Your employees: the front line in cyber security

First published in The Chemical Engineer and reproduced by Crest - Centre for Research and Evidence on Security Threats, 26/01/2016 (https://crestresearch.ac.uk/comment/employees-front-line-cyber-security/

Information Security management: A human challenge?

This paper considers to what extent the management of Information Security is a human challenge. It suggests that the human challenge lies in accepting that individuals in the organisation have not only an identity conferred by their role but also a personal and social identity that they bring with them to work. The challenge that faces organisations is to manage this while trying to achieve the optimum configuration of resources in order to meet business objectives. The paper considers the challenges for Information Security from an organisational perspective and develops an argument that builds on research from the fields of management and organisational behaviour. It concludes that the human challenge of Information Security management has largely been neglected and suggests that to address the issue we need to look at the skills needed to change organisational culture, the identity of the Information Security Manager and effective communication between Information Security Managers, end users and Senior Managers

Security dialogues: building better relationships between security and business

In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes. By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff

Foucault, Ferguson and civil society

In contrast to those who trace civil society to “community” per se, Foucault is keen to locate this concept as it emerges at a particular moment in respect of specific exigencies of government. He suggests that civil society is a novel way of thinking about a problem, a particular problematization of government that emerges in the eighteenth century and which combines incommensurable conceptions of the subject as simultaneously a subject of right and of interests. This article takes up Foucault’s discussion of the Scottish Enlightenment in The Birth of Biopolitics to trace the distinctiveness of his discussion of civil society, but also in order to suggest that we ought to pay closer attention to the tensions between commercial-civilizational and civic republican themes in the literature of the late eighteenth century than does Foucault. It is my tentative suggestion that Foucault’s account leaves out significant aspects of these debates that offer counter-valences to the dominant models of the subject avail-able to contemporary political discourse. Keywords: civic virtue; Ferguson; genealogy; intellectual history; interests; societ

Cultivation and use of bryophytes as experimental material

Bryophytes can be grown successfully if keptmoist, supplied with nutrients, and out of direct sunlight. They remain greener on peat than on sand. However, difficulties were encountered when attempting to grow mosses and liverworts in an unshaded glasshouse, in spring and summer. Even spraying hourly with water did not prevent scorching and desiccation. Growth can be measured using a variety of techniques; height measurement and shoot elongation from thread markers proved the most reliabl

‘IT Fauna’ and ‘Crime Pays’: Using Critical Design to Envision Cyber Security Futures

The research presented is a collaboration between social scientists, designers and technologists that explored whether critical design could be used to envision cyber security futures. The research imperative was to examine the use of critical design as a way of imagining future or alternative scenarios of cyber security. We evaluated research methods that would encourage cyber security practitioners and policy makers to discuss and re-consider cyber security risk. The research used critical design to produce speculative scenarios that would encourage a new way of thinking about cyber security risk. ‘Specimens of IT Fauna’ is a visualisation and celebration of our imaginary bestiary of software. ‘Crime Pays’ is a video installation that envisions a future where there is effectively a tax on online privacy

On The Dissemination Of Novel Chemistry And The Process Of Optimising Compounds In Drug Discovery Projects

