Brief biographical information
Professor of Cyber Security Practice, Edith Cowan University, Perth, Australia
[email protected]https://www.ecu.edu.au/schools/science/staff/profiles/associate-deans/dr-paul-haskell-dowland
Professor Paul Haskell-Dowland is the Professor of Cyber Security Practice and Associate Dean for Computing and Security in the School of Science at Edith Cowan University, Perth, Australia. Paul has delivered keynotes, invited presentations, workshops, professional development/training and seminars across the world for audiences including RSA Security, ITU and IEEE. He has appeared on local, national and international media (newspaper, radio and tv) commenting on current cyber issues with a global audience reach of more than three billion people. His contributions through articles published in The Conversation have reached over three million readers - joining the top-50 all-time authors in Australia/New Zealand (top-10 in 2021). Paul has more than 25 years of experience in cyber security research and education leadership in both the UK and Australia.
Paul is the Chair and the ACS/Australian Country Member Representative to the International Federation for Information Processing (IFIP) Technical Committee 11 (TC11 - Security and Privacy Protection in Information Processing Systems); secretary to IFIP Working Group 11.1 (Information Security Management); a member of the ACS Cyber Security Committee; a Senior Member of the IEEE and the ACS (Certified Professional); and, a Fellow of the Higher Education Academy, BCS and the Australian Information Security Association. He is the author of over 100 papers in refereed international journals and conference proceedings and edited 33 books/proceedings. Paul is a member of the editorial board for the Elsevier journal Computers and Security; and the editorial advisory board for the Heliyon journal, as well as being an active reviewer for ten journals.
Research interests
- Teaching and Learning Technologies
- Learner and Learning Analytics
- Security Education
- Child eSafety
- Network Monitoring
- Authentication Technologies
Education/qualifications
- 1998-2004 PhD, "User Authentication and Supervision in Networked Systems"
- 2000-2001 Postgraduate Certificate of Learning and Teaching in Higher Education (LTHE)
- 1994-1998 B.Sc. (Hons) Computing and Informatics (1st Class)
Professional memberships
- Professional member of the Association for Computing Machinery (ACM), January 2022
- FAISA Fellow of the Australian Information Security Association, April 2021
- MAISA Member of the Australian Information Security Association, September 2019
- Senior Member of the ACS - Certified Professional MACS (Snr) CP and IP3P, December 2016
- SMIEEE (Senior Member of the IEEE), April 2016
- Member of the Council of Professors and Heads of Computing (CPHC), September 2015
- MIEEE (Member of the IEEE), August 2015
- Fellow of the Higher Education Academy (FHEA), 2013
- FBCS (Fellow of British Computer Society), September 2010
- MBCS (Member of British Computer Society), April 2004
External appointments
- Australian Research Council, Linkage Infrastructure, Equipment and Facilities , 2024 (on-going)
- Australian Research Council, Future Fellowships Reviewer, 2022 (on-going)
- Australian Research Council, Discovery Reviewer, 2019 (on-going)
- Australian Research Council, Linkage Project Reviewer, 2019 (on-going)
- Australian Research Council, DECRA Reviewer, 2019 (on-going)
- ACS Cybersecurity committee member, 2018 (on-going)
- Australian (ACS) national representative to IFIP Technical Committee on Security and Privacy Protection in Information Processing Systems (TC11), 2018 (on-going)
- Chair of the IFIP Technical Committee on Security and Privacy Protection in Information Processing Systems (TC11), 2022-2025
- Industry Advisory Group (North Metropolitan TAFE) representative, 2018 (on-going)
- Member of the IFIP TC 11 Working Group 11.12 on Human Aspects of Information Security and Assurance, 2010 (on-going)
- Secretary & Webmaster, IFIP TC11 Working Group 11.1 on Information Security Management, 2004 (on-going)
- Australian Research Council, General Assessor and Selection Advisory Committee panel member for Industrial Transformation Research Program (Research Hubs and Training Centres) (2018, 2019)
- Working Group Coordinator, IFIP TC11, 2017-2022
- Reviewer for National Research Foundation (NRF), South Africa
- External examiner, MSc Information Technology and MSc Software Development at the University of Glasgow, January 2014 - December 2016
- Branch Committee Member & Webmaster, BCS South West, April 2004-2016
- External examiner, Information Technology, Information Technology with Management, Information Technology with Economics, Business Information Technology awards at the University of Reading, October 2007 - September 2011
- Programme validation event - external panel member, MSc Computer Networking, NEWI, May 2007
- External examiner, MSc Computing, Computer Science, Forensic Computing, Distance Learning, Multimedia and Web Multimedia awards at the University of Stafford, January 2007 - December 2011
- SAHFOS Honorary Fellow in recognition of work to develop the WinCPR, North Sea Plankton Database, April 2005 (renewed 2015)
- Programme validation event - external panel member, University of Portsmouth, May 2005
- Programme validation event - external panel member, University of Greenwich at Medway, March 2005
Awards
- 'Most prolific author from ECU for The Conversation in 2023', 2023
- Best Expert Commentary – ECU Media Awards, Highly Commended, 2023
- Most Widely Read Story by an ECU Researcher – ECU Media Awards, Highly Commended, 2023
- Honour Award for Outstanding Contributions to the Media in 2022
- 'Most prolific author from ECU for The Conversation in 2022', 2022
- Outstanding Research Communication, ECU Vice-Chancellor's Staff Award 2022
- Business Events Perth's 2022 Aspire Award
- INCS-CoE Community Expert, 2022
- IEEE Technical Committe on Homeland Security, Research and Innovation Award, 2022
- 'Most prolific author from ECU for The Conversation in 2021', 2021
- 'Most prolific author from ECU for The Conversation in 2020', 2020
- 'Cyber Security Educator of the Year', WA Cyber Awards (school nomination), 2019
- 'Most widely read article by an ECU researcher in The Conversation', 2019
- IFIP Silver Core recipient, 2010
Grants and other income
- Sharing Cybersercurity Research Data SCReeD, Cyber Security Research Centre Ltd, Grant, 2022 - 2024, AUD $100,000
- Augmenting Cyber Defence Capability (ACDC), Cyber Security Research Centre Ltd, Grant, 2022 - 2024, AUD $885,000
- Cyber training – Incident Analyst, Department of Defence, 2022-2023, AUD $1,945,356
- Semantic modelling of Digital Twins for Cyber Security Defence Automation, Commonwealth Scientific and Industrial Research Organisation (CSIRO), 2021 - 2024, AUD $150,000
- Cyber training – Incident Analyst, Department of Defence, 2021-2022, AUD $1,884,774
- In-Circuit Forensic Analysis of IoT Memory Modules, Cyber Security Research Centre Ltd, Cyber Security Research Centre PhD Scholarship, 2020 - 2023, AUD $180,000
- Data – Increased cybersecurity risk from working at home, Department of Jobs, Tourism, Science and Innovation, Covid-19 Research Fund, 2020 - 2022, AUD $135,554
- Heterogeneous Anomaly Detection from Network Traffic Streams using Data Summarization, Cyber Security Research Centre Ltd, Cyber Security Research Centre Masters Scholarship, 2020 - 2022, AUD $120,000
- Co-ordinated as CRC Theme Lead
- Postdoc funding theme 2.4 - #1, Cyber Security Research Centre Ltd, Cyber Security Research Centre PostDoc Scholarship, 2019-2022, AUD $501,150
- Postdoc funding theme 2.4 - #2, Cyber Security Research Centre Ltd, Cyber Security Research Centre PostDoc Scholarship, 2019-2022, AUD $500,765
- Honeypot Deployment Architecture, Cyber Security Research Centre Ltd, Cyber Security Research Centre MBR Scholarship, 2019-2021, AUD $130,000
- The lived experience of hacking victims: Implications for support and prevention, Cyber Security Research Centre Ltd, Cyber Security Research Centre Honours Scholarship, 2019, AUD $35,000
- Measuring and Mitigating Vigilance Decrement in Cyber Network Defence Tasks, Cyber Security Research Centre Ltd, Cyber Security Research Centre PhD Scholarship, 2019 - 2022, AUD $225,000
- IoT Testbed, 2018. AUD $20,000. Co-Investigator. The proposed IoT testbed will enable the School of Science to establish an IoT based infrastructure with various sensors, connected to a virtualised platform that would enable researchers and lecturers to simulate various use-cases and scenarios, taking into consideration the dynamic cyber threat landscape within the IoT space.
- Innovation and Entrepreneurship in the Digital Economy, 2017, AUD $20,300, Co-Investigator. This project investigates the digital economy through the lens of innovation and entrepreneurship. It also activates local and regional partnerships to support this research and initiate research knowledge translation. It proposes a collaborative Industry/University workshop and research project with data gathering about innovative small and micro-businesses in the digital economy. It brings together ECU experts across the Schools of Business and Law and, Science, together with industry professionals from entrepreneurship, economic development, financial and technology fields.
- Academic Centre of Cyber Security Excellence, Department of Education and Training, 2017-2021, AUD $950,288
- Intelligent Building Security: An investigation into Vulnerabilities, Current Practice and Security Management Best Practice, March 2017 - June 2018, AUD $79,339, Co-Investigator. The research will develop an evidence based framework of IB vulnerabilities, resulting in guidelines to educate and inform the security professional.
- Increasing low SES female participation in computer and security science, Edith Cowan University (Perth, Australia), March 2017 to December 2017, AUD $66,402.40, Co-Lead. This initiative aims to improve: pre-tertiary low SES, and Indigenous, female student understanding of, and aspirations for, Higher Education in the computer and security disciplines. Furthermore, the project is intended to extend secondary teachers (career counsellors) understanding of careers in Computing & Security Science.
