Twente |
Country | Netherlands |
Sector | Academic/University |
PI Contribution | Co-developed a new research proposal on cyber crime |
Collaborator Contribution | Co-developed a new research proposal on cyber crime |
Impact | The collaboration led to a joint research bid to the Home Office / RISCS call on multi-year project "Understanding cyber offenders, criminal careers and business models". The bid was unsuccessful and no further collaboration took place. |
Start Year | 2018 |
Description | A journal special issue on cyber crime |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Co-editing a special issue on Cybercrime: interdisciplinary approaches to cutting crime and victimisation in cyber space, to be published in the open access journal Crime Science: An Interdisciplinary Journal by Springer. |
Year(s) Of Engagement Activity | 2018 |
URL | https://crimesciencejournal.springeropen.com/cybercrime |
Description | A tutorial on "Human Factors in Cyber Security: User authentication as a use case" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | An invited 3-hour tutorial as an invited guest speaker at the 2017 Summer School on "Human Factor in Systems Safety and Security", organized by the Department of Computing and Informatics, Bournemouth University, UK and sponsored by the IEEE Systems, Man and Cybernetics (SMC) Society. |
Year(s) Of Engagement Activity | 2017 |
URL | https://www.eventbrite.co.uk/e/human-factors-in-systems-safety-and-security-tickets-33332437217 |
Description | An interview with Sussex Police's Cyber Crime Unit |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Professional Practitioners |
Results and Impact | An interview with two police officers working at Cyber Crime Unit of Sussex Police, for getting input about use cases of cyber crime. |
Year(s) Of Engagement Activity | 2017 |
Description | An invited talk on "Human Factors in Cyber Security: User authentication as a use case" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | An invited talk at ISWRACS (International Symposium and Workshop on Research Advances in Cyber Security) 2018, organized by the Hindustan Institute of Technology & Science (Hindustan University), India |
Year(s) Of Engagement Activity | 2018 |
Description | An invited talk on "Project ACCEPT (Addressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing human-relaTed risks)" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | An invited talk at Workshop on Economics and Human Aspects of Cyber-Security, organized by the School of Economics, University of Kent, UK in Canterbury, UK |
Year(s) Of Engagement Activity | 2017 |
URL | https://www.kent.ac.uk/economics/research/micro-group/events/workshop-20-nov17.html |
Description | An invited talk on "Research Institute in Science of Cyber Security (RISCS) and Project ACCEPT (Addressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing human-relaTed risks)" and a panel discussion on Cyber Security |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | An invited talk and a panel discussion at the 21st LAPFF (Local Authority Pension Fund Forum) Conference 2017, Bournemouth, UK. |
Year(s) Of Engagement Activity | 2017 |
Description | Competitive Advantage in the Digital Economy (CADE) 2017 (Venice, Italy) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | The CADE Forum 2017 was an exclusive three-day forum held in Venice, Italy, bringing together academic and practitioner speakers to educate and to discuss the state of the art with PhD students, early career researchers and practitioners working within the digital economy. This year saw CADE enter its fourth year, following three successful years during which CADE grew from a predominately Western European forum to a European conference welcoming participants from Eastern Europe. In 2017, CADE Forum became a global event, with applicants from the USA and Australia, highlighting the increased importance of the digital economy and the Forum's relevance and popularity. This year, CADE also merged with WMG's Service Systems Forum to become a single event, tackling the topic of Smart Service Systems, Digital Innovation, Privacy and Trust. During CADE 2017, internationally-recognised thought leaders from a variety of subjects including Marketing, Service Management, Operations Management, Supply Chain Management and Computer Science shared their thoughts and latest research about the digital economy. The CADE Forum aims to discuss the current state of the art in the digital economy, with a focus not just on presenting the latest research, but also on opening up avenues for future research with a lengthy discussion session following the presentations. This year was no exception, with thought leaders presenting various cutting-edge research topics whilst simultaneously addressing a number of increasingly important issues that left open the possibility for future research. As well as the keynotes, for the first time in CADE's history this year saw the inclusion of parallel sessions, which gave participants the opportunity to present and then discuss their own research. With the format of CADE placing emphasis on discussion, participants were given up to 15 minutes each to present their research, followed by a short discussion. With topics ranging from the future of blockchain, to participation styles of young people in virtual worlds, these presentations provided a broad and thought-provoking insight into the type of research being conducted in the digital economy. Awards were also offered for best paper (overall), most relevant to practice and unique methodological approach. Much discussion also took place during CADE 2017's panel session, which saw the Forum's keynote speakers and scientific committee take open questions from participants. The first question drove a long discussion around the future of digital economy research and teaching. This question asked broadly: what needs to be done to advance