Title: Returning data control to users
Most computer users are 'sitting ducks' in cyber attacks. The crux of this situation stems from the lack of capabilities to control our own data – both within our machines and across third party environments. For example, when we use cloud services, we need to trust that the cloud service provider employees will not access our data unethically since there is no way for us to know 'what has happened to our data' behind the scenes.
Established in 2012, and working with more than 40 international and NZ collaborating partners across public and private sectors, the Cyber Security Researchers of Waikato (CROW) aims to return control of data to users with game-changing cyber security tools. Its research empowers users with the ability to know, act upon, and stay private in their data transactions in third-party environments. This seminar will briefly introduce the journey of CROW – NZ's first cyber security lab – and showcase breakthroughs in data provenance, and privacy-preserving computations. I will also be demonstrating recent breakthroughs in data tracking, visualisation and malware detection, with the goal of inspiring collaborators to join me on the journey towards returning control of data to users.
Associate Professor Ryan Ko is founding Director of the New Zealand Institute for Security and Crime Science and founding Head of the Cyber Security Researchers of Waikato (CROW) at the University of Waikato. With CROW, he established NZ's first cyber security lab (2012) and graduate research programme (2013), co-established the NZ Cyber Security Challenge (since 2014), and authored NZ's level-6 curriculum in cyber security. He is advisor to the INTERPOL, NZ Ministry of Communications and Ministry of Justice, National Cyber Policy Office, and CERT NZ. Ryan has an established track record in technology commercialisation: as a HP Labs Lead Computer Scientist prior to academia at Bristol, Singapore and Silicon Valley, and recently as principal investigator of the MBIE-funded STRATUS project (NZ$12.23million; 2014-2020) –New Zealand's largest cyber security research grant.
His research focusses on returning data control to users, and challenges in cloud computing security and privacy, data provenance, and homomorphic encryption. He is also interested in attribution and vulnerability detection, focusing on ransomware propagation. With more than 70 publications including 3 Best Paper Awards, 3 books and 3 international patents, he serves on 6 journal editorial boards, and as series editor for Elsevier's security books. He also serves as the editor of the ISO/IEC 21878 standard – Security guidelines in design and implementation of virtualized servers. A Cloud Security Alliance (CSA) Fellow and recipient of the (ISC)2 Asia Pacific Information Security Leadership Award in 2015, he co-created the (ISC)2 CCSP certification. His views are sought by international and NZ media; he most recently served as spokesperson of CERT NZ. He holds a Bachelor of Engineering (Hons) in Computer Engineering and PhD. from Nanyang Technological University, Singapore.