Tagged / cyber security

Secure and cross border digital identity: issues and perspectives

Staff and students are invited to join us for the next cyber security seminar on:

‘Secure and cross border digital identity: issues and perspectives’

Tuesday 25th November, 4pm – 5pm

Room: P335

 

The talk will discuss requirements, issues and perspectives for an interoperability solution that allows citizens and organizations to establish new e-relations across borders, just by presenting their national eID.

Our speaker will be Dr Andrea Atzeni, from the “Dipartimento di Automatica e Informatica, Politecnico di Torino” who is based in the TORSEC Security group.

Dr Atzeni’s work addresses the definition of security requirements and mobile security, plus, investigation and modelisation of user expectation on security and privacy; risk analysis and threat modeling for complex cross-domain systems; specification of functional and security architectures; development of cross-domain usable security; development and integration of cross-border authentication mechanisms (including legal and technical issues).

Join us for today’s cyber security seminar…

 

‘Pattern- and Security-Requirements-Engineering-based Establishment of Security Standards’

Tuesday, 19th August

Coyne Lecture Theatre, Talbot Campus

4pm -5pm.

Security standards such as Common Criteria or ISO 27001 are ambiguous on purpose, because these standards shall be usable for a large set of different scenarios. The establishment of a security standard requires removing all ambiguities, eliciting concrete security requirements and selecting appropriate security measures.

Dr Kristian Beckers is a security requirements engineering researcher at the University of Duisburg-Essen. He investigates how security requirements engineering methods can be used to support the development and documentation of security standards. In this seminar Dr Beckers will introduce you to the methods and systems which have been created to fit a specific security scenario. In particular, you will find out about the Information Security Management System (ISMS) which was built in compliance with the ISO 27001 standard.

If you would like to join us for this seminar, please book your place via EventBrite.

We will look forward to seeing you!

How security requirements engineering methods can be used to support the development and documentation of security standards…

 

You are invited to join us for the next Cyber Security seminar:

‘Pattern- and Security-Requirements-Engineering-based Establishment of Security Standards’

Tuesday, 19th August

Coyne Lecture Theatre, Talbot Campus

4pm -5pm.


Security standards such as Common Criteria or ISO 27001 are ambiguous on purpose, because these standards shall be usable for a large set of different scenarios. The establishment of a security standard requires removing all ambiguities, eliciting concrete security requirements and selecting appropriate security measures.

Dr Kristian Beckers is a security requirements engineering researcher at the University of Duisburg-Essen. He investigates how security requirements engineering methods can be used to support the development and documentation of security standards. In this seminar, Dr Beckers will introduce you to the methods and systems which have been created to fit a specific security scenario. In particular, you will find out about the Information Security Management System (ISMS) which was built in compliance with the ISO 27001 standard.

If you would like to join us for this seminar, please book your place via EventBrite.

We will look forward to seeing you!

 

National Security: Advancing Capabilities to Meet Current and Future Threats

 

On Thursday 3rd July, the BU Cyber Security Unit (BUCSU) will be exhibiting at the National Security: Advancing Capabilities to Meet Current and Future Threats conference in London.

The conference will offer delegates an opportunity to investigate the key threats and risks to the UK’s national security. They will also learn of the latest developments in developing the UK’s cyber security and the role technology can play in protecting infrastructure and ensuring business and service continuity.

Facing the issue of developing the UK’s cyber security, there are two important areas which need to be tackled – the shortage of security practitioners and the increasing skills gap between existing knowledge and new cyber threats.

In response to these issues, BUCSU will be launching at the conference its ‘job retention through education plan’.  The unit is already working closely with the Police and there is traction to work with other government agencies too; this conference will provide an excellent opportunity to engage with these agencies and UK businesses.


Goal Modelling for Investigating Fraud

Staff and students are invited to join us for the next Cyber Security Seminar…

‘Goal Modelling for Investigating Fraud’

Tuesday 17th June 2014

Lawrence Lecture Theatre, Talbot Campus

4pm – 5pm

 

Join us for this informative seminar presented by Clive Blackwell, who is currently a Research Engineer at Airbus Innovation Works.

This seminar will present a systematic process for analysing fraud using the KAOS tool, which is widely used in requirements engineering. Interestingly, Clive will analyse the case of Paul Ceglia vs Mark Zuckerberg and Facebook, where Ceglia claims 50% of Facebook supported by an alleged contract signed by Zuckerberg. Clive believes this technique could be extended to help provide a general model for fraud and also aid better analysis of the cyber security of complex systems in general.

 If you would like to join us for this presentation, please book your place via Eventbrite. We will look forward to seeing you!

Speaker Bio: Clive Blackwell is currently a Research Engineer at Airbus Innovation Works where his main research is in threat detection and modelling. Clive was formerly a Research Fellow at Oxford Brookes University between 2010 and 2013, where his main area of research was in cyber security and digital forensics with a particular interest in the development of a scientific basis for digital forensics. He has over 50 publications including two books to his name.