digital economy research across disciplines, how can we encourage multidisciplinary work within the digital economy and how do we teach the additional knowledge created within said research. Interestingly, whilst the question's focus was on the first two areas, it was the teaching component that received considerable attention. The keynote speakers suggested different approaches, including interactive lectures, lectures from industry on best practice within the digital economy given that industry is seemingly ahead of academia in the digital economy at present (a gap that the Forum agreed needs closing), and creating a more comprehensive extra-curricular reading list which would subsequently be tested in class to ensure the reading is being completed. However, in view of the exponential amount of new knowledge coming into the world through ground-breaking research that needs to be learned and absorbed by students, imparting this effectively remains a considerable challenge for academia, and it is one that the Forum's panel put forth to the participants to solve, as they will be the ones teaching the research in the years to come. |
Year(s) Of Engagement Activity | 2017 |
URL | https://warwick.ac.uk/fac/sci/wmg/research/business_transformation/ssg/ssgabout/sswmgactivities/cade... |
Description | Data Needs to Be More Personal in the 21st Century - Inc Magazine article |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | HAT featured in an article on Inc magazine's website about how consumers want more data privacy and how that's a big opportunity for entrepreneurs |
Year(s) Of Engagement Activity | 2017 |
URL | https://www.inc.com/drew-hendricks/data-needs-to-be-more-personal-in-the-21st-century.html |
Description | From GDPR to blockchain, we're getting more power over our data - The WIRED World in 2018 article |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Article authored by project PI Professor Irene Ng on private data accounts hosted by data stores like the Hub of All Things (HAT) may be the first step towards the internet as a civil society, paving the way for a governing system where digital citizens, in the form of their private micro-server data account, do not merely have to depend on legislation to champion their private rights, but also have the economic power to enforce them as well. |
Year(s) Of Engagement Activity | 2018 |
URL | http://www.wired.co.uk/article/gdpr-personal-data-private-data-accounts |
Description | HAT Track at 5th Naples Forum on Service |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Other audiences |
Results and Impact | The HAT parallel session on Digitization and Datafication of Services took a data-driven perspective of Service Science, Service-Dominant Logic, and Network Theory in order to better explore the implications, challenges and direction of further digitization among services. It was a track of the 5th Naples Forum on Service, held in Sorrento, Italy on June 6-9, 2017 |
Year(s) Of Engagement Activity | 2017 |
Description | HHMC 2017 (Workshop on Hybrid Human-Machine Computing) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | A workshop co-sponsored by the COMMANDO-HUMANS project and chaired by the project's PI. It covers two related work from the COMMANDO-HUMANS project. |
Year(s) Of Engagement Activity | 2017 |
URL | http://hhmc2017.commando-humans.net/ |
Description | Interviews with 5 cybersecurity experts on dynamic/evolutionary aspects of data breaches |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | Ethnographic interviews for better understanding of dynamic/evolutionary aspects of data breaches. |
Year(s) Of Engagement Activity | 2017,2018 |
Description | Let's make this the year we reclaim control of our data - The WIRED World in 2018 |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Article authored by project Co-I Jon Crowcroft on how differential privacy, homomorphic encryption, and GDPR could help consumers wrestle back control of their personal information |
Year(s) Of Engagement Activity | 2018 |
URL | http://www.wired.co.uk/article/2018-data-privacy-control |
Description | Media interviews & briefings with journalists |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | This was done for the The Web of Profit project and the EPSRC funded ACCEPT project by Michael McGuire. The journalists were from Computer Weekly, New Statesman, and Dark Reading. |
Year(s) Of Engagement Activity | 2017 |
Description | Our personal data are precious - we must take back control - Financial Times |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | Article in the Financial Times about the HAT and its role in helping individuals reclaim future personal data control |
Year(s) Of Engagement Activity | 2017 |
URL | https://www.ft.com/content/3278e6dc-67af-11e7-9a66-93fb352ba1fe |
Description | Oxford Union talk on Decentralisation |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Media (as a channel to the public) |
Results and Impact | Spoke about decentralization on the Oxford Union web series, a YouTube channel with more than a million subscribers. |
Year(s) Of Engagement Activity | 2021 |
URL | https://www.youtube.com/watch?v=Dzk-b-B3U9I&t=2449s |
Description | Personal Data as an Asset: Design and Incentive Alignments in a Personal Data Economy |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Industry/Business |
Results and Impact | Presentation argued that a person-controlled personal data (PPD), technologically, legally and economically architected such that the individual owns a personal micro-server and therefore have full rights to the data within, much like owning a PC or a smartphone, is potentially a route to reducing transaction costs and innovating in the personal data economy. There was good engagement through discussion and debate. |
Year(s) Of Engagement Activity | 2018 |
URL | https://infolawcentre.blogs.sas.ac.uk/2018/01/17/personal-data-as-an-asset-design-and-incentive-alig... |