Optimising the drug discovery process remains one of the largest challenges in medicine. Learning from previous compound-target associations as well as the process of optimising compounds will allow for a more targeted and knowledge-based approach. The aim of the first research chapter of this thesis is to understand where novel chemistry is first published. It is well established that the number of publications of novel small molecule modulators, and their associated targets, has increased over the years. This work focuses on publishing trends over the years with a focus on the comparison between patents and scientific literature, which is accessible via the ChEMBL and GOSTAR databases. More precisely, the patents and scientific literature associated with bioactive molecules and their target annotations have been compared to identify where novelty (in the meaning of the first modulator of a protein target) originated. Comparing the published date of the first small molecule modulator published in literature and patents for a target (with the modulators having either identical or different structures) shows that modulators are usually published in both scientific literature and in patents (45%), or in scientific literature alone (51%), but rarely in patents only. When looking at the time when first modulators are published in both sources, 65% of the time they are disseminated in literature first. Finally, when analysing just the novel small molecule modulators, regardless of the protein targets they have been published with, those structures representing novel chemistry tend to be published in patents first (61% of the time). It is concluded that novel chemistry, when associated with a target, is primarily published in the literature, therefore, when exploring known chemistry for a specific known target, this should be identified from the literature. Following this, it is important to understand how chemists optimise compounds, and we use matched molecular pair analysis (MMPs) to this end, which allows us to compare the properties of two compounds that differ by only one chemical transformation and are important for the compound to be success as a drug. In this part of the thesis, we statistically analyse the most frequently observed MMPs within drug discovery projects by using the compound registration dates to determine the order in which compounds were made within projects and aggregate the findings over all internal projects in AstraZeneca. For those MMPs that are commonly observed in projects, we compare this frequency to the frequency of reverse change in structure, to determine if there are preferences in the chemical changes made in projects over time. Furthermore, we analyse the neighbouring environments for the position where the molecule has changed. 957 unique MMPs were found to occur at least 100 times across projects, comprising 81 unique molecular fragments as starting points and 197 unique molecular fragments as end points of MMPs. The most frequently occurring MMPs as well as 5 the most frequently occurring atomic environments differ between aliphatic and aromatic systems. Overall, this study provides a data-driven method to analyse the order in which molecular fragments are incorporated into molecules in drug discovery projects. This knowledge can be used to help guide decisions in future compound design. Finally, relating these MMP findings to the measured assay results allows an overview to be made about the how the compounds themselves evolve throughout the project. MMPs are used when designing of new compounds to exploit existing knowledge of the effect of a molecular transformation on compound properties (such as binding, solubility, logD etc) and apply this to new compounds with the expectation of seeing the same outcome. The effect on physicochemical properties as measured in assays, from transformations on specific atomic environments since the year 2000, have been analysed via a time course analysis. This allows us to observe the effect of the transformations over time. In total 453 unique transformations were analysed. It highlights that even when just comparing between aromatic and aliphatic systems on a higher level, changes can be observed and shows that when designing a compound, consideration of the atomic environment is essential. These results can be used to identify the structural change that would improve a compound profile going through the design process; saving time, resources and money. Additionally, specific examples have been extracted for discussion. Notably, those examples that are considered extreme outliers, which generally refer to transformations involving a very large property change of the compound (±4 standard deviations). These extreme outliers highlight the need to always consider outliers in the analysis as they may be of importance but retaining them within a study may obscure additional results. Therefore, it is suggested to acknowledge these outliers, but not include them in the main study. Furthermore, case studies are given that show unexpected changes in property values when the logD increases such as solubility also increasing and is shown to be the result of surrounding chemistry of the atomic environment.BBSRC and AstraZenec

Design Thinking for Cyber Deception

Cyber deception tools are increasingly sophisticated but rely on a limited set of deception techniques. In current deployments of cyber deception, the network infrastructure between the defender and attacker comprises the defence/attack surface. For cyber deception tools and techniques to evolve further they must address the wider attack surface; from the network through to the physical and cognitive space. One way of achieving this is by fusing deception techniques from the physical and cognitive space with the technology development process. In this paper we trial design thinking as a way of delivering this fused approach. We detail the results from a design thinking workshop conducted using deception experts from different fields. The workshop outputs include a critical analysis of design provocations for cyber deception and a journey map detailing considerations for operationalising cyber deception scenarios that fuse deception techniques from other contexts. We conclude with recommendations for future research

Totalitarianism and justice: Hannah Arendt's and Judith N. Shklar’s political reflections in historical and theoretical perspective

We locate Arendt’s and Shklar’s writings within what Katznelson has identified as an attempt to create a new language for politics after the cataclysm of the 20th Century and Greif has called the new ‘maieutic’ discourse of ‘re-enlightenment’ in the ‘age of the crisis of man’. More specifically, we compare and contrast two related, but in many ways also differing, ways of thinking about totalitarianism and its legal repercussions. To this end, we examine two sets of studies: Arendt’s Origins of Totalitarianism and Eichmann in Jerusalem: A Report on the Banality of Evil and Shklar’s After Utopia – The Decline of Political Faith and Legalism: An Essay on Law, Morals, and Politics. While Totalitarianism and After Utopia discussed totalitarian ideology and its consequences for modern political thought, the Eichmann report and Legalism dealt with the question whether and how justice is possible after the extreme experience of totalitarianism. We argue that the maieutic impulse led Arendt and Shklar to find distinct routes to address a common concern. Our paper ends with a discussion of some of the surplus meaning that was generated by the different maieutic performances of the two thinkers