The Centre for Cyber Security, Communications and Network Research (CSCAN) hosts a Cyber Security Seminar Series with prestigious and passionate invited speakers from both research communities and industry.
The invited speakers present a wide range of works in cyber security, bringing the wider community together to discuss up-to-date lines of research and latest industry concerns. The seminars are held online, open to the general public and free to attend. If you would like to join, please contact Professor Nathan Clarke to register.

The seminars have finished for the 2024/25 academic year and the page will be updated when information for the next academic year is available.

In the meantime, the research seminar series playlist can be viewed on YouTube.

 

PREVIOUS SEMINARS

Dr Eliana Stavrou
Wednesday 26 March 2025, 12:00–13:00

Paving the Path to Personalised Cybersecurity Learning in the GenAI Era: Accelerating Professional Growth

In today’s rapidly evolving cybersecurity landscape, aspiring and senior cyber security professionals face the overwhelming challenge of navigating a vast and complex domain. With a wealth of information available on cybersecurity careers, understanding where to start and how to progress efficiently requires significant time and effort. This challenge extends beyond entry-level professionals – experts also struggle to effectively manage lifelong learning and stay ahead of industry advancements. Personalising learning has become essential to making professional development more focused, efficient and impactful. This presentation explores key aspects of career progression in cybersecurity, the importance of personalised learning, and how genAI can assist individuals in designing effective, tailored career role-oriented study plans, helping them navigate complexity and accelerate their professional growth.
Dr Eliana Stavrou is an Assistant Professor in Cybersecurity at the Open University of Cyprus, where she leads the MSc in Computer and Network Security programme. She is a core member of the Cybersecurity and Telecommunications Research Lab (CTRL) at the university, leading education and training initiatives. She is performing applied research in cybersecurity, with a particular interest in human aspects, competency development, cyber range training programme design and critical infrastructure protection.
Dr Stavrou is actively involved in several working groups and advisory boards dedicated to advancing cybersecurity capabilities, research, and innovation. Her latest role is as a member of the Task Force on Personalisation of Education, organised by the European Association of Distance Teaching Universities (EADTU), where she contributes to developing guidelines for advancing personalised learning in higher education.
 

Professor Phil Legg
Wednesday 12 March 2025, 12:00–13:00

AI for Cyber Security and Security of AI: Where next?

The role of AI has long been a key part of cyber security data analytics, with machine learning techniques being used for Intrusion Detection Systems, recognising insider threat activity, and classifying malware characteristics. Now, with new AI techniques such as Large Language Models capturing public attention and commercial innovation developing at rapid pace, in this talk we will explore what this means for the future of securing AI systems, and new ways of imagining human-machine teaming to better aid cyber security decision making and response.
Phil Legg is a Professor of Cyber Security and Co-Director of UWEcyber Academic Centre of Excellence in Cyber Security Education, at the University of the West of England (UWE Bristol). He leads the Cyber Security Research theme at UWE, with projects ranging from ML-based fuzzing for software security and container-based infrastructure security, through to privacy-preservation in IoT networks and explainable AI in managing telecommunications security.
His core research interests sit at the intersections of cyber security, machine learning, and visual analytics, and how human-machine collaboration can achieve improved decision support in cyber security, such as in applications of insider threat detection.
He is a founding member of CSE-Connect, an NCSC-supported initiative to promote collaboration and innovation in cyber security education across industry, academia, and government. He completed his PhD in Computer Science from Cardiff University in 2010 and held post-doctoral research roles at Swansea University (2010–13) and University of Oxford (2013–15) before joining UWE in 2015.
 