- KTP Associate Project (Essential 6, Paignton), 2015-2017, funded by the Department of Trade and Industry (DTI) £109,633
- Superfast Network Monitoring Project (Cornwall Development Company), 2013-2015, £48,048
- Network Monitoring Proof of Concept Project (partners not disclosed), 2012-2015 ~£15,000
- e-Invigilator (Teaching Fellowship), 2012-2013
- KTP Associate Project (Westland Geo Projects, Bude), 2008-2010, funded by the Department of Trade and Industry (DTI), £109,633
- Online Peer Assessment (Teaching Fellowship), 2008-2009
- End Point Compliance. Symantec.2007: £7,000
- KTP Associate Project (Corpdata, Exeter), 2004-2006, funded by the Department of Trade and Industry (DTI), £99,044
- A CD and web-based gridded database and browser for North Atlantic plankton, 2004-2006, funded by the NERC, £49,349
- Biometric Terminal - Phase 2, Orange, 2004
- Security Technology in a Virtual University (Virtusec), 2003-2005, funded by the British Council in Collaboration with Darmstadt University of Applied Science, £4,000
- PC Integrity Testing. Plymouth Trading Standards. 2003-2004: £1,250
- Biometric Terminal - Phase 1, Orange, 2003
- TCS Associate Project (John Nicholls Builders, Goonhavern), 2002-2004, funded by the Department of Trade and Industry (DTI), project value: £97,653
- WinCPR Software Development. SAHFOS. 2002: £4,000
- TCS Associate Project (Intasoft Limited, Exeter), 2001-2003, funded by the Department of Trade and Industry (DTI), project value: £88,733
- Cybersign, Orange, 1999
- Tools for On-Line Distance Learning, 1997-1999
- HGML Phase 1, Orange, 1997-1998
Journal papers
Examination of Traditional Botnet Detection on IoT-Based Bots | |
Energy-Efficient Covert Wireless Communication Through Probabilistic Jamming | |
Establishment and mapping of heterogeneous anomalies in network intrusion datasets | |
Biometric Security: A Novel Ear Recognition Approach Using a 3D Morphable Ear Model | |
Anomaly Detection in Cybersecurity Datasets via Cooperative Co-evolution-based Feature Selection | |
ECU-IoHT: A dataset for analyzing cyberattacks in Internet of Health Things | |
An Energy-Efficient and Secure Data Inference Framework for Internet of Health Things: A Pilot Study | |
Cooperative co‑evolution for feature selection in Big Data with random feature grouping | |
No Soldiers Left Behind: An IoT-based Low-Power Military Mobile Health System Design | |
A Novel Penalty-Based Wrapper Objective Function for Feature Selection in Big Data using Cooperative Co-Evolution | |
Intelligent Building Systems: Security and Facility Professionals' Understanding of System Threats, Vulnerabilities and Mitigation Practice | |
Behavioral Profiling for Transparent Verification in Cloud Storage Services | |
A Survey of Distributed Certificate Authorities in MANETs | |
A toolkit approach to information security awareness and education | |
The impact of security and its antecedents in behaviour intention of using e-government services | |
Literature Studies on Security Warnings Development | |
A Comprehensive Evaluation of Feature Selection for Gait Recognition Using Smartwatches | |
Graphical One-Time Password (GOTPass): A usability evaluation | |
Adaptive Behavioral Profiling for Identity Verification in Cloud Computing: A Model and Preliminary Analysis | |
Secure Graphical One Time Password (GOTPass): An Empirical Study | |
Security Factors Influencing End Users' Adoption of E-Government | |
Investigating the Viability of Multifactor Graphical Passwords for User Authentication | |
Active authentication for mobile devices utilising behaviour profiling | |
Misuse Detection for Mobile Devices Using Behaviour Profiling | |
Massively Multi-Player Online Role Playing Games: What’s the Risk? | |
Online Addiction: A Cultural Comparison of Privacy Risks in Online Gaming Environments | |
Assessing image-based authentication techniques in a web-based environment | |
An automated framework for managing security vulnerabilities | |
A long-term trial of alternative user authentication technologies | |
A prototype tool for information security awareness and training | |
An experimental comparison of secret-based user authentication | |
Security analysers: Administrator Assistants or Hacker Helpers? | |
Authentication and Supervision: A survey of user attitudes | |
A conceptual architecture for real-time intrusion monitoring | |
Computer Crime and Abuse: A Survey of Public Attitudes and Awareness | |
Dissecting the 'Hacker Manifesto' |
36 Journal papers
Conference papers
On Relaying Strategies in Multi-Hop Covert Wireless Communications | |
Towards Evaluating the Effectiveness of Botnet Detection Techniques | |
IoT Threat Detection Advances, Challenges and Future Directions | |
Building a Better Micro:Bit IDE – Teaching Computer Science | |
The Hop Portal Snowglobe Architecture: Making Virtual Reality Functional | |
Good guidance or mistaken misdirection: Assessing the quality of password advice | |
Hybrid Routing for Man-in-the-Middle (MITM) Attack Detection in IoT Networks | |
Addressing STEM Geek Culture Through Peer Learning | |
From Model B To Micro:Bit – Teaching Computer Science | |
Design Principles and Guidelines for Targeted Security Awareness | |
Misuse Detection in a Simulated IaaS Environment | |
Continuous identity verification in cloud storage services using behavioural profiling | |
Transparent Authentication: Utilising Heart Rate for User Authentication | |
Body Temperature Authentication for Secure Smartwatch to Smart Device Communication | |
Unobtrusive Gait Recognition Using Smartwatches | |
Towards Targeted Security Awareness Raising | |
Activity Recognition using wearable computing | |
Increasing eLearning Engagement Using Mobile Technologies | |
The Value of the Biometrics in Invigilated E-Assessments | |
A Review of Graphical Authentication Utilising a Keypad Input Method | |
E-Invigilation of E-Assessments | |
Nonvisual Presentation, Navigation and Manipulation of Structured Documents on Mobile and Wearable Devices | |
Security challenges of e-government adoption based on end users' perspective | |
Alternative Graphical Authentication for Online Banking Environments | |
Connected In-Car Multimedia: Qualities Affecting Composability of Dynamic Functionality | |
Nonvisual Presentation and Navigation within the Structure of Digital Text-Documents on Mobile Devices | |
Learning management systems in higher education: a faculty perspective | |
E-Invigilator: A Biometric-Based Supervision System for e-Assessments | |
Learning management systems in higher education: a student perspective | |
Assessing the usability of application level security warnings | |
Teleoperation of mobile robots over wireless internet | |
Survey: improving document accessibility from the blind and visually impaired user's point of view | |
Multifactor Graphical Passwords: An Assessment of End-User Performance | |
Quantifying the effect of graphical password guidelines for better security | |
Resource Management for Multicore Aware Software Architectures of In-Car Multimedia Systems | |
Emerging risks in massively multiplayer online role playing games | |
Behaviour Profiling for Transparent Authentication for Mobile Devices | |
End-User Perception and Usability of Information Security | |
Online Addiction: Privacy Risks in Online Gaming Environments | |
Behaviour Profiling on Mobile Devices | |
Implications and Risks of MMORPG Addiction: Motivations, Emotional Investment, Problematic Usage and Personal Privacy | |
A Critical Evaluation of an Online Peer Assessment System (OPAS) | |
Evaluating Web-Based User Authentication using Graphical Techniques | |
An Assessment of People’s Vulnerabilities in Relation to Personal and Sensitive Data | |
Service-Oriented Architecture: Performance Issues and Approaches | |
A practical usability evaluation of security features in end-user applications | |
Considering the Usability of End-User Security Software | |
Using Human Computer Interaction principles to promote usable security | |
Identifying the security requirements for virtual university environments | |
Survey of Wireless Access Point Security | |
PassImages : an alternative method of user authentication | |
A Long-term Trial of Keystroke Profiling using Digraph, Trigraph and Keyword Latencies | |
A Correlation Framework for Continuous User Authentication Using Data Mining | |
Improving Security Awareness And Training Through Computer-Based Training | |
Assessing IT Security Culture: System Administrator and End-User | |
Critical awareness ? The problem of monitoring security vulnerabilities | |
Keystroke Analysis as a Method of Advanced User Authentication and | |
A Preliminary Investigation of User Authentication Using Continuous Keystroke Analysis | |
Investigating and Evaluating Behavioural Profiling and Intrusion Detection Using Data Mining | |
A Generic Taxonomy for Intrusion Specification and Response | |
Promoting security awareness and training within small organisations | |
A conceptual intrusion monitoring architecture and thoughts on practical implementation | |
Enhancing Operating System Authentication Techniques | |
Developing tools to support online distance learning |
64 Conference papers
Books
E-mail Security: A Pocket Guide |
1 Books
Edited books
Cybersecurity Teaching in Higher Education | |
Cybersecurity for Smart Cities | |
Next-Generation Enterprise Security and Governance | |
Secure Edge Computing: Applications, Techniques and Challenges | |
Advances in Communications, Electronics, Networks, Robotics and Security Volume 13 | |
Proceedings of the Eleventh International Network Conference (INC 2016) | |
Advances in Communications, Computing, Electronics, Networks, Robotics and Security Volume 12 | |
Advances in Communications, Computing, Networks and Security Volume 11 | |
Proceedings of the Tenth International Network Conference (INC 2014) | |
Advances in Communications, Computing, Networks and Security Volume 10 | |
Proceedings of the Ninth International Network Conference (INC 2012) | |
Advances in Communications, Computing, Networks and Security Volume 9 | |
