Expectations are high that in the post-pandemic world there will be a significant increase in the number of mergers & acquisitions as companies that have survived the pandemic with cash buy up those companies that have struggled. However, there have been high profile examples of security breaches that have occurred after acquisitions. Too often the IT security team have not been involved in the Merger & Acquisition process; CISOs tell me they only hear about the acquisition when the public announcement is made, and they also tell me that they have had to divert scarce resources to deal with security breaches within weeks of acquisitions being concluded. In Q4 2019 the IBM Institute for Business Value surveyed 720 executives responsible for the M&A functions at acquirer organisations. More than one in three said they have experienced data breaches that can be attributed to M&A activity during integration. Almost one in five experienced such breaches post-integration. How can business leaders involve IT Security teams much earlier in the process, assess the security risk as part of the due diligence process and even build a budget to address the security risk into the deal?  Please join us on Friday 26th February for a mini-deep dive into how business leaders can unearth the hidden costs before they have to pay them.

With the rising tide of targeted attacks like WastedLocker, blocking malware payloads from common attack vectors is often not enough. Modern threats focus more and more on the use of legitimate tools or overwhelming obfuscation to thwart AV engines. A desperate attempt to detect such files has resulted in legitimate files now being flagged by over 20 engines on VirusTotal. Furthermore, attackers often hack into their targeted victims first, thereby preventing any normal detection mechanisms from ever coming into play. As threats continue to evolve, our research indicates it is likely that context will be an important part of the detection process. After all, data encryption and mining are legitimate activities. However, when carried out by a malicious actor, ransomware and crypto-miners become a potent threat. This has even caused legislators to consider restrictions on certain technologies like encryption, which is unlikely to be a productive approach. This is likely an extremely interesting area of academic research, as a deeply technical problem. We have found that using the context of the application's execution, with active dynamic analysis, to be extremely helpful in determining intent - a key factor that distinguishes malware from harmless, albeit difficult to analyse files. For instance, screenshots combined with data from window handles can tell us if an application is telling the user what it wants to do or attempting to do it silently. Such systems can be cloud-hosted or local, and with a bit of training, automated decision-making processes could be introduced that better understand the user's interaction with a suspicious application. While this does raise further privacy concerns and calls for responsible handling of user data by security applications, it could be the next inevitable step for anti-malware and anti-virus programs. We are striving to include such paradigms in our testing approach as well as tools like Mal X, that will hopefully help users proactively protect themselves against future zero-day attacks.   MS Teams Link

Data breaches are today one of the biggest threats to businesses. Globally, a data breach cost companies $3.86 million per incident. And the leading cause is stolen credentials. With so many remote workers outside of company walls, the world has seen a sharp rise in phishing and targeted attacks. Strong authentication has proven to be the most effective protection against these threats. But the evolution of strong authentication was a long journey around protocols, deployments and improvements. Join this webinar to understand the state of the authentication market, trends and opportunities.
Meeting Link (MS Teams)

Anjuli's research has so far assessed journalists’ understandings of and security behaviours relating to IoT threats, and compared them to the recommendations of cyber security experts. The study demonstrated that participants were largely unaware of how to protect their work and wellbeing from the intrusive capabilities of new IoT devices, such as smart doorbells, smart televisions, and smart lightbulbs. This talk will discuss these findings as well as her current research, which has included interviewing over 60 experts across her case study countries of the US, UK, Australia and Taiwan on relevant aspects of IoT threats to journalists.   MS Teams Link

Computer scientists and engineers regularly use models, constructs to help understand, communicate about and intervene in complex systems. What sort of model could help us to think about the vulnerabilities which arise from the complex relationships between technology, society and the environment? In this seminar we share an old Danish fairytale and draw out three lessons for the cyber community. In concluding, we argue that stories are a useful type of model for thinking about cyber-physical systems. MS Teams link here

The seminar will explore recent developments in the regulation of operational resilience and outsourcing in the UK finance sector to assess whether the proposed new framework will provide a hallmark for governing cyber-security internationally and across other industries. The reforms arise following high-profile IT failures in the finance sector, which resulted in Treasury Select Committee Inquiries and recommended reforms.  In light of these developments, the UK financial service regulators recently closed a consultation into proposed controls of operations and outsourcing in finance, which include changes that will reform standards for managing cyber-security.  The proposals are likely to form part of expected final policy statements to be announced later this year or during early 2021. The UK financial services regulators are leading in this area and the seminar will consider whether the proposals provide a benchmark for managing cyber-security risk across different sectors and globally. MS Teams Meeting Link (no log-in required) A draft slide deck for this seminar can be found here.

Software developers make pervasive use of third-party libraries to reduce costs and accelerate release cycles, at a risk to safety and security. In this talk, I will introduce a coarse-grained dynamic analysis framework, Lya, that targets such risk within the JavaScript library ecosystem. Lya interposes at library boundaries to allow concise analyses for extracting access information or enforcing invariants — e.g., identifying security vulnerabilities, highlighting performance bottlenecks, and applying corrective actions. Part of the talk will be given in the style of a hands-on tutorial, showcasing how to build and use Lya to enable further research on library-oriented security analysis and enforcement. Seminar Link (MS Teams)

Research about the determinants of the cybersecurity behaviours of students. Professor Bertrand Venard (Oxford Internet Institute) conducts a major research project at OII about cybersecurity behaviours. Through empirical research, this project seeks to understand the determinants of individual cyber security behaviours of students in France and the UK. Bertrand Venard will present the main findings of his most recent empirical research. Seminar Link

Professor Bertrand Venard (Oxford Internet Institute) is conducting a major research project at OII about cybersecurity behaviours. Through empirical research, this project seeks to understand the determinants of individual cyber security behaviours of students in France and the UK. Bertrand Venard will present the main findings of his most recent empirical research.