Dr Shamal Faily
- 01202 962406
- sfaily at bournemouth dot ac dot uk
- http://orcid.org/0000-0002-2859-1143
- Principal Academic In Systems Security Engineering
- Poole House P416, Talbot Campus, Fern Barrow, Poole, BH12 5BB
Biography
I am a Principal Lecturer in Systems Security Engineering and co-ordinator of the Bournemouth University Cyber Security Research group (BUCSR). I am also a RISCS Fellow in Secure Development Practices, and a SPRITE+ Expert Fellow.
Before joining BU, I was previously a Post-doctoral Researcher at the Department of Computer Science at the University of Oxford, and a Teaching Fellow at the Information Security Group at University College London. I completed my DPhil in Computer Science at the University of Oxford. Prior to my doctoral research, I was a software engineer within Logica's Space business. Software I developed has been used to support flight dynamics operations for several European Space Agency (ESA) missions, including Mars Express and Rosetta.
Research
My research explores how security can be 'built in' at the earliest stages of a software product or service's design, and how software can be designed to ensure it remains secure and usable when used in different contexts.
I am particularly interested in the role User Experience (UX) artefacts like personas can play in design for security and privacy, and how software tools can help rather than hinder the design of secure and usable software. I lead the development of the open-source CAIRIS platform, and am author of the textbook 'Designing Usable and Secure Software with IRIS and CAIRIS' (Springer, 2018).
Journal Articles
- Pilton, C., Faily, S. and Henriksen-Bulmer, J., 2021. Evaluating Privacy - Determining User Privacy Expectations on the Web. Computers and Security, 105.
- Henriksen-Bulmer, J., Faily, S. and Jeary, S., 2020. DPIA in context: Applying DPIA to assess privacy risks of cyber physical systems. Future Internet, 12 (5).
- M’manga, A., Faily, S., McAlaney, J., Williams, C., Kadobayashi, Y. and Miyamoto, D., 2019. A normative decision-making model for cyber security. Information and Computer Security, 26 (5), 636-646.
- Iacob, C. and Faily, S., 2019. Exploring the gap between the student expectations and the reality of teamwork in undergraduate software engineering group projects. Journal of Systems and Software, 157.
- Henriksen-Bulmer, J., Faily, S. and Jeary, S., 2019. Privacy risk assessment in context: A meta-model based on contextual integrity. Computers and Security, 82, 270-283.
- Ki-Aries, D. and Faily, S., 2017. Persona-Centred Information Security Awareness. Computers & security.
- Favale, M., McDonald, N., Faily, S. and Gatzidis, C., 2016. Human Aspects of Digital Rights Management: the Perspective of Content Developers. SCRIPTed, 13 (3), 289-304.
- Faily, S., Power, D. and Fléchais, I., 2016. Gulfs of Expectation: Eliciting and Verifying Differences in Trust Expectations using Personas. Journal of Trust Management, 3 (4), 1-22.
- Faily, S. and Fléchais, I., 2016. Finding and Resolving Security Misusability with Misusability Cases. Requirements Engineering, 21 (2), 209-223.
- Iacob, C., Faily, S. and Bell, D., 2015. Special section: software quality for mobile apps. Software Quality Journal, 23 (3), 483-484.
- Faily, S., 2015. Engaging Stakeholders during Late Stage Security Design with Assumption Personas. Information and Computer Security, 23 (4), 435-446.
- McAlaney, J., Taylor, J. and Faily, S., 2015. The Social Psychology of Cybersecurity. The Psychologist.
- Faily, S. and Flechais, I., 2011. Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework. International Journal of Secure Software Engineering, 2, 1-18.
- Faily, S. and Flechais, I., 2010. Designing and Aligning e-Science Security Culture with Design. Information Management & Computer Security, 18.
- Faily, S. and Flechais, I., 2010. Towards tool-support for Usable Secure Requirements Engineering with CAIRIS. International Journal of Secure Software Engineering, 1, 56-70.
Books
- Faily, S., 2018. Designing usable and secure software with IRIS and CAIRIS.
- Beckers, K., Faily, S., Lee, S.-W. and Mead, N., 2017. Proceedings of the 4th International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2017). IEEE.
- Beckers, K., Lee, S.-W. and Mead, N., 2016. Proceedings of the 3rd International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2016). IEEE.