Advances in Communications, Computing, Networks and Security Volume 8 | |
Proceedings of the Seventh Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2011) | |
Advances in Communications, Computing, Networks and Security Volume 7 | |
Proceedings of the Sixth Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2010) | |
Proceedings of the Eighth International Network Conference (INC 2010) | |
Advances in Communications, Computing, Networks and Security 6 | |
Proceedings of the Fifth Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2009) | |
Proceedings of the 11th IFIP TC 11.1 Working Conference on Information Security Management | |
Advances in Communications, Computing, Networks and Security 5 | |
Proceedings of the Fourth Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2008) | |
Proceedings of the 7th International Network Conference (INC 2008) | |
Advances in Networks, Computing and Communications 4 | |
Proceedings of the Third Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2007) | |
Advances in Networks, Computing and Communications 3 | |
Proceedings of the 6th International Network Conference (INC 2006) | |
Security Management, Integrity, and Internal Control in Information Systems | |
Advances in Network and Communications Engineering 2 | |
Proceedings of the 5th International Network Conference (INC 2005) | |
Proceedings of the 4th International Network Conference (INC 2004) | |
Proceedings of the 8th Annual Scientific Conference (Euromedia 2003) | |
Proceedings of the 3rd International Network Conference (INC 2002) |
33 Edited books
Contributions to edited books
Information Security and Privacy – Challenges and Outlook | |
User Authentication Technologies | |
Security Concepts, Services, and Threats |
3 Contributions to edited books
Posters
3D Facial Recognition and Eye Tracking | |
E-invigilation of E-Assessments | |
Enhancing Intrusion Response in Networked System | |
Non-Intrusive Subscriber Authentication for 3G Mopbile System | |
Advanced Authentication and Intrusion Detection Technologies |
5 Posters
Internal publications
Firewall Rulebase Analysis Tool | |
Evaluation of Current E-Safety Software | |
Operational Business Intelligence – A Key to Just-in-Time Decision Making (JDM) | |
System Design for Embedded Automotive Systems | |
An Approach for Structuring Heterogeneous Automotive Software Systems by use of Multicore Architectures | |
Web-Based Plankton Data Visualisation | |
Implementation of the Least Privilege Principle on Windows XP, Windows Vista and Linux | |
An Assessment of People's Vulnerabilities in Relation to Personal and Sensitive Data | |
CentOS Linux 5.2 and Apache 2.2 vs. Microsoft Windows Web Server 2008 and IIS 7.0 when Serving Static and PHP Content | |
Network Security, Guidelines to Build a Security Perimeter for SMEs | |
A SOA Middleware for High-Performance Communication | |
Online Gaming: An Emerging Avenue for Exploitation? | |
Investigating Options of Securing Web Application | |
Investigating, Implementing and Evaluating Client-Side Keystroke Analysis User Authentication for Web Sites | |
Implementing a Visual Network Management Console | |
A Survey of User Opinions and Preference Towards Graphical Authentication | |
Web-based Plankton Data Visualisation | |
Information Security Awareness & Training | |
A guide for small and medium enterprise of implementing security and firewall system | |
VoIP Security Threats and Vulnerabilities | |
The Art of Network Monitoring | |
Implementing Network Monitoring Tools | |
Social Engineering: A growing threat, with diverging directions | |
Security and Risk Analysis of VoIP Networks | |
Implementing a network operations centre management console: Netmates | |
Design of an Architecture for Wireless Community Networks | |
Approaches to Establishing IT Security Culture | |
Passimages : An Alternative Method of User Authentication | |
Security Analysis Tools - Do They Make Any Difference? |
29 Internal publications
Other publications
Data centres are guzzling up too much electricity. Can we make them more efficient? | |
We still don’t know the extent of the MediSecure breach, but watch out for these potential scams | |
Australia will trial ‘age assurance’ tech to bar children from online porn. What is it and will it work? | |
How risky is it to give card details over the phone and how do I reduce the chance of fraud? | |
What is LockBit, the cybercrime gang hacking some of the world’s largest organisations? | |
Has the cyberattack on DP World put Australia’s trade at risk? Probably not … this time | |
Optus blackout explained: what is a ‘deep network’ outage and what may have caused it? | |
Most data lives in the cloud. What if it lived under the sea? | |
Meta just copped a A$1.9bn fine for keeping EU data in the US. But why should users care where data are stored? | |
A cancer centre is the latest victim of cyber attacks. Why health data hacks keep happening | |
Google and Microsoft are bringing AI to Word, Excel, Gmail and more. It could boost productivity for us – and cybercriminals | |
Big Tech is firing employees by the thousands. Why? And how worried should we be? | |
Why Alexa is not your friend | |
Medibank won’t pay hackers ransom. Is it the right choice? | |
Apple’s PassKeys update could make traditional passwords obsolete | |
iRobot’s Roomba will soon be owned by Amazon, which raises privacy questions | |
Today’s Google outage was brief but disconcerting | |
Amazon just took over a primary healthcare company for a lot of money. Should we be worried? | |
5 big trends in Australians getting scammed | |
The iPhone turns 15: a look at the past (and future) of one of the 21st century’s most influential devices | |
Goodbye Internet Explorer. You won’t be missed (but your legacy will be remembered) | |
Budget 2022: $9.9 billion towards cyber security aims to make Australia a key ‘offensive’ cyber player | |
Is Russia really about to cut itself off from the internet? And what can we expect if it does? | |
The hacker group Anonymous has waged a cyber war against Russia. How effective could they actually be? | |
As Russia wages cyber war against Ukraine, here’s how Australia (and the rest of the world) could suffer collateral damage | |
This New Year, why not resolve to ditch your dodgy old passwords? | |
500,000 or 20,000? How to estimate the size of a political rally properly | |
Facebook wants AI to find your keys and understand your conversations | |
Being bombarded with delivery and post office text scams? Here’s why — and what can be done | |
‘What is my IP address?’ Explaining one of the world’s most Googled questions | |
Is Google getting worse? Increased advertising and algorithm changes may make it harder to find what you’re looking for | |
How does the Pegasus spyware work, and is my phone at risk? | |
Is Australia a sitting duck for ransomware attacks? Yes, and the danger has been growing for 30 years | |
Holding the world to ransom: the top 5 most dangerous criminal organisations online right now | |
Cyber Cold War? The US and Russia talk tough, but only diplomacy will ease the threat | |
‘We have filed a case under your name’: beware of tax scams — they’ll be everywhere this EOFY | |
How rain, wind, heat and other heavy weather can affect your internet connection | |
Fastly global internet outage: why did so many sites go down — and what is a CDN, anyway? | |
What is ‘Other’ in my iPhone storage, why is it taking up so much space and how do I clear it? | |
Remember, Apple AirTags and ‘Find My’ app only work because of a vast, largely covert tracking network | |
Apple’s new ‘app tracking transparency’ has angered Facebook. How does it work, what’s all the fuss about, and should you use it? | |
Facebook data breach: what happened and why it’s hard to know if your data was leaked | |
Holding the news to ransom? What we know so far about the Channel 9 cyber attack | |
How to encourage cyber-safe behaviour at work without becoming the office grouch | |
The Christmas gifts that keep giving (your data away) — and how to prevent this | |
Australian hospitals are under constant cyber attack. The consequences could be deadly | |
Robot take the wheel: Waymo has launched a self-driving taxi service | |
Airports, ATMs, hospitals: Microsoft Windows XP leak would be less of an issue, if so many didn’t use it | |
Trump’s TikTok deal explained: who is Oracle? Why Walmart? And what does it mean for our data? | |
A computer can guess more than 100,000,000,000 passwords per second. Still think yours is secure? | |
A storm in a TikTok | |
Face masks and facial recognition will both be common in the future. How will they co-exist? | |
Microsoft's takeover would be a win for TikTok and tech giants – not users | |
China could be using TikTok to spy on Australians, but banning it isn’t a simple fix | |
How safe is COVIDSafe? What you should know about the app's issues, and Bluetooth-related risks | |
ANU will invigilate exams using remote software, and many students are unhappy | |
Cyber threats at home: how to keep kids safe while they’re learning online | |
Crashing the party: beware the cyber risks of virtual meet-up apps like Houseparty | |
How to boost your internet speed when everyone is working from home | |
Restricting underage access to porn and gambling sites: a good idea, but technically tricky | |
Don't die wondering: apps may soon be able to predict your life expectancy, but do you want to know? | |
Aerial threat: why drone hacking could be bad news for the military | |
PayID data breaches show Australia’s banks need to be more vigilant to hacking | |
Apple iPhones could have been hacked for years – here’s what to do about it | |
Three ways the "NotPetya" cyberattack is more complex than WannaCry | |
Using student analytics to improve the student experience and underpin success at university | |
Adapting to analytics | |
Collecting data on students: is it useful to know which books they've read? |
68 Other publications
239 publication(s) - all categories.
Recent articles from "The Conversation"
Read more of my articles at The Conversation.