Professor Christos Kalloniatis
Wednesday 19 February 2025, 11:00–12:00

Privacy by Design and Data Protection

This presentation focuses on the concept of privacy by design. As privacy by design is one of the key aspects introduced in the General Data Protection Regulation (GDPR), a discussion about the basic aspects and terms of GDPR are introduced along with the main data protection principles and legal bases. Then, the privacy by design concept is introduced as one of the key aspects of GDPR. The privacy by design concept will be examined under the scope of GDPR but also from a pure IT perspective focusing on the necessity of its fulfilment in today’s modern and complex IT environments.
Christos Kalloniatis is a Professor of the Department of Cultural Technology and Communication (DCTC) of the University of the Aegean, director of the Privacy Engineering and Social Informatics (PrivaSI) research laboratory as well as member of the Systems Security Lab on the Department of Digital System in University of Piraeus. He is the former Head of DCTC (2020–24), a member of the board of Hellenic Data Protection Authority and a former member of the board of the Hellenic Authority for Communication Security and Privacy.
His main research interests are the elicitation, analysis and modelling of security and privacy requirements in traditional, cloud-based and AI systems, the analysis and modelling of forensic-enabled systems and services as well the socio-technical aspects of security and privacy. He is an author of several refereed papers in international scientific journals and conferences and has served as a visiting professor in many European Institutions. He has served as a member of various development and research projects.
 

Dr Jims Marchang
Wednesday 20 March 2024, 11:00–12:30

Unlocking and Dissecting Blockchain Technology

In today's digital era, businesses continue to rely heavily on digital technology for their operations, accuracy, and improved process efficiency. So, the need to protect against cyber threats has become increasingly important. In the field of recent technological development, blockchain technology is one of the most promising domains. Blockchain is a decentralised, peer-to-peer distributed ledger that is immutable, transparent and secure. It creates a permanent digital record of transactions that is tamper proof, making it an ideal security solution to maintain trust, visibility and traceability.
Blockchain's ability to secure data and transactions makes it a perfect partner in the cybersecurity space and makes the system more resilient than ever. It has already found its way into various sectors of the economy such as finance, supply chain, healthcare, etc. It has the potential to revolutionise the way information and systems are secured and is gaining traction in the business world. Thus, blockchain technology provides unique features that make it one of the most promising solutions in the field of cybersecurity. In this talk, Dr Jims Marchang will dissect blockchain technology to understand its building blocks and its fundamentals, and explore its importance in unlocking its potential and harvesting its features.
Dr Jims Marchang completed his PhD from the CSCAN Research Laboratory, University of Plymouth, UK. He is currently a Senior Lecturer in Cybersecurity in the Department of Computing at Sheffield Hallam University. He is also a research Co-Lead of Digital, AI, and Robotics at the Advanced Wellbeing Research Centre (AWRC) and leads an Intelligent and Secure Cybersecurity research group known as iSec CyberNet at the Department of Computing. His research focuses on building secure-by-design and privacy-by-design solutions in IoT, IoMT, IoRT, autonomous care robotic systems, and developing scalable energy efficient Blockchain frameworks.
 

Dr Dionysios Demetis
Wednesday 6 March 2024, 11:00–12:20

The Darkest Corner of Cybercrime: Online Child Sexual Exploitation

The exploitation of children is a disturbing topic with serious social repercussions. Sadly, the diffusion of digital technologies has been misused to fuel an ecosystem of activities that victimise children. Despite efforts from cybercrime police to counter such phenomena, one of the most serious forms of abuse online is online child sexual exploitation. In this talk, the basic pillars for deconstructing the phenomenon will be discussed and the key technology related enabling and constraining affordances will be discussed.
Dr Dionysios Demetis is a Reader at the Business School of the University of Hull, UK, and a Visiting Professor at Texas A&M, USA. He holds a PhD on Information Systems from the London School of Economics. His research in information security awareness has been connected to major EU-funded projects, covering a range of topics from Information Systems and Anti-Money Laundering to broader issues within the Information Society, such as cyber threats, information security management and biometric security. Dr Demetis' research on cyber threats online for the prevention of online child sexual exploitation has been recognised with prestigious awards, including the best paper award from the 4* Journal of the Association for Information Systems (JAIS) and the discipline-wide AIS Senior Scholars Best Paper Award. Formerly a member of the Information Security Integrity Group (ISIG) at the London School of Economics, he contributed to various aspects of cyber security over a number of years and has worked on a large Network of Excellence EU-funded project (FIDIS) on security related aspects, a project that included Microsoft and IBM.
Dr Demetis serves as a Senior Editor at the Journal of Information Systems Security and is the co-Chair of the Annual Security Conference in Las Vegas, Nevada, an international conference featuring participation from the cyber crime teams of the Federal Bureau of Investigation and the United States Secret Service.
His scholarly works, especially those addressing systemic and sociotechnical aspects of security, emphasise the importance of developing comprehensive socio-technical security frameworks from a systems theory perspective. A lot of his research is also at the cross-section of cybercrime and cyber money laundering (e.g., cryptocurrency-based money laundering).
 