- Faily, S., Jiang, N., Dogan, H. and Taylor, J., 2016. Proceedings of the 30th International BCS Human Computer Interaction Conference (HCI 2016). British Computer Society.
- Proceedings of the 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2015). IEEE.
- Proceedings of the 1st Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2014). IEEE.
- Proceedings of the Workshop on Web Applications and Secure Hardware (WASH'13). CEUR-WS.
- Proceedings of the BCS HCI 2012 Workshop on Designing Interactive Secure Systems. BCS.
- Faily, S., Živny, S., Fogelberg, C., Salamon, A. and Schäfer, M., 2008. Proceedings of the Oxford University Computing Laboratory Student Conference 2008. Oxford University Computing Laboratory.
Chapters
- Atzeni, A., Faily, S. and Galloni, R., 2017. Usable Security: HCI-Sec Issues and Motivations. Encyclopedia of Information Science and Technology. IGI Global.
- Atzeni, A., Lyle, J. and Faily, S., 2017. Developing secure, unified, multi-device, and multi-domain platforms: A case study from the webinos project. Application Development and Design: Concepts, Methodologies, Tools, and Applications. 539-564.
- Faily, S., 2014. Evaluating the Implications of Attack and Security Patterns with Premortems. In: Blackwell, C. and Zhu, H., eds. Cyberpatterns: Unifying Design Patterns with Security and Attack Patterns. Springer.
- Atzeni, A., Lyle, J. and Faily, S., 2014. Developing secure, unified multi-device and multi-domain platforms: A case study from the webinos project. Architectures and Protocols for Secure Information Technology. IGI Global, 310-333.
- Faily, S., Lyle, J. and Parkin, S., 2012. Tool-support Premortems with Attack and Security Patterns. First International Workshop on Cyberpatterns: Unifying Design Patterns with Security, Attack and Forensic Patterns. 10-11.
Conferences
- Iacob, C. and Faily, S., 2020. The impact of undergraduate mentorship on student satisfaction and engagement, teamwork performance, and team dysfunction in a software engineering group project. 128-134.
- Faily, S., Scandariato, R., Shostack, A., Sion, L. and Ki-Aries, D., 2020. Contextualisation of Data Flow Diagrams for Security Analysis. Springer, 186-197.
- Faily, S., Iacob, C., Ali, R. and Ki-Aries, D., 2020. Identifying Implicit Vulnerabilities Through Personas as Goal Models. Springer, 185-202.
- Altaf, A., Faily, S., Dogan, H., Mylonas, A. and Thron, E., 2020. Identifying safety and human factors issues in rail using IRIS and CAIRIS. 98-107.
- Faily, S., Scandariato, R., Shostack, A., Sion, L. and Ki-Aries, D., 2020. Contextualisation of Data Flow Diagrams for Security Analysis. 186-197.
- Faily, S. and Ki-Aries, D., 2019. Usable and secure requirements engineering with CAIRIS. 502-503.
- Henriksen-Bulmer, J., Faily, S. and Jeary, S., 2019. Implementing GDPR in the charity sector: A case study. 173-188.
- Beckers, K., Faily, S., Lee, S.W. and Mead, N., 2018. Welcome to the fifth international workshop on evolving security and privacy requirements engineering (ESPRE'18). VI.
- Coles, J., Faily, S. and Ki-Aries, D., 2018. Tool-supporting Data Protection Impact Assessments with CAIRIS. 21-27.
- Ki-Aries, D., Faily, S., Dogan, H. and Williams, C., 2018. Assessing system of systems security risk and requirements with oasosis. 14-20.
- M'MANGA, A., Faily, S., McAlaney, J. and Williams, C., 2018. Rationalising Decision Making about Risk: A Normative Approach. In: 12th International Symposium on Human Aspects of Information Security & Assurance 29-31 August 2018 Dundee, UK. University of Plymouth.
- Ki-Aries, D., Faily, S., Dogan, H. and Williams, C., 2018. System of systems characterisation assisting security risk assessment. 485-492.
- M'MANGA, A., Faily, S., McAlaney, J., Williams, C., Kadobayashi, Y. and Miyamoto, D., 2018. Eliciting Persona Characteristics for Risk Based Decision Making. In: 32nd International BCS Human Computer Interaction Conference 2-6 July 2018 Belfast, UK.