- Data centres are guzzling up too much electricity. Can we make them more efficient?Paul Haskell-Dowland, Edith Cowan University and Bogdan Ghita, University of Plymouth, July 29, 2024Between AI and bingeing TV shows, we’re using more data than ever – and data centres are power hungry. Thankfully, there are some ways to optimise their power usage. View on website
- We still don’t know the extent of the MediSecure breach, but watch out for these potential scamsPaul Haskell-Dowland, Edith Cowan University, May 21, 2024A data breach has affected the digital prescription company MediSecure. While investigations continue, cyber criminals will likely use this event for new scam campaigns. View on website
- Australia will trial ‘age assurance’ tech to bar children from online porn. What is it and will it work?Paul Haskell-Dowland, Edith Cowan University, May 2, 2024The Australian government will test tools to shield kids from inappropriate material online. Even though there’s no one easy fix, these checks could help. View on website
- How risky is it to give card details over the phone and how do I reduce the chance of fraud?Paul Haskell-Dowland, Edith Cowan University and Ismini Vasileiou, De Montfort University, November 23, 2023It’s legal for a merchant to get your card details over the phone – but it can still be risky. Here’s what you need to know to stay safe. View on website
- What is LockBit, the cybercrime gang hacking some of the world’s largest organisations?Jennifer Medbury, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, November 17, 2023Prolific and highly profitable, LockBit provides ransomware as a service. Aspiring cybercriminals sign up to the scheme, and the group takes a cut. Here’s how it works. View on website
- Has the cyberattack on DP World put Australia’s trade at risk? Probably not … this timeFlavio Macau, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, November 13, 2023A cyberattack on one of Australia’s biggest port operators has highlighted the potential vulnerability of the global economy. View on website
- Optus blackout explained: what is a ‘deep network’ outage and what may have caused it?Paul Haskell-Dowland, Edith Cowan University; Mark A Gregory, RMIT University, and Mohiuddin Ahmed, Edith Cowan University, November 8, 2023Optus suffered one of the largest telecommunications outages in Australian history today. Here are the factors that can cause such events. View on website
- Most data lives in the cloud. What if it lived under the sea?Paul Haskell-Dowland, Edith Cowan University and Kathryn McMahon, Edith Cowan University, October 27, 2023Could the data centres that power the internet be moved to the bottom of the ocean? It’s not as crazy as it sounds View on website
- Meta just copped a A$1.9bn fine for keeping EU data in the US. But why should users care where data are stored?Paul Haskell-Dowland, Edith Cowan University, May 24, 2023Meta now faces some A$4 billion in fines related to breaches of the European Union’s General Data Protection Regulations. View on website
- A cancer centre is the latest victim of cyber attacks. Why health data hacks keep happeningMohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, May 8, 2023While some cyber criminals have previously avoided schools and health-care organisations, it seems these are now fair game. View on website
- Google and Microsoft are bringing AI to Word, Excel, Gmail and more. It could boost productivity for us – and cybercriminalsMohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, March 21, 2023The new tools are expected to free up space for workers by helping out with tedious and repetitive task. Here’s how it will work. View on website
- Big Tech is firing employees by the thousands. Why? And how worried should we be?Nathalie Collins, Edith Cowan University; Jeff Volkheimer, Duke University, and Paul Haskell-Dowland, Edith Cowan University , January 25, 2023The numbers are less concerning when viewed in the bigger picture. View on website
- Medibank won’t pay hackers ransom. Is it the right choice?Mohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, November 8, 2022A well-known cybercrime group has threatened to release the data should the ransom not be paid. View on website
- Apple’s PassKeys update could make traditional passwords obsoletePaul Haskell-Dowland, Edith Cowan University and Steven Furnell, University of Nottingham, September 12, 2022The advice for years has been to use password managers. But even these don’t completely eliminate the risk of being compromised. View on website
- iRobot’s Roomba will soon be owned by Amazon, which raises privacy questionsPaul Haskell-Dowland, Edith Cowan University, August 9, 2022In the development of ever smarter homes, Amazon could soon have access to the maps of our houses created and stored by Roomba vacuums. View on website
- Today’s Google outage was brief but disconcertingPaul Haskell-Dowland, Edith Cowan University, August 9, 2022Google’s brief disappearance from the internet felt, for many, like an almost-apocalyptic moment View on website
- Amazon just took over a primary healthcare company for a lot of money. Should we be worried?Mohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, July 27, 2022One Medical provides primary healthcare services to people across the US. View on website
- 5 big trends in Australians getting scammedPaul Haskell-Dowland, Edith Cowan University, July 7, 2022Scam techniques that rely on human nature are increasingly being executed via technology. Here are five that recorded big increases in 2021. View on website
- The iPhone turns 15: a look at the past (and future) of one of the 21st century’s most influential devicesIsmini Vasileiou, De Montfort University and Paul Haskell-Dowland, Edith Cowan University , June 29, 2022Despite its ‘innovator’ status, Apple usually wasn’t the first one to offer groundbreaking new features. But it knew how to adopt existing features in groundbreaking ways. View on website
Goodbye Internet Explorer. You won’t be missed (but your legacy will be remembered)Mohiuddin Ahmed, Edith Cowan University; M Imran Malik, Edith Cowan University, and Paul Haskell-Dowland, Edith Cowan University, June 16, 2022Explorer came at the dawn of the public internet. For millions of people, it will always be their first experience of the World Wide Web. View on website- Budget 2022: $9.9 billion towards cyber security aims to make Australia a key ‘offensive’ cyber playerPaul Haskell-Dowland, Edith Cowan University, March 30, 2022The funds are allocated across a ten-year period, with most of the money redirected from defence spending. View on website
- Is Russia really about to cut itself off from the internet? And what can we expect if it does?Mohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, March 10, 2022The Kremlin is pushing for a quick migration of all Russian websites and services to be hosted within the country. It could be the first stage of a larger disconnection. View on website
- The hacker group Anonymous has waged a cyber war against Russia. How effective could they actually be?Jennifer Medbury, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, March 1, 2022There’s an alleged global network of cyber activists operating under the Anonymous name. Knowing who is responsible for what will become increasingly difficult as more cyber attacks happen. View on website
- As Russia wages cyber war against Ukraine, here’s how Australia (and the rest of the world) could suffer collateral damagePaul Haskell-Dowland, Edith Cowan University, February 25, 2022These days sophisticated malware can spread like wildfire, thanks to transnational businesses and organisations providing bridges across countries. View on website
- This New Year, why not resolve to ditch your dodgy old passwords?Paul Haskell-Dowland, Edith Cowan University and Lorrie Cranor, Carnegie Mellon University, January 3, 2022Start 2022 by improving your password hygiene. Ideally you can use a password manager, but at the very least make sure your financial, social and work accounts each has their own strong, unique login. View on website
- 500,000 or 20,000? How to estimate the size of a political rally properlyJumana Abu-Khalaf, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, December 1, 2021Image recognition algorithms, military satellites, and mobile data networks can all help estimate crowd sizes. But the underlying maths still comes down to a basic formula: density multiplied by area. View on website
- Facebook wants AI to find your keys and understand your conversationsJumana Abu-Khalaf, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, October 21, 2021Facebook’s Ego4D project will help computers see the world from your point of view - for better or worse. View on website
- Being bombarded with delivery and post office text scams? Here’s why — and what can be doneIsmini Vasileiou, De Montfort University and Paul Haskell-Dowland, Edith Cowan University, September 22, 2021Australians are being bombarded with ‘missed parcel’ SMS messages that aren’t as they seem… View on website
- ‘What is my IP address?’ Explaining one of the world’s most Googled questionsPaul Haskell-Dowland, Edith Cowan University and Bogdan Ghita, University of Plymouth, September 15, 2021IP addresses serve a similar function to postal addresses. Postal addresses allow our mail to circulate, while IP addresses allow network traffic to move around the internet. View on website
- Is Google getting worse? Increased advertising and algorithm changes may make it harder to find what you’re looking forMohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, September 1, 2021More advertising and “smarter” search algorithms are changing how Googling works. View on website
- How does the Pegasus spyware work, and is my phone at risk?Paul Haskell-Dowland, Edith Cowan University and Roberto Musotto, Edith Cowan University, July 21, 2021It's reported the Pegasus spyware can capture a user's keystrokes, intercept communications, track their device and tap into their camera and microphone. View on website
- Is Australia a sitting duck for ransomware attacks? Yes, and the danger has been growing for 30 yearsPaul Haskell-Dowland, Edith Cowan University and Andrew Woodward, Edith Cowan University, July 14, 2021The first ransomware attack, in 1988, was a crude effort involving virus-laden floppy disks. But in the decades since, the sophistication of malware, and the money reaped by criminals, has skyrocketed. View on website
- Holding the world to ransom: the top 5 most dangerous criminal organisations online right nowRoberto Musotto, Edith Cowan University; Brianna O'Shea, Edith Cowan University, and Paul Haskell-Dowland, Edith Cowan University, July 7, 2021The recent attack on software supplier Kaseya has been labelled as the biggest global ransomware attack on record. View on website
- Cyber Cold War? The US and Russia talk tough, but only diplomacy will ease the threatAhmed Ibrahim, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, June 25, 2021At this month's summit, US President Joe Biden warned his counterpart Vladimir Putin of reprisals against 'persistent malicious cyber-attacks'. But it will take more than posturing to end the stand-off. View on website
- ‘We have filed a case under your name’: beware of tax scams — they’ll be everywhere this EOFYPaul Haskell-Dowland, Edith Cowan University and Nathalie Collins, Edith Cowan University, June 18, 2021As winter draws in, Australians don't just have to prepare for tax time — they must also be on the watch for scams. View on website
- How rain, wind, heat and other heavy weather can affect your internet connectionJames Jin Kang, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, June 10, 2021When the weather gets wild, your internet connection can suffer. But other users are as much to blame as the wind and rain View on website
- Fastly global internet outage: why did so many sites go down — and what is a CDN, anyway?Paul Haskell-Dowland, Edith Cowan University, June 8, 2021To understand what happened, you need to know what a CDN (content delivery network) is, and how crucial they are to the smooth running of the internet. View on website
- What is ‘Other’ in my iPhone storage, why is it taking up so much space and how do I clear it?Paul Haskell-Dowland, Edith Cowan University and Patryk Szewczyk, Edith Cowan University, May 26, 2021The most effective solution is also the most radical. View on website
- Remember, Apple AirTags and ‘Find My’ app only work because of a vast, largely covert tracking networkPaul Haskell-Dowland, Edith Cowan University, May 17, 2021AirTags promise to help find your lost wallet or bag. But at worst, they could be used for stalking, and at best they involve signing up to a global tracking network most users aren't truly aware of. View on website