Dr Jason Nurse
29 November 2023, 11:00–12:30

Ransomware and the role of cyber insurance

Cyber insurance and ransomware are two of the most popular topics in security today, and their interplay continues to raise concerns in academia, industry and government. This talk focuses the discussion to examine to what extent cyber insurance is helping to mitigate or aggravate the threat of ransomware. We draw on years of research and engagement with over a hundred professionals from the security, insurance, ransomware recovery and government sectors. The research from this talk has been published and is accessible here: Between a rock and a hard(ening) place: Cyber insurance in the ransomware era https://doi.org/10.1016/j.cose.2023.103162.
Jason R C Nurse is a Reader in Cyber Security in the Institute of Cyber Security for Society (iCSS) and the School of Computing at the University of Kent, UK. He also holds the roles of Visiting Fellow in Defence and Security at Cranfield University, UK, and Associate Fellow at the Royal United Services Institute for Defence and Security Studies (RUSI). His research interests include cyber insurance and ransomware, security risk management, corporate communications and cyber security, cyber resilience, and security culture.
Dr Nurse has published over 100 peer-reviewed articles in internationally recognised security journals and conferences, and he is a professional member of the British Computing Society.
 

Dr Stavros Shiaeles
8 November 2023, 11:00–12:30

Detection of Insider Threats Using Artificial Intelligence

An insider threat is a security risk that originates within the targeted organisation, from employee, contractor or other business partner who has authorised access to the organisation’s network, system or data and intentionally exceeds or misuses that access in a manner that negatively affects the confidentiality, integrity or availability of the organisation’s information or information systems. Insider threat is unarguably one of the most underestimated areas of cyber security. Organisations cannot rely on traditional perimeter security measures to protect their assets; thus in this talk we will explore how artificial intelligence can help in mitigating this issue.
Dr Stavros Shiaeles is Reader (Associate Professor) at the University of Portsmouth, UK and visiting Professor University of Peloponnese, Greece, Bharath University, India and Capitol Technology University, USA. His research interest span to the broad area of cyber security and more specifically in OSINT, social engineering, distributed denial of service attacks, cloud security, digital forensics, network anomaly detection and malware mitigation. He has authored more than 100 publications in academic journals and conference, chaired many workshops in IEEE well known conferences such as IEEE Service and NetSoft, and currently co-chairs the IEEE International Conference on Security and Resilience Series (IEEE CSR).
He co-edited two cyber security books, published by CRC Press in April 2021, and is involved as Principal Investigator, leading the University of Portsmouth research team, in European and local grants. Further to his academic qualifications, he holds a series of professional certifications (EC-Council Certified Ethical Hacker (CEH), EC-Council Advanced Penetration Testing (CAST611), ISACA Cobit 5 Foundation and a Cyberoam (now acquired by Sophos) Certified Network and Security Professional (CCNSP)), and he is an EC-Council accredited instructor providing professional certifications training on cyber security and penetration testing.
 

Professor Steven Furnell

Wednesday 26 March 2023, 11:00–12:30

Surely we’ve said enough about passwords?