- M'MANGA, A., Faily, S., McAlaney, J., Kadobayashi, Y. and Miyamoto, D., 2018. Qualitative Adaptation: Informing Design for Risk-based Decision Making. In: 2nd Workshop on the Challenges and Opportunities for Qualitative Data Research Methods in HCI 2-6 July 2018 Belfast, UK.
- Iacob, C. and Faily, S., 2018. Redesigning an undergraduate software engineering course for a large cohort. 163-171.
- 5th IEEE International Workshop on Evolving Security & Privacy Requirements Engineering, ESPRE@RE 2018, Banff, AB, Canada, August 20, 2018. IEEE.
- Iacob, C. and Faily, S., 2017. Using Extreme Characters to Teach Requirements Engineering. 107-111.
- Beckers, K., Faily, S., Lee, S.W. and Mead, N., 2017. Welcome to the fourth international workshop on evolving security and privacy requirements engineering (ESPRE'17). xix.
- Faily, S. and Iacob, C., 2017. Design as code: Facilitating collaboration between usability and security engineers using CAIRIS. 76-82.
- Ki-Aries, D., Dogan, H., Faily, S., Whittington, P. and Williams, C., 2017. From requirements to operation: Components for risk assessment in a pervasive system of systems. 83-89.
- M'manga, A., Faily, S., McAlaney, J. and Williams, C., 2017. Folk Risk Analysis: Factors Influencing Security Analysts’ Interpretation of Risk. In: 3rd Workshop on Security Information Workers 12-14 July 2017 Santa Clara, USA. Usenix Association.
- Ki-Aries, D., Faily, S., Dogan, H. and Williams, C., 2017. Re-framing 'the AMN': A case study eliciting and modelling a System of Systems using the Afghan Mission Network. 103-108.
- M'Manga, A., Faily, S., McAlaney, J. and Williams, C., 2017. System design considerations for risk perception. 322-327.
- Jane, H.B. and Faily, S., 2017. Applying contextual integrity to open data publishing. 1-7.
- Iacob, C., Faily, S. and Harrison, R., 2016. MARAM: Tool support for mobile app review management.
- Ki-Aries, D., Faily, S. and Beckers, K., 2016. Persona-Driven Information Security Awareness. In: 30th British HCI Group Annual Conference on People and Computers: Fusion 11-15 July 2016 Bournemouth, UK.
- Partridge, A. and Faily, S., 2016. The application of useless Japanese inventions for requirements elicitation in information security.
- Iacob, C. and Faily, S., 2016. Improving human-reviews interaction: A study of the role, use, and place of online reviews.
- Faily, S., Iacob, C. and Field, S., 2016. Ethical hazards and safeguards in penetration testing.
- Faily, S., Gritzalis, D., Lykou, G., Mylonas, A., Partridge, A. and Katos, V., 2016. Human-centered specification exemplars for critical infrastructure environments.
- Faily, S., Stergiopoulos, G., Katos, V. and Gritzalis, D., 2016. “Water, water, every where”: Nuances for a water industry critical infrastructure specification exemplar. 243-246.
- Ali, R., McAlaney, J., Faily, S., Phalp, K. and Katos, V., 2015. Mitigating circumstances in cybercrime: A position paper. 1972-1976.
- Favale, M., McDonald, N., Faily, S. and Gatzidis, C., 2015. Human Aspects in Digital Rights Management: The Perspective of Content Developers. In: Fourth International Workshop on Artificial Intelligence and IP Law 9 December-9 November 2015 Braga, Portugal.
- Vallindras, A. and Faily, S., 2015. The Mystery of Security Design. In: British HCI 2015 15-17 July 2015 Lincoln, UK. ACM.
- Faily, S. and Jones, M., 2015. Embedding Professional Practice into the Cybersecurity Curriculum using Ethics. In: 1st UK Workshop on Cybersecurity Training & Education 11 June 2015 Liverpool.
- Faily, S., Lyle, J., Fléchais, I. and Simpson, A., 2015. Usability and Security by Design: A Case Study in Research and Development. In: NDSS Workshop on Usable Security 8 February-8 January 2015 2015.
- Faily, S., McAlaney, J. and Iacob, C., 2015. Ethical dilemmas and dimensions in penetration testing. 233-242.
- McDonald, N., Faily, S., Favale, M. and Gatzidis, C., 2015. Digital rights management: The four perspectives of developers, distributors, users, and lawyers. 276-285.