- Apple’s new ‘app tracking transparency’ has angered Facebook. How does it work, what’s all the fuss about, and should you use it?Paul Haskell-Dowland, Edith Cowan University and Nikolai Hampton, Edith Cowan University, April 28, 2021Apple's latest iPhone operating system lets you opt out of having your online habits tracked by the apps you use. That's a big part of Facebook's business model, but don't expect a privacy revolution. View on website
- Facebook data breach: what happened and why it's hard to know if your data was leakedPaul Haskell-Dowland, Edith Cowan University, April 6, 2021More than 500 million people's details were compromised. The records include various combinations of name, email, gender, date of birth, location, relationship status and employer. View on website
- Holding the news to ransom? What we know so far about the Channel 9 cyber attackPaul Haskell-Dowland, Edith Cowan University, March 30, 2021It's still too early to say who attacked Channel Nine, disrupting its live broadcasts over the weekend. But fingers have been pointed at Russian state actors using a tactic nicknamed 'wiperware'. View on website
- How to encourage cyber-safe behaviour at work without becoming the office grouchNathalie Collins, Edith Cowan University; Jeff Volkheimer, Duke University, and Paul Haskell-Dowland, Edith Cowan University, February 26, 2021If you're reluctant to share your password, or broadcast a team password in Slack in a groupchat, your instincts are correct. But mocking those who 'do the wrong thing' is unlikely to help. View on website
- The Christmas gifts that keep giving (your data away) — and how to prevent thisPaul Haskell-Dowland, Edith Cowan University and Steven Furnell, University of Nottingham, January 5, 2021Many of us will have received new gadgets this festive season. But how can we ensure these are set up safely? And what's the best way to discard of old devices being replaced? View on website
- Australian hospitals are under constant cyber attack. The consequences could be deadlyPaul Haskell-Dowland, Edith Cowan University, November 18, 2020Cyberattacks on Australian healthcare facilities are on the rise. View on website
- Robot take the wheel: Waymo has launched a self-driving taxi serviceJames Jin Kang, Edith Cowan University; Mohiuddin Ahmed, Edith Cowan University, and Paul Haskell-Dowland, Edith Cowan University, October 15, 2020The age of autonomous vehicles is edging closer to reality with the launch of a driverless taxi service in the USA. View on website
- Airports, ATMs, hospitals: Microsoft Windows XP leak would be less of an issue, if so many didn’t use itBrianna O'Shea, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, September 30, 2020The outdated Microsoft operating system was recently dumped online in a huge leak. Hackers can now scour it for bugs to exploit. View on website
- Trump’s TikTok deal explained: who is Oracle? Why Walmart? And what does it mean for our data?Paul Haskell-Dowland, Edith Cowan University and Nathalie Collins, Edith Cowan University, September 22, 2020Plot twists in the TikTok saga continue to emerge daily, with a proposed deal to secure its future in the US now in doubt. Here's what it means for TikTok users — and for geopolitics. View on website
- A computer can guess more than 100,000,000,000 passwords per second. Still think yours is secure?Paul Haskell-Dowland, Edith Cowan University and Brianna O'Shea, Edith Cowan University, September 15, 2020One website dedicated to tracking stolen passwords suggests there are details of currently more than 10 billion compromised accounts available online. View on website
- Face masks and facial recognition will both be common in the future. How will they co-exist?Paul Haskell-Dowland, Edith Cowan University, September 7, 2020With face masks now compulsory or recommended in various parts of the country, how are facial recognition systems functioning? View on website
- Microsoft’s takeover would be a win for TikTok and tech giants – not usersPaul Haskell-Dowland, Edith Cowan University and Brianna O'Shea, Edith Cowan University, August 3, 2020If a new deal between Microsoft and ByteDance goes through, the Chinese company may withdraw ownership of its TikTok operations in not only the US – but also Australia, New Zealand and Canada. View on website
- China could be using TikTok to spy on Australians, but banning it isn’t a simple fixPaul Haskell-Dowland, Edith Cowan University and James Jin Kang, Edith Cowan University, July 8, 2020The US is also 'looking at' banning the Chinese social media app. View on website
- How safe is COVIDSafe? What you should know about the app’s issues, and Bluetooth-related risksJames Jin Kang, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, May 7, 2020From conflicts with specialised medical devices, through to unresolved problems with iPhone functionality, COVIDSafe is in need of updates. A major one may come within the next few weeks. View on website
- ANU will invigilate exams using remote software, and many students are unhappyPaul Haskell-Dowland, Edith Cowan University, April 24, 2020The Australian National University is turning to digital proctoring to replace the role of a walking invigilator. But who watches the proctor, what are the risks, and what data will be collected? View on website
- Cyber threats at home: how to keep kids safe while they’re learning onlinePaul Haskell-Dowland, Edith Cowan University and Ismini Vasileiou, De Montfort University, April 24, 2020Just as office workers need to be aware of cyber risks when setting up a home office, parents need to think about the increased exposure their children will face View on website
- Crashing the party: beware the cyber risks of virtual meet-up apps like HousepartyMohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, April 15, 2020Apps like Houseparty and Netflix Party are helping people stay in touch with friends - but do these apps have cyber dangers that we need to be aware of? View on website
- How to boost your internet speed when everyone is working from homeJames Jin Kang, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, April 2, 2020Your mobile internet bandwidth is shared with others in your area. That's why many people trying to access the iternet at the same time results in slower speeds. View on website
- Restricting underage access to porn and gambling sites: a good idea, but technically trickyPaul Haskell-Dowland, Edith Cowan University, March 10, 2020Accessing gambling and pornography sites may well get harder in Australia, if plans for mandatory age-verification go ahead. But there are already technical workarounds for determined web users. View on website
- Don’t die wondering: apps may soon be able to predict your life expectancy, but do you want to know?James Jin Kang, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, January 16, 2020Predicting life expectancy remains in the realm of science fiction, but it may soon be possible. Are we prepared for such information? And who else would benefit View on website
- Aerial threat: why drone hacking could be bad news for the militaryMohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, October 8, 2019Drones are now an integral part of defence force capability, from intelligence gathering to unmanned theatre engagement. But what happens if our own technology is turned against us? View on website
- PayID data breaches show Australia’s banks need to be more vigilant to hackingPaul Haskell-Dowland, Edith Cowan University, September 18, 2019PayID has been misused and compromised in various ways since its 2018 launch. The system deals only in "incoming" payments, not outgoing ones – but that doesn't mean users are safe from cyber crime. View on website
- Apple iPhones could have been hacked for years – here’s what to do about itLeslie Sikos, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University, September 5, 2019The news that malware can invade iPhones and other Apple devices via the Safari web browser has damaged Apple's reputation for security. But you can fix the problem by updating your phone's software. View on website
- Three ways the ‘NotPetya’ cyberattack is more complex than WannaCryPaul Haskell-Dowland, Edith Cowan University, June 30, 2017Mayhem, not money, seems to be the ultimate aim of the latest attack unleashed on computer networks around the world. View on website
Randomly selected article from "The Conversation"
-
Apple’s PassKeys update could make traditional passwords obsolete
Paul Haskell-Dowland, Edith Cowan University and Steven Furnell, University of NottinghamSometimes it seems like passwords have been with us forever, and yet every year we’re reminded how we still don’t use them properly!
The annual publication of the “worst passwords” list shows we haven’t become much more password savvy over the decade. And while several replacements for the humble password have been proposed, none have come close to the ease of using the traditional method.
But this changes today with the introduction of Passkeys – an update in Apple’s latest iOS 16 operating system. Passkeys could be the long-awaited solution to password malpractice, and the near-constant problem of compromised credentials.
What’s wrong with passwords?
The problem with passwords has been well documented. We choose weak ones, write them down (for others to see), share them, and re-use them on multiple websites.
The last of these is particularly problematic. Once your details are breached (and subsequently leaked), they’re vulnerable to “credential stuffing” – where cybercriminals take a set of login credentials and try them on multiple websites.
“But I use a password manager,” you might say.
Well, that’s good. The standard advice for years has been to use password managers such as 1Password or LastPass. These let you create unique passwords for each website or service you use. So even if a website is compromised, only one password is revealed.
But this approach requires the ability to synchronise across all your devices – a feature not all password managers provide.
And even with a password manager, our passwords are still stored on the remote website we’re accessing. Although most websites store passwords in a secure (hashed) format, they are still routinely compromised. It’s estimated more than two billion sets of credentials (including passwords) were leaked online in 2021.
Along come Passkeys
Apple devices using the newest operating system release (iOS 16 or MacOS Ventura) will integrate a new password mechanism called Passkeys. Unfortunately iPad users will need to wait a little longer for the feature.
It’s worth noting you won’t be forced to use Passkeys, but your Apple device will prompt you with the opportunity to do so. Also, most websites will continue to support password access for people without the latest devices.
You’ll also have the option to use Apple’s secure cloud storage, iCloud, to back up your keys and share them across your Apple devices.
How do they work?
The concept behind Passkeys is relatively simple. Every website you elect to use Passkeys on will securely generate a unique pair of secret codes (referred to as “keys”).
One of these is a public key, stored on the website you’re registered on. The other is a private key stored on your device. Both keys are related, but one can’t be used to get the other.
When you attempt to log in to the website, instead of entering a password, your device will ask you to verify your login using your device’s biometric unlocking mechanism. So you’ll either scan your face or your finger.
This deliberately limits Passkeys’ functionality to devices with biometric support (iPhones have offered Touch ID since 2013 and Face ID since 2017).
Once your biometrics are verified, your device will use your private key to prove your identity to the website by tackling a complex mathematical “challenge” issued by the site. At no point is your private key sent across the internet to the website.
The response from your device can only be verified by the website, using the public key generated when you registered. And nobody can pretend to be you without your private key, which is safely stored on your device.
If a website is compromised, the public key alone is useless to cybercriminals.
Moreover, while biometric technology can be compromised, this is relatively difficult. To exploit a biometrics/PassKeys combination, a criminal would first need to obtain your device and then do a great job faking your face or fingerprint (or force one from you) – unlikely circumstances for most users.
Usability barriers
Passkeys will initially launch on Apple, but others are close behind. Microsoft will likely launch its own equivalent soon, although it may not initially be compatible with Apple’s implementation. This could be an issue for people wanting to use both an iPhone and Windows laptop.
Moving forward, it’s important Apple, Google and Microsoft work together to ensure maximum compatibility across devices.
Until then, there are some workarounds. If you need to access an Apple Passkeys-protected service on your Windows laptop (or any other device), you can scan a QR code with your iPhone and provide your biometric login verification that way.
