Learn More
Empirical analysis within the field of information security economics is fraught with difficulty, primarily due to a lack of data. Over the last three years, the UK Government, through the Department for Business, Innovation & Skills (BIS), has taken a lead in the area of public disclosure on corporate cyber intrusions via their Information Security(More)
Cybersecurity is among the highest priorities in industries, academia and governments. Cyber-threats information sharing among different organizations has the potential to maximize vulnerabilities discovery at a minimum cost. Cyber-threats information sharing has several advantages. First, it diminishes the chance that an attacker exploits the same(More)
Negative use cases - in the form of 'misuse' or 'abuse' cases - have found a broad following within the security community due to their ability to make explicit the knowledge, assumptions and desires of stakeholders regarding real and perceived threats to systems. As an accepted threat modelling tool, they have become a standard part of many Secure Software(More)
Establishing the correct mix of functionality and security is key to developing resilient systems, an imbalance will result in system failure, either in system objective or at the hands of an adversary. We present a methodology for reasoning about secure design using economic expressions. We employ Wireless Personal Area Network (WPAN) devices and the IEEE(More)
Over the past 15 years the topic of information security economics has grown to become a large and diverse field, influencing security thinking on issues as diverse as bitcoin markets and cybersecurity insurance. An aspect yet to receive much attention in this respect is that of secure software development, or 'SWSec' --- another area that has seen a surge(More)
This talk will focus on the maturity of Digital Data Embedding technologies - watermarking, steganography, steganalysis, and digital data forensics. As individual methods and small systems, these algorithms have shown great potential for application to many commercial and military needs in the areas of information assurance, communication and protection.(More)
  • 1