- Faily, S. and Fléchais, I., 2014. Eliciting and Visualising Trust Expectations using Persona Trust Characteristics and Goal Models. In: 6th International Workshop on Social Software Engineering 17 November-17 August 2014 Hong Kong. ACM.
- Faily, S., Lyle, J., Fléchais, I., Atzeni, A., Cameroni, C., Myrhaug, H., Göker, A. and Kleinfeld, R., 2014. Authorisation in Context: Incorporating Context-Sensitivity into an Access Control Framework. In: 28th British HCI Group Annual Conference on People and Computers: Sand, sea and Sky 9-12 September 2014 Southport, UK. British Computer Society.
- Faily, S., 2014. Engaging Stakeholders in Security Design: An Assumption-Driven Approach. In: International Symposium on Human Aspects on Information Security & Assurance (HAISA 2014) 8-10 July 2014 Plymouth University.
- Faily, S., 2014. Ethical Hacking Assessment as a Vehicle for Undergraduate Cyber-Security Education. In: BCS 19th Annual INSPIRE Conference 15 April 2014 Southampton.
- Iacob, C., Harrison, R. and Faily, S., 2013. Online Reviews as First Class Artifacts in Mobile App Development. In: Fifth International Conference on Mobile Computing, Applications and Services 7-8 November 2013 Paris, France. 47-53.
- Lyle, J., Faily, S. and Winandy,, M., 2013. The Workshop on Web Applications and Secure Hardware. In: Workshop on Web Applications and Secure Hardware (WASH’13), Co-located with the 6th International Conference on Trust and Trustworthy Computing (TRUST 2013) 20 June 2013 London. CEUR-WS.org.
- Faily, S. and Lyle, J., 2013. Security Lessons Learned Building Concept Apps for webinos. In: BCS HCI 2013 Workshops: Human Aspects in Mobile App Engineering 9 September 2013 Brunel University, London.
- Su, T., Lyle, J., Atzeni, A., Faily, S., Virji, H., Ntanos, C. and Botsikas, C., 2013. Continuous Integration for Web-Based Software Infrastructures: Lessons Learned on the webinos Project. Springer.
- Faily, S., Lyle, J., Flechais, I., Atzeni, A., Cameroni, C., Myrhaug, H., Goker, A. and Kleinfeld, R., 2013. Policies in Context: Factors Influencing the Elicitation and Categorisation of Context-Sensitive Security Policies.
- Faily, S., 2013. Security Patterns Considered Harmful? 108-109.
- Faily, S. and Lyle, J., 2013. Guidelines for Integrating Personas into Software Engineering Tools. 69-74.
- Faily, S., Power, D., Armstrong, P. and Flechais, I., 2013. Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract). 267-268.
- Faily, S., Coles-Kemp, L., Dunphy, P., Just, M., Akama, Y. and Luca, A.D., 2013. Designing Interactive Secure Systems: CHI 2013 Special Interest Group. ACM, 2469-2472.
- Lyle, J., Nilsson, C., Isberg, A. and Faily, S., 2013. Extending the web to support personal network services. 711-716.
- Faily, S., Lyle, J., Namiluko, C., Atzeni, A. and Cameroni, C., 2012. Model-driven architectural risk analysis using architectural and contextualised attack patterns. ACM, 3:1-3:6.
- Faily, S., Lyle, J., Paul, A., Atzeni, A., Blomme, D., Desruelle, H. and Bangalore, K., 2012. Requirements Sensemaking using Concept Maps. Springer, 217-232.
- Faily, S. and Flechais, I., 2012. Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS. In: BCS HCI 2012 Workshops: Designing Interactive Secure Systems 12-14 September 2012 Birmingham, UK. 3:1-3:4.
- Faily, S., Lyle, J. and Parkin, S., 2012. Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems. In: BCS HCI 2012 Workshops: Designing Interactive Secure Systems 12-14 September 2012 Birmingham, UK. 5:1-5:4.
- Lyle, J., Paverd, A., King-Lacroix, J., Atzeni, A., Virji, H., Flechais, I. and Faily, S., 2012. Personal PKI for the smart device era.
- Lyle, J., Faily, S., Flechais, I., Paul, A., Goker, A., Myrhaug, H., Desruelle, H. and Martin, A., 2012. On the design and development of webinos: a distributed mobile application middleware. 140-147.