Passwords have been part of the cyber security landscape for years – indeed, for many years before we even called it cyber security. Moreover, for much of that time, they have been criticised, for the level of security they provide and the way that we use them. So, here in 2023, several decades down the line in terms of our use of them, you would perhaps assume that passwords are being used as well as we can manage within the limits of the approach. Unfortunately, this is often far from the case. While many sites allow (and indeed require) us to create password-based accounts, many also fail to provide effective guidance and enforcement of rules to support the process. The presentation examines the related provisions (or lack of them) in ten leading websites, as well as how the situation has changed over time. While passwords provide the specific focus, there is also a wider lesson in terms of ensuring that users are sufficiently supported in the cyber security methods that they are expected to use.
Steven Furnell is a professor of cyber security at the University of Nottingham. He is also an Honorary Professor with Nelson Mandela University in South Africa and an Adjunct Professor with Edith Cowan University in Western Australia.
His research interests include usability of security and privacy, security management and culture, and technologies for user authentication and intrusion detection. He has authored over 350 papers in refereed international journals and conference proceedings, as well as various books, book chapters, and industry reports. Professor Furnell is the UK representative to Technical Committee 11 (security and privacy) within the International Federation for Information Processing, and a board member of the Chartered Institute of Information Security.
 

Veronica Schmitt
Wednesday 1 March 2023, 11:00–12:30

Solving a murder case using medical devices (a true story)

The seminar will present a case study in which medical devices and implanted medical devices were used to help solve a murder case. The presentation will cover the use of technology in forensics, specifically focusing on the role of medical devices such as pacemakers, insulin pumps and other implantable medical devices in gathering evidence to identify a suspect. The case study will explore the circumstances of the murder, how the victim's implanted medical devices were used to track their movements, and how the data was used to establish a timeline of events leading up to the murder. Additionally, the seminar will discuss the ethical and legal considerations around the use of this type of data in criminal investigations. Attendees will learn about the growing use of technology in criminal investigations and the potential impact of medical devices in solving crimes. The presentation will also highlight the importance of interdisciplinary collaboration between medical professionals, law enforcement and legal experts in utilising medical device data in criminal investigations.
Veronica is an experienced forensic expert who began her career in 2008. Currently, she is an Assistant Professor at Noroff University and holds a masters degree in Information Security from Rhodes University with a specialisation in malware forensic analysis.
She is deeply committed to patient safety, and as a cyborg herself, she understands the importance of keeping medical devices secure. Veronica is a DEF CON Goon, founder of DC2751 and the OWASP Kristiansand project. Her research interests include investigating security vulnerabilities in medical devices connected to the Internet of Things, identifying forensic artifacts from attacks, and developing incident response strategies for implanted medical devices and those used in healthcare settings.
 

Professor Karen Renaud
Wednesday 7 December 2022, 11:00–12:30

The Post Office: A Saga of (Technological) Injustice

Software invisibly permeates our everyday lives. We have come to rely on such software to work correctly and efficiently. The generally accepted narrative is that any software errors that do occur can be traced back to a human operator’s actions. Software engineers know that this is merely a comforting illusion. Anomalies that manifest are not necessarily due to any operator’s actions. With the general public, and the courts, believing the opposite, it is entirely possible for some hapless yet innocent person to be blamed for anomalies and discrepancies whose actual source is a malfunction. This is what occurred in the Post Office case, which I will introduce and analyse in this talk. I will also talk about the harms done on a number of levels as a consequence of the Post Office miscarriage of justice.
Accessible Welcome Greeting Welcoming Approachable Access Enter Available Concept
 

Professor Pete Burnap
Wednesday 16 November 2022, 11:00–12:30

AI for cybersecurity innovation

I will talk about innovation in the area of cyber security analytics – developing machine learning methods to detect and block cyber attacks (e.g. detecting ransomware within four seconds of execution and killing the underlying processes). Rather than just focusing on this as a 'black box', I'll pull it apart and talk about how we can use these methods to enable security practitioners to ask and answer questions about 'what' and 'why' these methods are flagging attacks (explainable AI). I'll also talk about resilience of machine learning methods to manipulation and adversarial attacks – how stable these approaches are to diversity and evolution of malware, for example. Finally, I will reflect on this topic in the context of practical use.
 