This means users will always need to have their phone on them when they want to authenticate to a remote service – whereas currently they can just type out their password, or use a password manager synced across their devices.
For some users, needing to have their phone all the time could be enough to give Passkeys a pass altogether.
The long tail of adoption
The Passkeys approach has the potential to make passwords obsolete, but this will require organisations around the world to invest time, effort and money into it.
Big players like social media companies are well positioned to adopt Passkeys early on, but there will be millions of websites that may take years to do so – or may never.
Indeed, looking at the state of play today, many leading sites still fall short of applying existing good practice around passwords. So it’s hard to say exactly how quickly, and how widely, Passkeys will be implemented.
Paul Haskell-Dowland, Professor of Cyber Security Practice, Edith Cowan University and Steven Furnell, Professor of Cyber Security, University of Nottingham
This article is republished from The Conversation under a Creative Commons license. Read the original article.
Editorships / refereeing for journals
- Editorial Board Member, Computers & Security, Elsevier
- Editorial Advisory Board Member (former Editor), Heliyon, Elsevier
- Reviewer for ACM Transactions on Autonomous and Adaptive Systems
- Reviewer for Elsevier Computers & Security
- Reviewer for Elsevier Journal of Network and Computer Applications
- Reviewer for Elsevier Pervasive and Mobile Computing
- Reviewer for IET (formerly IEE) Proceedings Information Security
- Reviewer for Journal of Computer Security
- Reviewer for MDPI Cryptography
- Reviewer for MPDI Electronics
- Reviewer for MDPI Sensors
- Reviewer for Springer Journal of Crime, Law and Social Change
- Reviewer for Wiley Internet Technology Letters
- International Editorial Board Member, "e-Minds: International Journal on Human-Computer Interaction"
- Reviewer for McGraw Hill
Conferences organised
- Secure South West 7, Plymouth, 5th October 2016
- International Network Conference 2016, INC 2016, Frankfurt, Germany, 19-21 July 2016
- Secure South West 6, Plymouth, 9th February 2016
- Secure South West 5, Plymouth, 2nd April 2015
- Secure South West 4, Plymouth, 10th July 2014
- International Network Conference 2014, INC 2014, Plymouth, UK, 8-9 July 2014
- Secure South West 3, Plymouth, 16th December 2013
- Secure South West 2, Plymouth, 25th March 2013
- Secure South West, Plymouth, 20th September 2012
- International Network Conference 2012, INC 2012, Port Elizabeth, South Africa, 11-12 July 2012
- International Network Conference 2010, INC 2010, Heidelberg, Germany, 8-10 July 2010
- 12th Annual IFIP Workshop on Information Security Management, Port Elizabeth, South Africa, 17-18 May 2010
- 11th Annual Working Conference on Information Security Management, Richmond, USA, 16 - 17 October 2008
- International Network Conference 2008, INC 2008, Plymouth, UK, 11-14 July 2008
- International Network Conference 2006, INC 2006, Plymouth, UK, 11-14 July 2006
- IFIP TC-11 WG 11.1 & WG 11.5 Joint Working Conference on Security Management, Integrity, and Internal Control in Information Systems, Fairfax, Virginia, 1-2 December 2005
- International Network Conference 2005, INC 2005, Samos, Greece, 5-7 July 2005
- International Network Conference 2004, INC 2004, Plymouth, UK, 6-9 July 2004
- Euromedia 2003, Plymouth, UK, 14-16 April 2003
- International Network Conference 2002, INC 2002, Plymouth, UK, 16-18 July 2002
- International Network Conference 2000, INC 2000, Plymouth, UK, 3-6 July 2000
Other international conference activities
- International Programme Committee Member, 23rd Information Security for South Africa Conference (ISSA 2024), South Africa, 27 November 2024
- International Programme Committee Member, AI for Global Security (AI4GS 2024), Paris, France, 19 November 2024
- International Programme Committee Member, Workshop on Security and Artificial Intelligence (SECAI 2024), Bydgoszcz, Poland, 19-20 September 2024
- International Programme Committee Member and Technical Program Chair, IEEE International Conference on Cyber-Security and Resilience (IEEE CSR 2024), London, UK, 2-4 September 2024
- International Programme Committee Member, The 6th International Conference on Science of Cyber Security - (SciSec 2024), Copenhagen, Denmark, 14-16 August 2024
- International Programme Committee Member, 18th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2024), Skövde, Sweden, 9-11 July 2024
- International Programme Committee Member, 23rd European Conference on Cyber Warfare and Security (ECCWS 2024), Jyväskylä, Finland, 27-28 June 2024
- TC11 Chair and International Programme Committee Member 39th IFIP TC-11 International Information Security Conference (IFIP SEC), Edinburgh, UK, 12-14 June 2024
- International Programme Committee Member 25th IEEE International Conference on Industrial Technology (IEEE ICIT 2024), Bristol, UK, 25-27 March 2024
- International Programme Committee Member and Technical Program Chair IEEE International Conference on Cyber-Security and Resilience (IEEE CSR 2023), Venice, Italy, 31 July - 2 August 2023
- International Programme Committee Member, 17th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2022), Kent, UK, 4-6 July 2023
- International Programme Committee Member 38th IFIP TC-11 International Information Security Conference (IFIP SEC), Poznan, Poland, 14-16 June 2023
- International Programme Committee Member, 22nd European Conference on Cyber Warfare and Security (ECCWS 2023), Athens, Greece, 22-23 June 2023
- Program Committee Co-Chair, Australasian Information Security Conference (AISC 2023), 30 Jan-3 Feb 2023
- International Programme Committee Member and Technical Program Chair IEEE International Conference on Cyber-Security and Resilience (IEEE CSR 2022), Virtual, 27-29 July 2022
- International Programme Committee Member, 16th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2022), Mytilene, Greece, 6-8 July 202
- International Programme Committee Member, 21st European Conference on Cyber Warfare and Security (ECCWS 2022), Chester, UK, 16-17 June 2022
- International Programme Committee Member 37th IFIP TC-11 International Information Security Conference (IFIP SEC), Copenhagen, Denmark, 13-17 June 2022
- International Programme Committee Member IEEE International Conference on Cyber-Security and Resilience (IEEE CSR 2021), Rhodes, Greece, 26-28 July 2021
- International Programme Committee Member, 15th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2021), Mytilene, Greece, 7-9 July 2021
- International Programme Committee Member, 20th European Conference on Cyber Warfare and Security (ECCWS 2021), Chester, UK, 24-25 June 2021
- International Programme Committee Member 36th IFIP TC-11 International Information Security Conference (IFIP SEC), Oslo, Norway, 22-24 June 2021
- International Programme Committee Member 35th IFIP TC-11 International Information Security Conference (IFIP SEC), Maribor, Slovenia, 21-23 September 2020
- International Programme Committee Member, 19th Information Security South Africa (ISSA) 2020, Pretoria, South Africa, 25-26 August 2020
- International Programme Committee Member, 14th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2020), Mytilene, Greece, 8-10 July 2020
- International Programme Committee Member, 19th European Conference on Cyber Warfare and Security (ECCWS 2020), Portugal, 25-26 June 2020
- International Programme Committee Member, 18th Australian Cyber Warfare Conference (CWAR), Melbourne, Australia, October 8-9 2019
- International Programme Committee Member, 18th Information Security South Africa (ISSA) 2019, Johannesburg, South Africa, 14-15 August 2019
- International Programme Committee Member, 13th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019), Nicosia, Cyprus, 15-17 July 2019
- International Programme Committee Member, 18th European Conference on Cyber Warfare and Security (ECCWS 2019), Portugal, 4-5 July 2019
- International Programme Committee Member 34th IFIP TC-11 International Information Security Conference (IFIP SEC), Lisbon, Portugal, 25-27 June 2019
- International Programme Committee Member, 17th Australian Cyber Warfare Conference (CWAR), Melbourne, Australia, October 10-11 2018
- International Programme Committee Member, 12th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018), Dundee, UK, 29-31 August 2018
- International Programme Committee Member, Information Security South Africa (ISSA) 2018, Johannesburg, South Africa, August 15-16 2018
- International Programme Committee Member, 17th European Conference on Cyber Warfare and Security (ECCWS 2018), Oslo, Norway, 28-29 June 2018
- International Programme Committee Member, 15th Australian Digital Forensics Conference and 15th Australian Information Security Management Conference, Perth, Australia, 5-6 December 2017
- International Programme Committee Member, 11th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2017), Adelaide, Australia, 28-30 November 2017
- International Programme Committee Member, Information Security South Africa (ISSA) 2016, Johannesburg, South Africa, August 17-18 2016
- International Programme Committee Member, 10th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016), Frankfurt, Germany, 19-21 July 2016
- Organising Committee Member, 11th International Network Conference 2016 (INC2016), Plymouth, UK, 19-21 July 2016
- International Programme Committee Member 15th European Conference on Cyber Warfare and Security (ECCWS 2016), Munich, Germany, 7-8 July 2016
- International Programme Committee Member 31st IFIP TC-11 International Information Security Conference (IFIP SEC), Ghent, Belgium, 30 May-1 June 2016
- International Programme Committee Member, Information Security South Africa (ISSA) 2015, Johannesburg, South Africa, August 12-13 2015
- International Programme Committee Member 14th European Conference on Cyber Warfare and Security (ECCWS 2015), Hatfield, UK, 2-3 July 2015
- International Programme Committee Member 9th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015), Lesvos, Greece, 1-3 July 2015
- International Programme Committee Member, 30th IFIP TC-11 International Information Security Conference (IFIP SEC), Hamburg, Germany, 26-28 May 2015
- International Programme Committee Member, Information Security South Africa (ISSA) 2014, Johannesburg, South Africa, August 13-15 2014
- Organising Committee Chair and International Programme Committee Member, 10th International Network Conference 2014 (INC2014), Plymouth, UK, 8-10 July 2014
- International Programme Committee Member 8th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2014), Plymouth, UK, 8-10 July 2014
- International Programme Committee Member 13th European Conference on Cyber Warfare and Security (ECIW 2014), Piraeus, Greece, 3-4 July 2014
- International Programme Committee Member, Information Security South Africa (ISSA) 2013, Johannesburg, South Africa, August 14-16 2013
