GDPR, Facebook, T-Mobile, Heartbleed, WannaCry, E-Payment Fraud, £650
million bank robbery: public and business appreciation of the dangers of
‘cyber’ security and privacy issues have increased massively in the last
few years. Changes in technology have made perimeter security
insufficient; developers and product management must now be involved,
requiring skills and knowledge not traditionally taught to cyber
security experts. This creates opportunities for research organisations
to contribute significantly to solutions; and a large demand from
industry for anything that can help. But how can we as researchers ride
this wave of demand?
Charles’ talk will provide a basis to consider this question. He’ll introduce the Magid project at Lancaster University: the building and testing of an intervention package to help development teams improve security. He’ll discuss three powerful research techniques not usual in software research; how they recruited a dozen different industry teams to trial the techniques; and some of the results they found.
Charles Weir is a Researcher at Security Lancaster, within Lancaster
University, UK. He is passionate about improving the security skills
of teams of professional software developers, and has contributed to
a dozen peer-reviewed publications in the three years since he
started academic research. Previously he set up the mobile
application development company, Penrillian, and ran it successfully
for 15 years, employing up to thirty people and with a total
turnover well over £20M. Charles also helped introduce
object-oriented and agile methods to the UK, and was technical lead
for the world’s first smartphone.
Host: Manuel Maarek