Description | Prof Shujun Li gave a keynote talk at one of the ysec (Why Security) Online Webinar Series, organized by the Information Security Technical Committee of the Shanghai Computer Society and Shanghai Jiao Tong University |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Professor Shujun Li gave a keynote talk on "When Humans and Computers Come Together: Cyber Security, HCI, AI and Beyond", part of the ysec (Why Security) Online Webinar Series, organized by the Information Security Technical Committee of the Shanghai Computer Society and Shanghai Jiao Tong University, held virtually online |
Year(s) Of Engagement Activity | 2023 |
Description | Prof Shujun Li gave an invited talk at EIS 2023 (6th Global Emerging Innovation Summit) |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Professor Shujun Li gave an invited talk on "From AI for (Cyber) Security to Trustworthy and Responsible AI", part of the EIS 2023 (6th Global Emerging Innovation Summit). |
Year(s) Of Engagement Activity | 2023 |
URL | https://eis23.org/ |
Description | Prof Shujun Li gave an invited talk at the 2024 GOETEC Annual Conference |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Professor Shujun Li gave an invited talk on "Developing the Regional Cyber Security Ecosystem in Kent and Medway", part of the 2024 GOETEC Annual Conference, held at the University of Kent, Canterbury, UK |
Year(s) Of Engagement Activity | 2023 |
URL | https://goetec.ac.uk/ |
Description | Prof Shujun Li gave an invited talk to the School of Cyber Science and Engineering, Southeastern University, China |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Postgraduate students |
Results and Impact | Professor Shujun Li gave an invited talk on "Privacy through the Lens of Data Flows", organized by the School of Cyber Science and Engineering, Southeastern University, China. |
Year(s) Of Engagement Activity | 2023 |
URL | https://cyber.seu.edu.cn/2023/1009/c20213a467792/page.psp |
Description | Provocation paper for Royal Society: Data management and use: governance in the 21st century |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Policymakers/politicians |
Results and Impact | A provocation paper submitted for discussions at a British Academy and Royal Society seminar on 16 October 2017 that focused on data governance, resulting in a report Data management and use: Governance in the 21st Century that addressed the changing data landscape and recommended a principled approach to data governance, and called for stewardship of the entire data governance landscape. |
Year(s) Of Engagement Activity | 2017 |
URL | https://royalsociety.org/~/media/policy/Publications/2017/Data_management_and_use_governance_in_the_... |
Description | SPCPS 2017 (Workshop on Security and Privacy in Cyber-Physical Systems 2017) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | A workshop organised at IEEE CYBCONF 2017 (3rd IEEE International Conference on Cybernetics) |
Year(s) Of Engagement Activity | 2017 |
Description | Talk on co-evolution based modelling of cybersecurity |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Two talks, one at a meeting of the American Society of Criminology in Philadelphia in November 2017, and another one at a meeting of the European Society of Criminology in Cardiff in September 2017. |
Year(s) Of Engagement Activity | 2017 |
Description | The New Data Economy - Connect-World.com |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Article by Irene Ng on the new data economy |
Year(s) Of Engagement Activity | 2017 |
URL | http://connect-world.com/2017/11/30/new-data-economy/ |
Description | Wolfson-HAT Annual Symposium on the Digital Person 2017 |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | The Wolfson-HAT Annual Symposium on the Digital Person 2017 served to raise awareness on the topic of personal data and discuss issues relating to personal data in the Internet Economy. Organised by the HAT Community Foundation with Wolfson College Cambridge, the symposium was a series of four panel discussions held over four weeks in March and April 2017 to explore critical issues around the uses (and abuses) of our personal data, as well as the wider questions of the Digital Person, freedom, identity, security and innovation. With broad-ranging appeal, the series was designed to interest practitioners and policy makers, as well as academics in the sciences, humanities and social sciences with discussions relating to law, computer science, history, sociology, entrepreneurship, business, economics and the global society. |
Year(s) Of Engagement Activity | 2017 |
URL | https://hatresearch.org/wolfson-hat-symposium-digital-person/ |
Description | Workshop with British Transport Police |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | The presentations on the ACCEPT project and the Co-evolution framework ; Questions based on our ontology/framework were discussed. After the workshop, the participants gained more understanding of the ACCEPT project, the approaches/framework employed, the value of the project and the benefits of their engagement. I suggest that we need to conduct follow up interviews to further probe the questions and to develop the ontology framework. |
Year(s) Of Engagement Activity | 2017 |
Description | Workshop with Lloyds Banking group |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | Local |
Primary Audience | Industry/Business |
Results and Impact | ACCEPT project and the Co-evolution framework were presented. . Questions based on our ontology/framework materials were discussed. After the workshop, the participants gained more understanding of the ACCEPT project, the approaches/framework employed, the value of the project and the benefits of their engagement. I suggest that we need to conduct follow up interviews to further probe the questions and to develop the ontology framework. |
Year(s) Of Engagement Activity | 2017 |