Dr Osama Abu Oun
Wednesday 9 March 2022, 11:00–12:30

DevSecOps: Concept and Challenges

The presentation will focus on the big picture of DevOps and cyber security. It will discuss the challenges faced by DevOps engineers and the need to integrate cyber security into the DevOps process.
 

Dr Maria Bada (Queen Mary University London)
Wednesday 16 February 2022, 11:00–12:30

The human factor in cybercrime

During this seminar I will be discussing the two sides of the human factor in cybercrime. First, I will be presenting the pathways and psychologies of cyber criminals. In addition, I will be describing the role of victims and different types of harms cyber attacks can cause.
 

Dr Harjinder Singh (University of Warwick)
Wednesday 24 November 2021, 11:00–12:30

Dashcam forensics

A dashboard camera (“dashcam”) is an in-vehicle mountable camera which records video and audio footage of vehicle journeys. Dashcams create numerous artefacts of evidential value such as GPS data, temporal data, vehicular speed data, audio, video and photographic images.
Dashcam usage has increased over the last few years with 9% of drivers using dashcams in 2015, 17% in 2017, and 27% in 2018 (Aviva, 2018). This number is expected to increase remarkably, particularly with some manufacturers planning to incorporate dashcam capability within new car design. Dashcam evidence is essential in road traffic related incidents as well as to provide evidence of in-vehicle activity.
Despite their importance, there is a paucity of research into dashcam forensics, and there are no known tools that enable dashcam forensics.
This talk highlights the work that we are doing in supporting this field. The talk provides an overview of the evidential value of dashcam devices, methods of extracting the evidence, efforts to develop a useful dashcam evidence dataset, and then reports on three prototypes aimed at extracting dashcam evidence.
 

Dr Peter Popov (City,University of London)
Wednesday 17 November 2021, 11:00–12:30

Models of attacks in critical infrastructures

The talk will present an approach to cyber-risk assessment of industrial control systems which accounts for exploits of unknown (i.e., “0-day) vulnerabilities. The effect of successful attacks on compromised software is modelled as a software reliability decay. We then use the modelling approach to study how the effectiveness of a fault tolerant architecture, such as the 1-out-of-2 software, popular for building industrial protection systems, is affected by software maintenance policies such as patching and “cleansing” (“proactive recovery”) and by the adversary models ranging from independent attacks to sophisticated synchronised attacks on the channels of the fault tolerant protection system.
 

Professor Theo Tryfonas (University of Bristol)
Wednesday 3 November 2021, 11:00–12:30

Cybersecurity Challenges for Connected and Automated Vehicles: Experiences from the FLOURISH project

Connected and autonomous/automated vehicles (CAVs) will play a significant role in a future transport system and unlock enormous social benefits at the same time. The FLOURISH project was a multi-partner venture funded by InnovateUK from June 2016 – May 2019 (grant ref. 102582, £3.7 million) aiming to enable the delivery of many of these benefits by helping to ensure that CAVs are developed with the user in mind and are technically secure, trustworthy and private. Two and a half years on, we reflect in this talk on some key contributions in this space, particularly about secure design, security infrastructure deployment challenges and the understanding of user perceptions of risk related to CAV use.
 

Professor Vasilis Katos (Bournemouth University)
Wednesday 20 October 2021, 11:00–12:30

A socio-technical view of cybersecurity in smart cities

As many cities across the globe invest a considerable amount of effort, resources and budget to modernise their infrastructure by deploying a series of technologies such as 5G, Software Defined Networks and IoT, their exposure to potential software vulnerabilities also increases.
In this talk, we will explore aspects of software vulnerabilities in a localised, city context and discuss issues and research directions in developing resilient and safe cities, by considering both the technical infrastructure as well as citizen participation.