- Lyle, J., Monteleone, S., Faily, S., Patti, D. and Ricciato, F., 2012. Cross-platform access control for mobile web applications. 37-44.
- Fuhrhop, C., Lyle, J. and Faily, S., 2012. The webinos project. ACM, 259-262.
- Faily, S., 2012. Analysing Chindogu: Applying Defamiliarisation to Security Design.
- Gionis, G., Desruelle, H., Blomme, D., Lyle, J., Faily, S. and Bassbouss, L., 2011. “Do we know each other or is it just our Devices?”: A Federated Context Model for Describing Social Activity Across Devices.
- Faily, S., 2011. Bridging User-Centered Design and Requirements Engineering with GRL and Persona Cases. In: CEUR iStar 2011 5th International i* Workshop 28-29 August 2011 Trento, Italy. 114-119.
- Faily, S. and Flechais, I., 2011. Eliciting Usable Security Requirements with Misusability Cases. IEEE Computer Society, 339-340.
- Faily, S., 2011. Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism. In: CHI Workshop on HCI, Politics and the City: Engaging with Urban Grassroots Movements for Reflection and Action 7-12 May 2011 Vancouver, BC, Canada.
- Faily, S., 2011. Two Requirements for Usable and Secure Software Engineering. In: 1st Software and Usable Security Aligned for Good Engineering (SAUSAGE) Workshop 5-6 April 2011 National Institute of Standards and Technology Gaithersburg, MD USA.
- Faily, S. and Flechais, I., 2011. Persona Cases: A Technique for grounding Personas. Vancouver, BC, Canada: ACM, 2267-2270.
- Atzeni, A.S., Cameroni, C., Faily, S., Lyle, J. and Flechais, I., 2011. Here's Johnny: A Methodology for Developing Attacker Personas. IEEE, 722-727.
- Faily, S. and Flechais, I., 2011. User-Centered Information Security Policy Development in a Post-Stuxnet World. IEEE Computer Society, 716-721.
- Faily, S. and Flechais, I., 2010. A Meta-Model for Usable Secure Requirements Engineering. 29-35.
- Faily, S. and Flechais, I., 2010. Improving Secure Systems Design with Security Culture.
- Faily, S. and Flechais, I., 2010. Analysing and Visualising Security and Usability in IRIS.
- Faily, S. and Flechais, I., 2010. Security through Usability: a user-centered approach for balanced security policy requirements.
- Flechais, I. and Faily, S., 2010. Security and Usability: Searching for the philosopher’s stone.
- Faily, S. and Flechais, I., 2010. The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design. Springer, 111-118.
- Faily, S. and Flechais, I., 2010. To boldly go where invention isn’t secure: applying Security Entrepreneurship to secure systems design. New York, NY, USA: ACM, 73-84.
- Faily, S. and Flechais, I., 2010. A Model of Security Culture for e-Science. University of Plymouth, 154-164.
- Faily, S. and Flechais, I., 2010. Barry is not the weakest link: eliciting secure system requirements with personas. ACM, 124-132.
- Faily, S. and Flechais, I., 2009. Context-Sensitive Requirements and Risk Management with IRIS.
- Faily, S., 2008. Towards Requirements Engineering Practice for Professional End User Developers: A Case Study. IEEE, 38-44.
- Faily, S. and Flechais, I., 2008. Making the invisible visible: a theory of security culture for secure and usable grids.
- Faily, S., 2007. Living with Flight Dynamics : Proposals and Possible Pitfalls for Harmonising Flight Dynamics Systems with EGOS.
Theses
- Faily, S., 2011. A framework for usable and secure system design. PhD Thesis.
Software
- Faily, S., 2009. CAIRIS.
Others
- Faily, S., 2009. Context Matters: designing security for contexts of use. Unpublished.
PhD Students
- Mohammad Naiseh. Designing Self-Adaptive Electronic Prescription Service (EPS) for Improved User Experience for Repeat Prescriptions
- Amna Altaf. Integrating Safety, Security, and Human Factors Engineering
- Omolola Fagbule
Profile of Teaching PG
- Security by Design (Level 7)
Profile of Teaching UG
- Security by Design (Level 6)
Invited Lectures
- Bringing Security, Usability, and Software Engineering together with Personas. Oxford Brookes University. 2013.
- HCI-Security: An Overview. Cranfield University. April 2014.