- International Programme Committee Member 12th European Conference on Information Warfare and Security (ECIW 2013), Jyväskylä, Finland , 11-12 July 2013
- International Programme Committee Member 7th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2013), Lisbon, Portugal, 8-10 May 2013
- International Programme Committee Member, Information Security South Africa (ISSA) 2012, Johannesburg, South Africa, August 15-17 2012
- Organising Committee Chair and International Programme Committee Member, 9th International Network Conference 2012 (INC2012), Port Elizabeth, South Africa, 11-12 July 2012
- International Programme Committee Member 11th European Conference on Information Warfare and Security (ECIW 2012), Laval, France, 5-6 July 2012
- International Programme Committee Member 6th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2012), Crete, Greece, 6-8 June 2012
- International Programme Committee Member, Information Security South Africa (ISSA) 2011, Johannesburg, South Africa, August 15-17 2011
- International Programme Committee Member 10th European Conference on Information Warfare and Security (ECIW 2011), Tallinn, Estonia, 7-8 July 2011
- International Programme Committee Member 5th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2011), London, UK, 7-8 July 2010
- International Programme Committee Member, CERC Postgraduate Symposium 2010, Cork, Ireland, January 14-15 2011
- International Programme Committee Member, Information Security South Africa (ISSA) 2010, Johannesburg, South Africa, August 2-4 2010
- Organising Committee Chair and International Programme Committee Member, 8th International Network Conference 2010 (INC2010), Heidelberg, Germany, 6-8 July 2010
- International Programme Committee Member 9th European Conference on Information Warfare and Security (ECIW 2010), Thessaloniki, Greece, 1-2 July 2010
- International Programme Committee Member 4th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2010), Port Elizabeth, South Africa, 17-18 May 2010
- International Programme Committee Member 12th Annual IFIP Workshop on Information Security Management, Port Elizabeth, South Africa, 17-18 May 2010
- International Programme Committee Member, Euromedia 2010, Gandia, Spain, April 2010
- International Programme Committee Member 3rd International Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, 25-26 June 2009
- International Programme Committee Member, Information Security South Africa (ISSA) 2009, Johannesburg, South Africa, July 6-8 2009
- International Programme Committee Member, Euromedia 2009, Bruges, Belgium, 15-17 April 2009
- Conference Executive and International Programme Committee Member 8th European Conference on Information Warfare and Security (ECIW'09), Braga, Portugal, 6-7 July 2009
- Program Chair, 11th Annual Working Conference on Information Security Management, Richmond, USA, 16 - 17 October 2008
- Organising Committee Chair and International Programme Committee Member, 7th International Network Conference 2008 (INC2008), INC 2008, Plymouth, UK, 8-10 July 2008
- International Programme Committee Member 2nd International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008), Plymouth, UK, 8 - 10 July 2008
- Conference Executive and International Programme Committee Member 7th European Conference on Information Warfare and Security (ECIW'08), Plymouth, UK, 30 June - 1 July 2008
- International Programme Committee Member, Euromedia 2008, Porto, Portugal, 9-11 April 2008
- International Programme Committee Member 2nd International Symposium on Information Security (IS'07), Algarve, Portugal, 25 - 30 November 2007
- International Programme Committee Member The Second International Conference on Systems and Networks Communications (ICSNC 2007), Tahiti, French Polynesia, 25-31 August 2007
- International Programme Committee Member International Conference on Human Aspects of Information Security & Assurance (HAISA 2007), Plymouth, UK, 10 - 12 July 2007
- International Programme Committee Member IFIP TC-11 WG 11.1 & WG 11.8 Joint Workshop on Fostering knowledge and skills for manageable information security, Sandton, South Africa, 15 May 2007
- International Programme Committee Member 22nd IFIP TC-11 International Information Security Conference, Sandton, South Africa, 14-16 May 2007
- International Programme Committee Member, Euromedia 2007, Delft, The Netherlands, April 2007
- International Programme Committee Member 5th WSEAS International Conference on Information Security and Privacy (ISP '06), Venice, Italy, 20-22 November 2006
- International Programme Committee Member International Conference on Systems and Networks Communications (ICSNC 2006), Tahiti, French Polynesia, 2-4 November 2006
- International Programme Committee Member First International Workshop on Information Security (IS'06), Montpelier, France, 29 October-3 November 2006
- International Programme Committee Member International Workshop on Security (IWSEC) 2006, Kyoto, Japan, 23-24 October 2006
- Organising Committee Chair and International Programme Committee Member, International Network Conference 2006, INC 2006, Plymouth, UK, 11-14 July 2006
- International Programme Committee Member, Information Security South Africa (ISSA) 2006, Gauteng, South Africa, 5-7 July 2006
- International Programme Committee Member, Euromedia 2006, Athens, Greece, April 2006
- Reviewer, IFIP TC-11 WG 11.1 & WG 11.8 Joint Workshop on Security Culture, Karlstad, Sweden, 22 May 2006
- International Programme Committee Chair and Reviewer, IFIP TC-11 WG 11.1 & WG 11.5 Joint Working Conference on Security Management, Integrity, and Internal Control in Information Systems, Fairfax, USA, 1-2 December 2005
- International Programme Committee Member, Euromedia 2005, Toulouse, France, April 2005
- Organising Committee Co-Chair and International Programme Committee Member, International Network Conference 2005, INC 2005, Samos, Greece, July 2005
- Scientific Committee Member, Sciences of Electronics, Technologies of Information and Telecommunications (SETIT) 2005, Susa, Tunisia, 27-31 March 2005
- Local Organising Committee Chair and International Programme Committee Member, International Network Conference 2004, INC 2004, Plymouth, UK, July 2004
- Scientific Committee Member, Sciences of Electronics, Technologies of Information and Telecommunications (SETIT) 2004, Susa, Tunisia, 15-20 March 2004
- International Programme Committee Member, International Conference on Web Engineering (ICWE 2003), Oviedo, Spain, 14-18 July 2003
- General Programme Chair, Euromedia 2003, Plymouth, UK, 14-16 April 2003
- Local Organising Committee Chair, International Network Conference 2002, INC 2002, Plymouth, UK, 16-18 July 2002
- Organising Committee member, International Network Conference 2000, INC 2000, Plymouth, UK, 3-6 July 2000
Current research degree supervisions
- Mr Muhammad Afzal, Insider Threat Detection Using a Synthetic Dataset
- Miss Nomin Chimid-Osor, Insider Threat Mitigation in Critical Infrastructure
Completed research degree supervisions
- Dr Vasanth Kumar, In-circuit forensic analysis of IoT memory modules (2024)
- Mr Alan Jacob MRes, Detecting and Mitigating Obfuscated Command Control (C2) Communication Data in Android Mobile Devices Using Neural Networks (2023)
- Dr Md Mursalin, Human Identification using Ear Biometrics: A Complete Pipeline from Detection to Recognition (2023)
- Dr Ashley Woodiss-Field, Evaluating Traditional Botnet Detection applied to Contemporary Threats from the Internet of Things (2023)
- Mr Liam Riddell, Heterogeneous Anomaly Detection from Network Traffic Streams using Data Summarization (2022)
- Dr Bazlur Rashid, Cooperative Co-Evolution-Based Feature Selection for Big Data Analytics (2021)
- Mr Brett Turner, An Investigation into the Efficacy of URL Content Filtering Systems (2021)
- Dr Neamah Al-Naffakh, Activity-Based User Authentication Using Smartwatches (2020)
- Ms Derani Dissanayake, The challenges of digital legacy management on the value of digital objects to older Australians (2019)
- Dr Timibloudi Stephen Enamamu, Bioelectrical User Authentication (2019)
- Dr Najem Mahmoud, An Evaluation of Targeted Security Awareness for End Users (2019)
- Dr Burhan Al-Bayati, Continuous Identity Verification in Cloud Computing Services (2018)
- Dr Martin Dorigo, DOKY: A Multi-Modal User Interface for Non-Visual Presentation, Navigation and Manipulation of Structured Documents on Mobile and Wearable Devices (2018)
- Dr Salam Ketab, E-Invigilator of E-Assessment (2017)
- Dr Athanassios Triantafyllidis, Increasing eLearning Engagement through Mobile Learning Integration (2017)
- Dr Nawaf Alharbi, The role of security and its antecedents in e-government adoption (2016)
- Dr Hussain Alsaiari, Graphical One-Time-Password Authentication (2016)
- Dr Benjamin G Sanders, Opportunities and Risks in Online Gaming Environments (2016)
- Dr Andreas Knirsch, Improved Composability of Software Components through Parallel Hardware Platforms for In-Car Multimedia Systems (2015)
- Dr Peter Korovessis, Establishing an Information Security Awareness and Culture (2015)
- Dr Martin Swientek, High-Performance Near-Time Processing of Bulk Data (2015)
- Dr Zarul Fitri Zaaba, Enhancing Usability using Automated Security Interface Adaptation (ASIA) (2014)
- Dr Fudong Li, Behaviour Profiling for Mobile Devices (2012)
- Dr Mohd Zalisham Jali, Enhancing User Authentication using Graphical Techniques (2011)
- Mr Cedric Copy, Data Mining applied to external marketing data (2007)
- Dr Abdualaziz Alayed, Active security vulnerability notification and resolution (2006)
Examination of research degrees
- Dr Luzuko Tekeni, External Examiner, PhD thesis, Nelson Mandela University, December 2022
- Dr Liza Salleh, External Examiner, PhD thesis, University of Auckland, September 2020
- Dr Timm Heuss, Internal Examiner, PhD thesis, December 2016
- Dr Thomas Rübsamen, Internal Examiner, PhD thesis, November 2016
- Dr Janet Kneller, Internal Examiner, PhD thesis, December 2015
- Dr Sandra Frei, Internal Examiner, PhD thesis, March 2015
- Dr Christopher Hocking, Internal Examiner, PhD thesis, December 2014
- Dr Christopher Kosmas, Internal Examiner, PhD thesis, May 2014
- Dr Sevasti Karatzouni, Internal Examiner, PhD thesis, February 2014
- Dr Hataichanok Saevanee, Internal Examiner, PhD thesis, February 2014
- Dr Karin Kronawitter, Internal Examiner, PhD thesis, January 2014
- Dr Witold Thaul, Internal Examiner, PhD thesis, September 2013
- Dr Mike Krey, Internal Examiner, PhD thesis, 2013
- Dr Jan Muhammad, External Examiner, PhD thesis, University of Glasgow, October 2012
- Dr Shuhaili Talib, Internal Examiner, PhD thesis, October 2012
- Dr Benjamin Heckmann, Internal Examiner, PhD thesis, September 2012
- Dr Nor Badrul Abuar Jumaat, Internal Examiner, PhD thesis, February 2012
- Dr HaiYun Tian, External Examiner, PhD thesis, Teesside University, January 2012
- Dr Aruna Thakur, Internal Examiner, PhD thesis, February 2007
- Dr Nathan Luke Clarke, Internal Examiner, PhD thesis, September 2004
Invited presentations, lectures, etc.
