In last week's article, I mentioned how difficult it was going to be for me to choose which sessions to attend at CyberUK 2016. When you read about the Research and Innovation space - the second of our four conference tracks - you'll hopefully understand why!
Susan, our Technical Director for IA Science, has done a fantastic job in getting some of the UK's leading cyber security researchers involved. The track begins with Professor Angela Sasse, the Director of the Research Institute in the Science of Cyber Security at UCL, asking how we can know if our efforts to raise security awareness are working. Knowing Angela, I am sure she will have some extremely thought provoking ideas on this.
We then have a talk from Stephen Curtis at the Centre of Excellence for Information Sharing, which presents the compelling need for security that enables information sharing. He'll argue that we need to consider not just the risk of data loss, but also the risk of failing to share information.
Following lunch, Dr. Jose Such and Dr. Kami Vaniea will both talk about two topics I really care about - Cyber Essentials - and then Kami will examine the human factors affecting when and how people apply software patches. The final session of the day will be a panel, involving academics, industry and public sector members, discussing 'What most needs to change in cyber security today?' - an appropriate subject as we plan the new National Cyber Security Centre.
We've been interested in security modelling for some time, and the first session on day two considers two different perspectives. Dr. Andrew Fielder talks about the challenges in modelling the cost effectiveness of sets of security controls, and Dr. Simon Walton looks at the role of visual analytics in the context of insider threat detection.
The final session of track two picks up the 'topic de jour', distributed ledgers, with my colleague Dr. Daniel Shiu running through what they're good for (and bad for). Finally, Professor Steve Schneider explains how extra security measures can be built on top of a distributed ledger to form a new eVoting system.
I also want to mention one of the masterclass sessions we'll be running in the evening after day 1, in which Lizzie Coles Kemp and colleagues from Royal Holloway University of London will be demonstrating how to help better understand cyber security risks using Lego. I know it sounds unusual, but I've seen it, and it's well worth a look!
For more details about all the conference tracks, please visit the CyberUK In Practice 2016 page.
See you all in Liverpool.
Jon Lawrence, Technical Director for Assurance, GCHQ