Grants
- HuaHana: Phase 3 (Innovate UK, 06 Sep 2018). Completed
- Integrating Safety, Security, and Human Factors Engineering (Ricardo, 03 Sep 2018). Awarded
- HuaHana: Phase 2 (Innovate UK, 09 May 2018). Completed
- Data Protection Impact Assessment of StreetScene (Bournemouth University, 13 Feb 2018). Completed
- HuaHana:a productivity platform for usable and secure software design (Innovate UK, 01 Feb 2018). Completed
- Commercialisation of CAIRIS (DCMS / SETsquared, 27 Jan 2017). Completed
- Bournemouth-Athens Network in Critical Infrastructure Security (BANCIS) (BU Fusion Investment Fund, 01 Sep 2016). Completed
- Risk Assessment for Complex Systems of Systems (Defence Science and Technology Laboratory, 01 Sep 2016). In Progress
- Designing Systems for Risk-Based Decision Making and Assurance (Defence Science and Technology Laboratory, 09 Dec 2015). In Progress
- Bournemouth University Computer Human Interaction (BUCHI) (BU Fusion Investment Fund, 01 Mar 2015). Completed
- Making sense of DRM in game development (Madrigal) (Bournemouth University - Fusion Investment Fund, 01 Feb 2015). Completed
- Bournemouth European Network In Cyber Security (BENICS) (BU Fusion Investment Fund, 01 Mar 2014). Completed
- Evaluating the Usability, Security, and Trustworthiness of Ad-hoc Collaborative Environments (EUSTACE) (EPSRC, 30 May 2012). Completed
External Responsibilities
- European Intelligence and Security Informatics Conference (EISIC) 2015, Programme Committee (2015-)
- IEEE Joint Intelligence and Security Informatics Conference (JISIC), Programme Committee (2014-)
- 1st International Workshop on Evolving Security & Privacy Requirements Engineering, Organising Co-Chair (2014-), http://espre2014.org/
- International Conference on Trust & Trustworthy Computing (Socio-economics Strand, Programme Committee (2013-)
- Second International Workshop on Cyberpatterns: Unifying Design Patterns with Security, Attack, and Forensic Patterns, Programme Committee (2013-)
- European Intelligence and Security Informatics Conference, Programme Committee (2013-)
- Human Aspects in Mobile App Engineering: Workshop at British HCI 2013, Workshop Co-Chair (2013-)
- Workshop on Web Applications and Secure Hardware (Co-located with Trust 2013), Workshop Co-Chair (2013-)
- Designing Interactive Secure Systems SIG at ACM Conference on Human Factors in Computer System, Organiser (2013-)
- 6th International Conference on Trust & Trustworthy Computing, Publicity Co-Chair (2013-)
- Designing Interactive Secure Systems: Workshop at British HCI 2012, Workshop Co-Chair (2012-)
- ACM SIGCHI Symposium on Engineering Interactive Computing Systems, Reviewer (2011-2012)
- BCS Conference on Human-Computer Interaction, Reviewer (2011-2014)
- ACM Conference on Human Factors in Computer Systems, Reviewer (2010-2016)
- Journal of Systems and Software (Elsevier), Reviewer
- Pervasive and Mobile Computing (Elsevier), Reviewer
- Behaviour & Information Technology (Taylor & Francis), Reviewer
- International Journal of Secure Software Engineering (IGI Global), Reviewer
- Computers & Security (Elsevier), Reviewer
Internal Responsibilities
- Co-ordinator, BU Cyber Security Research Group
Conference Presentations
- First International Conference on Cyber Security for Sustainable Society 2015, The Social Psychology of Cybersecurity, 26 Feb 2015, Coventry
Qualifications
- PG Cert in Education Practice (Bournemouth University, 2015)
- DPhil in Computer Science (University of Oxford, 2011)
- PG Cert in Software Engineering (University of Oxford, 2008)
- BSc (Hons) in Business Computing Systems (City University, 1998)
Memberships
- ACM, Member,
- Association for Computing Machinery, Member,
- British Computer Society, Member,
- Higher Education Academy, Fellow,
External Media and Press
- Small charities face bankruptcy for not complying with GDPR, but put clients at risk if they do, The Conversation, 21 May 2018. https://theconversation.com/small-charities-face-bankruptcy-for-not-complying-with-gdpr-but-put-clients-at-risk-if-they-do-95463