News • Events • Opportunities

Data Governance Survey – SPRITE+

A message on behalf of our colleague at the Accountability and Ethics in a Digital Ecosystem Challenge Working Group, Part of the EPSRC Security Privacy Identity Trust and Engagement (SPRITE) Network+ You are invited to participate in a survey aimed at exploring the...

Call for applications: RISCS Fellow in Leadership and Culture

We are currently welcoming applications for the position of a RISCS Fellow in Leadership and Culture in an Organisation How can an organisation position itself and what can it put in place to optimise cyber security behaviours and cyber risk decision making? What does...

New RISCS Briefing: Online Victimisation

The impact on victims and implications for cybercrime prevention and response As part of her RISCS Fellowship in Cybercrime, Dr Maria Bada has taken particular interest in the impact of online crime on victims, and how such impact differs from that felt by victims of...

Call for Abstracts – IMPACT2021 Conference

Where? Virtual When? Friday 23rd July 2021 IMPACT connects cyber security researchers with industry insiders to skyrocket human cyber risk management. Last year, we had over 400 delegates from industry and Government join us to hear from the academic...

Annual Report & Project Catalogue 2021

We have recently launched our RISCS Annual Report for 2020 and our first project catalogue. You can take a look a both documents by following this link:

Tackling a phishing problem? Don’t pen test your staff

Professor Angela Sasse, UCL Published as part of the Cyber Readiness for Boards (CR4B) Project. Many companies are concerned about the threat of phishing – employees leaking credentials or allowing malicious code access by clicking  on embedded links or opening...

Building bridges: policy engagement training for our community

How can our research inform policy? Who are policy makers and how do they actually ‘make’ policy?  by Flo Greatrix, RISCS Policy Adviser As the policy adviser for RISCS, I am tasked with improving the dialogue and building relationships between our...

Engaging with Public Policy – online training session

We have limited spaces available for the Engaging with Public Policy training session, organised by the RISCS Policy Adviser - Flo Greatrix. Date: Thursday 15th October 2020.  Time: 11:00 – 16:00 (including a break for lunch).    The “Engaging with...

New RISCS Policy briefing: a framework to assess evidence quality in cyber security policy making

We are thrilled to share our new policy briefing based on the Evaluating Cyber Security Evidence for Policy Advice” (ECSEPA) project led by Professor Madeline Carr (UCL) and Professor Siraj Shaikh (Coventry University). Civil servants across the UK Government are...

Cyber Insurance and Risk Management: Challenges and Opportunities

UCL gates in March 2020 A new playground for underwriters? Corporate boards the world over are scrambling to address the unique challenges of the COVID-19 global pandemic – particularly the impact of social distancing. In addition to the obvious problems this causes...

Research Themes


Understanding how people behave, both individually and in groups, is a central research theme for the Socio-Technical Research Group, RISCS’ partner in the NCSC. But this is mostly focused on those people whose intentions are non-malicious and who simply want to do a good job. 

Digital Responsibility

As we digitise and connect more of our products and services, we need to ensure that cyber security remains inclusive and that everyone is more secure. This theme will include existing research areas such as digital inclusion, digital disadvantage, digital accessibility, and trust, through a cyber security lens. 

Leadership and Culture

Cyber security is central to the health and resilience of any organisation and this places it firmly within the responsibility of the Board. But it also means that enabling and facilitating good cyber security practices spans the whole of an organisation and is not simply the remit of the IT or technical teams.

Anticipation and Prospection

How we, as individuals, organisations, and societies across different time periods, have approached thinking about the future has varied greatly. Today, when we think about predicting the future, we can easily dismiss it as the realm of crystal balls.

Secure Development Practices

Secure by Design is extremely high on HMG’s list of priorities, whether that is to facilitate secure by default IoT commodity products for the consumer or reducing online harm by ensuring that companies have the right processes and systems in place to fulfil their obligations.