Senior ISG Researchers Talking To Industry

We all know that researchers in the Information Security Group are amongst the most active academics in the field of information security, but we also pride ourselves on our contacts within industry.

This relationship is definitely a two-way street – we ask industry for their best security problems and, when we find results, we let them know all about it. In the next couple of months, senior ISG researchers will be spending a lot of time talking with industry. The charge is being led by Prof. Fred Piper. Prof. Piper recently gave the keynote address in the CISO Executive Summit on the subject of authentication. This annual provides for an opportunity for European Chief Information Security Officers to come together and discuss information security topics. Prof. Piper’s seminar discussed the difficulties in balancing security and usability in authentication systems, and particularly how strong technical security controls can lead to poor usability, which can lead to opportunities for social engineering attacks.

Prof. Piper is also chairing the discussion in the Financial Sector Technology (FST) Security Conference in London on the 24th June. The conference aims to create an environment in which professionals in the financial sector can learn and discuss issues related to making financial sector technology safe. (They also call Fred is a renowned guru of information technology – a very apt description!)

However, there is some competition: the Smart Card Centre is also fighting for the title when it comes to interacting with industry. The Centre has recently performed some consultancy for the Mobile Communications Industry in order to produce a paper entitled “Mobile Communication Security Controllers – An Evaluation Paper” which is receiving unsolicited critical acclaim in the industrial sector. The paper was written by Prof. Keith Mayes and Dr. Kostas Markantonakis, and reviewed by Prof. Fred Piper and Dr. Eimear Gallery.

Prof. Keith Mayes, recently awarded an IET fellowship, is also giving a lecture entitled “Smart Card Security from RFID to NFC” to the RFID Lab Finland. The lecture invitation came as a result of last year's visit of a Finnish RFID delegation to the Smart Card Centre.

In a slightly more academic setting, Prof. Chris Mitchell has been invited to give the plenary lecture for the Analysis of Security APIs Workshop – a workshop attached to the Computer Security Foundations (CSF) Symposium. Prof. Mitchell’s talk will be entitled “Towards Safer Security APIs” and delivered on the 26th June in Pittsburgh, USA.

So what can we conclude from all these efforts? Hopefully, you’ll be able to see that the ISG’s vision is to work in harmony with industry. The ISG is happy to talk to anyone about any industrial security topic or event. We have an active consultancy service, regularly attend industrial events and conferences, and can sometimes even be persuaded to take on research on its own merits. Perhaps we’re the right people to solve that burning information security problem in your back pocket? Will you ever know how we can work together unless you ask?