Abstract

The ever increasing sophistication and intensity of cyber security attacks requires organisations to  make use of not only on up-to-date, state of the art security controls for their systems but also other complementary security risk mitigation mechanisms, including, for example, security service level agreements (CSLAs), cyber insurance policies (CIPs) and effective cyber security training. The orchestrated use of such risk mitigation mechanisms, requires organisations to develop a good understanding of the risk landscape that they need to address, as well as of the effectiveness, benefits, cost and complementarities of the available alternative mechanisms whether they are purely technical such the traditional security controls, or contractual and financial such as CSLAs and CIPs, and eventually make rationalised decisions about using the right mix of them. This keynote presentation explores this complex decision making problem and outlines directions towards a systematic approach in tackling it.

Short Bio

George Spanoudakis (BSc, MSc and PhD) is full Professor in the School of Mathematics, Computer Science and Engineering at City, University of London and Director of the Research Centre on Adaptive Computing Systems (CeNACS) within the University. Prior to his current posts, he had been Head of the Department of Computing at City University (2004-07) and Associate Dean for Research of the School of Informatics (2010-14) and member of the Council of the University of Piraeus in Greece (2013-2017).  He has also held visiting positions at the Universities of Crete, Essen, Malaga, London School of Economics and ICS-FORTH. His research interests are in adaptive computing, cyber security and biomedical computing. Within the wider field of his research, he has published more than 170 peer-reviewed scientific papers and books and has attracted research funding in excess of €100m, including R&D projects funded by the EU, national research councils and the industry. His research activity has involved extensive collaboration with the industry including large companies as, for example, Philips, SIEMENS, SAP, BT and INTEL. Professor Spanoudakis has been in the program committees of more than 180 international conferences, and has been the programme committee chair of several of them including, for example, ENASE 2019, SCC 2018, ENASE 2018, ENASE 2017, SEKE 2007 and SEKE 2006. He has also been a member of the editorial boards of several international journals. Beyond research, Professor Spanoudakis has been providing advisory services to private companies, universities, public funding and standardisation bodies in the UK and overseas.