Ferndown & Uddens Business Improvement District collaborates with a multi-disciplinary team from BU

The Business Improvement District (BID) yesterday hosted their first breakfast meeting on business continuity and information assurance.

Staff from the Business School, The Disaster Management Centre and the Cyber Security Unit presented a knowledgeable insight to identify collective responsibilities of businesses within the district, giving examples where one business problem may affect other enterprises across the estate. The Dorset Fire & Rescue Service and Dorset Police further supported BU’s representations concerning crisis management; business resilience; disaster recovery and cybercrime. In addition, A&T Insurance Group provided a comprehensive study on insuring business resilience.

BUCSU introduced the availability of TSB Innovation Vouchers to meet the recently published ‘Cyber Essentials’ issued by the Information Commissioners Office.

What happens next: can the future of tech-enabled crime ever be predicted?

Dr Christopher Richardson from the BUCSU delivered a thought provoking presentation at the CIFAS Fraud Conference, which was held at Dexter House London on the 3 June 2014. It was attended by the UK’s financial and insurance communities.

The conference was alerted to the fact that UK fraud is currently running at 25 incidents per hour; with an annual cost estimated above £52 billion.

Dr Richardson’s oversight expanded that through the continuance of pervasive technologies; increased crime wave and progressive skills shortage within the security industry, has all resulted in a perfect storm.

In forecasting the cyber threat landscape Dr Richardson projected the increase of insider threat, malicious software and human error, which if not corrected will bring the cost of fraud above £100 billion. The real question is, at what point will society, enterprise and individuals demand government action, and in particular a more determined approach to the investigation and prosecution of fraudulent activities? A characteristic of cybercrime is that it’s global, whereas policing is local.  In order to rescue our beleaguered and often under skilled law enforcement agencies, we need to tackle the issues from an international perspective, with global partnerships engaging business communities and overcoming their reluctance to breach reporting.

This conference follows on from the BUCSU’s strategic cyber policing conference in February, where cyber enabled and cyber dependent crimes were discussed. Please visit previous blog post for further info on the South West Police Cybercrime Conference.

   

 

Could new framework take pressure off businesses who have to deal with privacy compliance?

 

 

The next Cyber Security seminar will be on:

‘Legal – URN (User Requirements Notation) Framework for Privacy Compliance’

Tuesday, 13th May

Coyne Lecture Theatre, Talbot Campus

4pm -5pm.

 

Bournemouth University is delighted to welcome Dr. Sepideh Ghanavati from CRP Henri Tudor, who will be visiting on the 13thMay to present an overview of the Legal-URN framework, which includes compliance analysis techniques and provides guidelines to manage multiple regulations at the same time.

The number of regulations an organisation needs to comply with has been increasing, and the pressure is building for them to ensure that their business processes are aligned with these regulations. However, because of the complexity and intended vagueness of regulations in general, it is not possible to treat them the same way as other types of requirements.

The cost of being non-compliant can also be fairly high; non-compliance can cause crucial harm to organisations, who may incur financial penalties or loss of reputation. Therefore, it is very important for organisations to take a systematic approach to ensuring that their compliance with related laws, regulations and standards is established and maintained. To achieve this goal, a model-based privacy compliance analysis framework called Legal-URN has been proposed.

If you would like to join us for this presentation, please book your place via Eventbrite.

We will look forward to seeing you!

BU hosts the first South West Police Cyber Crime Conference

Funding opportunities

Last week the five police forces across the South West Region started a partnership with Bournemouth University to develop a cyber-crime strategy.  The Bournemouth University Cyber Security Unit (BUCSU) arranged a 3-day conference to assist our Police in creating a collaborative framework. Moreover, this conference has helped build a future implementation of a critical strategy which addresses the increasing threat of cyber-crime to our society. 

A series of workshops were developed by BUCSU and attended by representatives from Avon and Somerset, Devon and Cornwall, Dorset, Gloucestershire and Wiltshire police forces.  Those who attended included Police and Crime Commissioners (PCCs); Chief Constables, police officers and practitioners involved in the investigation of cyber-crime.

The conference provided insight to the problems faced by the police with this global threat and has contributed towards creating a sustainable programme that could be implemented across the region and aid police officers in their pursuit of the 4 P’s of CONTEST (Pursue, Protect, Prevent, Prepare).

Dorset Assistant Chief Constable David Lewis said, “The purpose of the event was to find innovative approaches to combat the growing threat of cyber-crime in all its forms, from frauds and bullying to threats to our national and economic infrastructure.  We are building excellent relationships with the subject matter experts at Bournemouth University, their students and businesses in order to better protect our communities and bring those responsible for cyber-crime to justice”.

If you would like to find out more about the BU Cyber Security Unit and what it offers please contact Lucy Rossiter.   The Technology Strategy Board (TSB) are offering up to £5000 funded support through the cyber security innovation voucher scheme.  The vouchers will help SMEs, entrepreneurs and early stage start-ups who see value in protecting and growing their online business by having effective cyber security. For further information please visit the TSB website to find out how innovation vouchers can help you.