- Invited Speaker, Simple Errors=Serious Consequences, ECU Sri Lanka, 18th March 2024
- Invited Speaker, History of VR/AI, ECU Sri Lanka, 16th March 2024
- Presentation, Using Microsoft Azure Labs to develop and deliver virtual IT environments for teaching and learning, ACDICT ALTA Forum, 19-20 June 2024
- Keynote Speaker, How AI is Changing Cyber, Cyber West Summit 24, Perth, 16th May 2024
- Keynote Speaker, Simple Errors=Serious Consequences, IIT Madras, Chennai, India, 6th March 2024
- Invited Speaker, Simple Errors=Serious Consequences, CERT, Colombo, Sri Lanka, 15th February 2024
- Invited Speaker, Tracking technologies: Now everyone can be a spy, Virtusa, Colombo, Sri Lanka, 14th February 2024
- Keynote Speaker, Simple Errors=Serious Consequences, University of Sri Jayewardenepura, Colombo, Sri Lanka, 14th February 2024
- Invited Speaker, History of Cyber Security, Cyber West Summit 23, Perth, 10th May 2023
- Panel Member, Business News 'The Future Of Cybersecurity' Sector Briefing, Crown Perth, 31st March 2023
- Invited Speaker, Surveillance and Tracking, Computer Society of Sri Lanka, Colombo, Sri Lanka, 22nd February 2023
- Keynote Speaker, The Cost of Cyber Crime, Auspire, 25th October 2022
- Panel Member, UK Connect, Invest and Trade Western Australia, 12th August 2022
- Keynote Speaker, Tracking technologies: From James Bond to everyone, IEEE-CSR Conference, 27-29 July 2022
- Keynote Speaker, From TikTok to Pegasus: Communicating cyber to the masses, ECU Lecture Series, 31st May 2022
- Keynote Speaker, Cyber security education, a perfect storm, ECUlture, ECU, 1st November 2021
- Invited Speaker, Case study live demo, Cyber Security Asia, Malaysia, 11th October 2021
- Invited Speaker and panel member,Cyber Security: protecting ourselves into the future?, Brand Launch, Optus Stadium, 22nd April 2021
- Presentation, Invoice Fraud Case Study, 26th November 2020
- Invited Speaker, What can we learn from a hack? Cyber Security Asia, Phnom Penh, Cambodia, 5th November 2019
- Panel Member, Discovering the Digital Underworld: Privacy, the Dark Web, Tech & Democracy, Cyber Security Asia, Phnom Penh, Cambodia, 4th November 2019
- Keynote Speaker, Lessons in Ethical Hacking, Computer Society of Sri Lanka, Colombo, Sri Lanka, 29th October 2019
- Invited Speaker, Ethical Hacking, RSA Conference 2019, Asia Pacific and Japan, Singapore, 16th July 2019
- Keynote Speaker, Evolving Cyber Risks for Organisations: Taking security seriously, Innovation Summit, Austrade, Cebu, Philippines, 24th May 2019
- Keynote Speaker, Cyber Security: protecting ourselves into the future, Singapore Computer Society, Singapore, 22nd May 2019
- Keynote Speaker, Ethical Hacking, IDP, Singapore, 11th May 2019
- Invited Speaker, Ethical Hacking, SCS Student Chapter, Singapore, 3rd May 2019
- Panel Moderator, WA Leaders Conference, Engineers Australia, Perth, Australia, 30th May 2018
- Panel Member, Austrade ICT Education Showcase, Hanoi, Vietnam, 16th May 2018
- Workshop, Ethical Hacking, IEEE/Sri Lanka CERT Cyber Security Week, Colombo, Sri Lanka, 31st August 2017
- Keynote Speaker, Can Barbie bring down a power station?, 10th Annual National Conference on Cyber Security, Sri Lanka CERT, Colombo, Sri Lanka, 30th August 2017
- Speaker, Cyber Security Threat Landscape, IEEE/Federation of Malaysian Manufacturers (FMM), Kuala Lumpur, Malaysia, 17th August 2017
- Chair and Speaker, Ethical Hacking, Security Governance Workshop, CommunicAsia 2017, Singapore, 25th May 2017
- Speaker, Security Monitoring, Internet and IPv6 Infrastructure Security, Bangkok, Thailand, 11th May 2017
- Speaker, Practical Exploitation, Secure South West 6, Plymouth, 9th February 2016
- Chair, Effectively Utilising Higher Education Data, Inside Government, London, 26th November 2015
- Workshop, "Making it easier to be effective tutors - the role of S3", Vice-Chancellor's Teaching and Learning Conference, Plymouth, 26th June 2015
- Poster, "What can S3 do for you (and your students)?", Vice-Chancellor's Teaching and Learning Conference, Plymouth, 26th June 2015
- Presentation, South West Cyber Security Cluster: Cyber Security Survival Strategy, Exeter, 21 May 2015
- Panel Member, Tackling student welfare issues and improving student retention, Westminster Higher Education Forum, London, 5th March 2015
- Chair and Case Study Presentation, Higher Education Data: Redesigning the Information Landscape, Inside Government, London, 12th November 2014
- Panel Member, Are today’s security technologies usable enough?, Secure South West 4, Plymouth, 10th July 2014
- Panel Member, Future Challenges in Cyber Security, Secure South West 3, Plymouth, 16th December 2013
- Masterclass, "Introduction to and demo of S3 (Student Support System)", Vice-Chancellor's Teaching and Learning Conference, Plymouth, 28th June 2013
- Speaker, Practical IT Security and Digital Forensics techniques, Secure South West, Plymouth, 20th September 2012
- Presentation, "Endpoint Security Case Study", Enterprise Security 2007, London, 11 October 2007
- Invited Lecturer, IPICS Summer School, Leuven, Belgium, July 2006
- Presentation, "Online Peer Assessment", Vice-Chancellor's Teaching and Learning Conference, Plymouth, June 2006
- Keynote Speech, "Transparent User Authentication using Keystroke Analysis", 11th Conference on Human Computer Interaction, Oviedo, Spain, 22-24 March 2006
- “Common Failings” and "Technical Requirements", Information Systems Security 1 Day Conference, Guernsey, 8 February 2006
- Invited Lecturer, IPICS Winter School, Oulu, Finland, April 2004
- Invited Lecturer, Guernsey Training Agency, Guernsey, December 2003, January 2004
- Invited Lecturer, IPICS Summer School, Malaga, Spain, July 2003
- Invited Lecturer, IPICS Winter School, Oulu, Finland, April 2003
- Invited Lecturer, IPICS Summer School, Samos, Greece, July 2002
Other professional/academic activities/roles/duties
Present (Edith Cowan University, Perth, Australia):
- Acting Dean (as required)
- ASL Committee
- Associate Dean (Computing and Security)
- Curriculum, Teaching & Learning Committee
- ERA Discipline Champion
- Occupational Safety and Health Committee
- Research and Research Training Committee
- School Executive
- Work Health and Safety Committee
Past (Plymouth University, Plymouth, UK):
- Academic Regulations Sub-Committee - Faculty Representative (2012-2016)
- Associate Head of School for Computing (2015-2016)
- Cisco Academy Co-ordinator (2005-2016)
- CNET Subject Group Leader (2002-2015)
- Computer Security Incident Response Team member (2015-2016)
- Data Centre Project Board member (2015-2016)
- DLE Early Adopter - School Representative (2014-2015)
- DLE User Group - Academic Representative (2015-2016)
- DTC Committee Member - CSCAN Representative (2014-2016)
- Enterprise Architecture Board - Academic Representative (2013-2016)
- Faculty IT Committee - School Representative (2014-2016)
- Faculty Plagiarism Committee - (2002-2016)
- Fitness to Study Hearing - Chair (2014-2016)
- HR Self Service Working Group - Academic Representative (2009-2010)
- Industrial Liaison Advisory Committee (2009-2012)
- Information Security Group (2015-2016)
- Information Security Policy - Contributor (2012-2014)
- League Table Performance Committee - S3 Representative (2015-2016)
- Microsoft Server 2003 Migration Project Board - Academic Representative (2015-2016)
- Research Student Data Project (2012)
- School Executive (2009-2016)
- School Health and Safety Committee (2015-2016)
- SciTech Showcase - School Coordinator (2012-2016)
- Student Marks Project Board (2011-2013)
- Teaching Learning and Quality Committee (2011-2016)
- University IT Committee (2015-2016)
- Web Expenses Process Group (2009-2010)