Section News

Watch Again | A Collection of Recent Cyber Security Webinars

Abstract

In this talk Dr Max Smith-Creasey will explore the emerging technologies that will change the way we authenticate ourselves in the future.

Firstly he will explore the issues with current authentication mechanisms. Secondly, he will introduce the concept of continuous biometric authentication and discuss how such a concept is realised in practice. Lastly, he will cover some of the state-of-the-art works in this field and discuss the emerging research problems in the area.

Abstract

For a typical IoT (Internet of Things) device, different companies might be responsible for building the parts, writing the firmware, managing the device remotely, and providing updated code. Since each party is solving a separate problem, it is easy for security aspects to fall through the cracks. In this webinar, we will discuss how having a single party take responsibility for the end-to-end security of the device, from manufacture to life-cycle management, protects against security threats resulting from the fragmentation of the IoT space.

About the Speaker

Before founding Crypto Quantique, Shahram worked as a self-employed cybersecurity consultant and as a security solutions architect at CyNation, a risk management company. Of his current role, he says, “After years working in the cybersecurity industry, I have seen how companies are continually choosing between expensive and complex security or highly scaled systems without meaningful protection. Recognising the need for a holistic solution that is easy-to-use at scale yet delivers robust and reliable security for everything from connected cars to high-end consumer goods, I founded Crypto Quantique.” Shahram, who lives in London, holds an MSc in Information Security and a PhD in Post-Quantum Cryptography, both from Royal Holloway, University of London.

Abstract

Graph based visualisation supports the exploration of complex data sets, to identify new insights or correlate data based on specific criteria. This presentation demonstrates how graph based visualisation can support the discovery of new insights in two unrelated domains: cyber kill chains and ad-networks. Cyber kill chains demonstrate the various stages of attacks and the associated adversarial tactics, techniques and procedures. Despite their structured and supposedly linear nature, the cyber kill chains associated with sophisticated threat actors can be complex and challenging for practitioners to fully understand.

Ad-networks aim to to profile, track and monitor our use of the Internet, to tailor ads and monetise our usage to support free internet services. On the face of it this seems like a fair trade-off, consumers get free apps, storage, email services etc, in exchange for their data. Unfortunately, ad-networks are largely unregulated and opaque. This makes understanding who is profiling Internet users, aggregating and trading their data challenging. This presentation will detail how the application of graph based visualisations has the potential to address these challenges.

About the Speaker

Dr Rob Hegarty is a computer scientist with a background in academic research. He has recently joined the NMC (National Management Centre) as an Innovation Engineering Professional. Rob’s research interest range across the often contradictory domains of cyber security, digital forensics and privacy. Rob enjoys developing solutions to both established and emerging technological challenges. His current focus is the application of graph based data visualisation to cyber kill chains and ad-networks. The visualisations produced by this work will support exploration of these areas by practitioners and the wider research community.

Rob’s hobbies outside of his research include; home automation, aircraft tracking via ADSB, mountain biking and motorcycling.

Abstract

The onset of the COVID-19 pandemic caused a fundamental shift in societal norms. Billions of people were driven online, relying on technology to enable them to work from home and maintain social ties. In the same period, there was also a surge in cyber-attacks and cyber-crime, with a particular increase in phishing attempts.

This talk explores these cyber-attacks and the implications for individuals, businesses, law enforcement, and governments in a post-COVID world.

About the Speaker

Dr Lynsay A. Shepherd is a Lecturer in Cybersecurity and Human-Computer Interaction at Abertay University, Dundee, and works within the School of Design and Informatics. Lynsay holds a Ph.D. in Usable Security, an M.Sc. in Internet Computing, and a B.Sc. (Hons) in Computing.

Lynsay’s research interests currently focus on the human aspects of cybersecurity, examining end-user security behaviour, and exploring methods to improve security awareness.

Abstract

With a credited rise of 238% in cyberattacks against financial institutions in 2020, 90% of critical infrastructures having reported a breach in the last 2 years, and dwell times ranging from 190 days to 314 days from breach to containment, new techniques for in-network attacker detection are needed.

This talk will provide an overview of the field of cyber-deception and explore its use to deliberately create uncertainty and confusion in an attacker’s mind. With the aim to provide situational awareness to defenders and to influence, manipulate and misdirect an attacker perceptions and decision processes.

About the Speaker

Dr Xavier Bellekens is a Chancellor’s Fellow Assistant Professor with the Department of Electronic and Electrical Engineering at the University of Strathclyde, a Non-resident Fellow of the Scowcroft Center for Strategy and Security at the Atlantic Council, and co-founder of Lupovis.io a start-up focused on dynamic cyber-deception.

His current research interests include critical infrastructure protection and defence as well as cyber deception and deterrence. Xavier is also a co-chair of the IEEE Cyber Science collocated conferences, the Education Cyber-Security Thematic Leader, the Vice-Chair of Cyber-Security Group and the Chair of the Blockchain Group for IEEE UK and Ireland.

In the future, connected and autonomous vehicles (CAVs) will be everywhere. The UK government has already stated their intentions for CAV-ready intelligent roadways to be launched in 10 years. Are we ready for this vision to become a reality?

This talk will discuss both the design considerations for these future roadways and vehicles, and the cyber security threats likely to face them. The results of threat-modelling exercises carried out by F-Secure upon these proposed future systems will be described. This includes a diverse range of threat actors with varying skill levels and goals, from a grumpy guy named Bob who dislikes people speeding through his village all the way up to nation state-level actors targeting foreign infrastructure. It will cover the wonderful world of networked vehicles, the interesting ways that people can target them, and the potential results of these attacks.