Skip to navigation Skip to content

Oxford University – Cyber Security Oxford


Creating of a safe, secure and prosperous cyberspace through internationally leading research and educational programmes


ACE Conference

We’re off to the ACE conference today: looking forward to seeing colleagues from across the country!

Ethics workshop @ Turing

We are hosting a workshop at the Alan Turing Institute on 24 May: “Towards Smarter Research Ethics in Data Science” (details here).

We are aiming to bring together people from academia, industry and major UK funding bodies (EPSRC, ESRC, Dstl, NCSC etc.) to talk about research ethics: not so much “what is ethical” but “what are the processes you have in place for making decisions about what research you will or will not do.”  Anecdotal evidence suggests most organisations are struggling to incorporate this into existing systems, so questions related to cyber security and data science are only being addressed piecemeal.  We’d like to see if maybe we could work together to develop something useful together.


First two chapters of CyBoK available

The first two Knowledge Areas are now available for public download and review!

These KAs will be open for public review for 4 weeks until Friday 25 May 2018.

Download the Cryptography KA here

Download the Software Security KA here.

Further KAs will be released over the coming months, so watch this space!

The Cyber Security Body of Knowledge aims to create a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector.  Our own Professor Andrew Martin is one of the project leaders.

Workshop: Cybersecurity and Internet Governance in perpetual motion

2 June 2017


Tony Hoare Room, Robert Hooke Building, Parks Road.


“Cybersecurity and Internet Governance in perpetual motion”


Cyber Security Oxford, in partnership with ICANN (the Internet Corporation for Assigned Names and Numbers), is pleased to invite you to a discussion around Cybersecurity and Internet Governance on Friday 2 June.


John Crain, Chief Security, Stability and Resiliency Officer for ICANN, the international body in charge of maintaining the Internet’s Domain Name System (DNS) will open the workshop with a short talk covering the latest developments and trends in the world of cybersecurity, and his perspective on the challenges ahead, both on the technical and on the policy sides.


He will be joined by other experts including Emily Taylor, co-chair of the global DNS Security & Stability Review, for a discussion and an exchange with the audience.


Expanding to wider considerations, ICANN’s Vice President Europe Jean-Jacques Sahel will kick off the second part of the workshop with a short talk on the latest evolutions in Internet Governance, from ICANN becoming independent from government oversight to the ongoing efforts to improve governance and accountability which are happening across the Internet ecosystem. He will be joined by the other key participants for a discussion of these issues with the audience.


Participants will be expected to join in actively in the discussion, so we look forward to seeing you!


Please register at


If you have any questions, please contact (academic content) or (logistics).


Novae and the University of Oxford’s white paper highlights deficiencies in cybersecurity controls

The white paper, entitled ‘The Relative Effectiveness of widely used Risk Controls and the Real Value of Compliance’, was launched at The Old Library, Lloyd’s of London, on 21 February.

The paper discusses the findings of the second phase of a collaborative research programme, sponsored and funded by Novae Group, which draws upon the expertise of academics at the University of Oxford both in the Department of Computer Science (Professor Sadie Creese, Professor Michael Goldsmith, Dr Ioannis Agrafiotis and Dr Jason R.C. Nurse) and at the Saïd Business School (Professor David Upton).

Professor Sadie Creese commented: “Instead of simply working to comply with standards, organisations must look carefully at the vulnerabilities inherent in the assets that they want to protect. Cyber-attackers are creative and aggressive. Both the changing threat and the attack-surface of an organization must be modelled in order to ensure that cyber-controls offer adequate protection from harm.”

Cyber Security Oxford Early Careers Researchers symposium

The 2nd Annual Cybersecurity Early Careers Researchers Symposium took place on 30 September 2016 at the Oxford e-Research Centre.

This event was organised by Cyber Security Oxford as an opportunity for Oxford students, RAs and Postdocs to showcase their work and make new connections: this year the event was expanded to include guests visiting from the University of Johannesburg and Columbia University. Submissions were encouraged from across the University and the range of talks spanned human-computer interaction, machine learning, authentication, security analytics, international relations, insurance, maths, law, medical research, sociology, and the University’s own IT systems.  The keynote speaker was Professor Basie von Solms, Director of the Centre for Cyber Security at the University of Johannesburg, who started with a barnstorming talk on research ethics.  Prizes were awarded to Grace Leung (Johannesburg: “Protecting Cybersecurity Machine Learning”), Laurie Pycroft (Nuffield Department of Surgical Sciences: “Brainjacking: Risks of Neurological Implants”), and Mike Davies (Computer Science: “Are we managing the risk of sharing Cyber Situational Awareness? A UK public sector case study”).


The programme and book of abstracts is available here; the book of abstracts from the 2015 event is available here.


Early Careers Researchers Symposium

The 2nd Annual Oxford University Cybersecurity Early Careers Researchers Symposium, organised by the Department of Computer Science, will take place on Friday 30 September 2016 at the Oxford e-Research Centre.

This event is conducted through Cyber Security Oxford and offers a perfect opportunity for University of Oxford students, RAs and Postdocs to showcase their work. Submissions are encouraged from a wide range of disciplines, including computer science, human-computer interaction, social science, psychology, law, geography, politics, mathematics, and virtually any other field imaginable. This relaxed and multidisciplinary event offers a perfect setting for meeting colleagues from other departments. An exciting keynote speaker has been booked, and a number of great prizes will be on offer during the day.

Streams will be split in four ways, giving everyone the chance to present ideas, regardless of their completeness. Participants can present 15-minute full presentations, 5-minute lightning talks, academic posters or live demos.

Submissions should take the form of simple 200-word micro-abstracts, uploaded to EasyChair by Friday 9th September.

Registration for the event closes on Monday 19th September, with no registration fee.

Ethical guidelines for research on networked systems

Many types of interesting research are being done on networked systems, but research ethics in this area can get complicated: how do you learn from data generated by humans without violating their privacy or compromising the value of the data – especially in projects where humans are not the direct subjects of the research but can accidentally be impacted?

New guidelines by Bendert Zevenbergen aim to underpin a meaningful cross-disciplinary conversation between gatekeepers of ethics standards and researchers about the ethical and social impact of technical Internet research projects – helping people think through their work, rather than being a mere box-ticking exercise.  Read all about it here:

Training: the Modern Information Society

The Cyber Studies Programme is holding its third training session on the Modern Information Society on April 22-24, 2016, at Tallinn University of Technology in Estonia. The theme of the three-day course will be: “The State and Citizens in the Cyber Age: Security, Diplomacy, and Public Policy”. While specifically designed for university students working in non-technical fields such as the political and social sciences, the course will also engage with a wider audience from both industry and government.  See for details.

​Dr Lucas Kello, Senior Lecturer in International Relations and Programme Director, serves as faculty chair of the training sessions. The Oxford teaching staff also includes Dr Ivan Martinovic from the Department of Computer Science and Jamie Collier, a DPhil candidate in Cyber Security.

See Ivan’s new Working Paper for the Cyber Studies Programme here.  Jamie has also been live-tweeting the event @jscollierCSR, #OxfordCyberAge.