RISCS Roundup: 03/12/2019
Welcome to the latest edition of the RISCS Roundup. This is our monthly online update which will showcase the latest activity from across all RISCS projects.
Back in April of this year, RISCS held a two-day community meeting to explore issues of cyber liability and cyber insurance with partners from Zurich and Hiscox. Topics covered in the presentations included the current state of play of the cyber insurance industry, as well as those security challenges facing different sectors from regulatory, operational, socio-technical, behavioural, and business perspectives. The in-depth discussion has inspired a new analysis report. You can read all about the meeting here.
RISCS Round-table Meeting Friday 22nd November 2019
With a view to ensuring the longevity of RISCS, we have spent the last six months evaluating what is working and what could be improved in terms of how we support our own community, how we engage with our stakeholders and those who would benefit from our world class research, and what the role of RISCS is – in the UK and internationally. As a consequence, we produced a paper for our October RISCS Advisory Board meeting that outlined our vision for upcoming changes to RISCS’ structure, activities and research strategy.
Having received the endorsement of our Advisory Board for our proposed new initiatives, we then sought input and feedback from the wider RISCS community through a round table meeting held in London on 22nd November. Thank you very much to all those who participated. For those who were unable to make it along, please do send feedback and comments on this paper to firstname.lastname@example.org
Evaluating Cyber Security Evidence for Policy Advice
A summary of recent activity and achievements by the ECSEPA project
As part of the final dissemination phase of ECSEPA, the team delivered a policy-focused session during a two-day event arranged by the Ministry for Housing, Communities and Local Government (MHCLG) and hosted by St George’s House of Windsor Castle. The session, titled: ‘ECSEPA Project: Policy Challenges in UK Cyber Resilience Building’ drew on ECSEPA project findings to highlight the complexity of the cybersecurity policy landscape and informational issues in policymaking. The coping mechanisms employed by the policy community in their evaluation of cybersecurity evidence were discussed, along with suggestions for how research can better support policymaking. Read the St George’s House report here.
Demonstration of the ECSEPA Map during the UCL STEaPP MPA class: It’s important to academics that their research reaches a wide audience. This usually includes other academics working in a similar field and hopefully includes those who might benefit from it in policy, industry, the third sector or the general public. It’s also exciting to be able to feed our work directly into the classroom, giving our students insight into how and why we carry out research. Dr Alex Chung explains how the ECSEPA interactive UK cybersecurity governance and policy map has been integrated into his teaching of MPA students in the UCL Digital Technologies Policy Lab.
Finally, an ECSEPA project paper was presented at the very dynamic and exciting Data for Policy Conference in June 2019. Click here for the full story.
Read more about ECSEPA here.
Papers and Publications
There have been some fantastic outputs from RISCS projects that we’d like to share. These are obviously a resource for all of us in our research but also for teaching purposes. Do consider these publications for updating your module reading lists if you teach in a relevant area.
Detecting and Preventing Mass Marketing Fraud (PI Professor Monica Whitty)
Sorell, T. & Whitty, M. ‘Online romance scams and victimhood‘, Security Journal (2019) 32: 342.
Whitty, M. (2019) ‘Predicting susceptibility to cyber-fraud victimhood‘, Journal of Financial
Crime, Vol. 26 Issue: 1, pp.277-292.
Whitty, M. (2018). ‘It’s just a game: Developing a framework to understand cyberfraud from a Nigerian cultural perspective‘. International Journal of Cyber Criminology, 12, 89-106.
Whitty, M. (2019) ‘Who can spot an online romance scam?‘, Journal of Financial Crime, Vol. 26 No. 2, pp. 623-633.
Find out more about the DAPM project here
Motivating Jenny to Write Secure Software (PI Professor Helen Sharp)
Lopez, T., Tun, T.T, Bandara, A., Levine, M., Nuseibeh, B. & Sharp, H. (2019) ‘Taking the Middle Path: Learning about Security through Social Interaction’ IEEE Software
Lopez, T., Tun, T.T, Bandara, A., Levine, M., Nuseibeh, B. & Sharp, H. (2019) ‘An Anatomy of Security Conversations in Stack Overflow’ presented at ICSE, 2019 Software Engineering in Society track
Lopez, T., Sharp, H., Tun, T.T., Bandara, A., Levine, M., and Nuseibeh, B. (2019) ‘Hopefully We Are Mostly Secure: Views on Secure Code in Professional Practice’, presented at CHASE 2019, workshop at ICSE 2019
Lopez, T., Sharp, H., Tun, T.T., Bandara, A., Levine, M., and Nuseibeh, B. (2019) ‘Talking about security with professional developers’, presented at CESSER-IP 2019, workshop at ICSE 2019
From the RISCS website…
Early Career Researchers Online Directory (ECR Directory)
We’d like to introduce a new directory on the RISCS website which will feature all Early Career Researchers working on RISCS projects. The searchable directory will feature profiles of ECRs who wish to be included, promoting highlights of their work, research area and contact details. If you would like to be listed in the ECR Directory, please contact Emma Bowman at email@example.com.
The Opportunities page of our website aims to inform the RISCS community of vacancies available in the world of cyber security. If you haven’t yet visited our Opportunities page, be sure to take a look. To advertise a vacancy on the RISCS website please email the details to firstname.lastname@example.org