DPhil in Sociology
Research Interests: Multi-domain information and IT-Security.
My research is concerned with multi-domain information and IT-Security. In this area, the interdependence of computer systems themselves but also different firms, institutions, and individuals is inevitable, yet risky. My research involves the analysis of security risks and actual incursions from both the technological and the social angle, studying how security breaches happen, how attacks are executed, and finally how to best defend complex infrastructures against different offensive strategies and adversaries. My work-experience in IT helps me to explain security matters and mechanisms multidimensionally, and allows me to propose workable policies. I have recently finished my empirical work pertaining to how the security field is regulated, and why current regulation attempts have little positive impact. At the moment, I am working on the problem of assessment when it comes to different entities that are relevant to IT and information security (e.g. hardware, software, people, organisational arrangements) and trust building in this field. I also use network analysis and my primary network data to better grasp the ways in which security teams operate and collaborate.
During my doctorate, I have developed a strong interest in security policy, regulation, strategy, and governance. Most breaches and successful attacks, both those resulting from advanced persistent threats and from less sophisticated profit driven computer crime, involve exploits of socio-political and IT security weaknesses in unison. My main focus in governance matters are empirically informed, strategic and regulative measures that cut across different dimensions in large technological, organisational, or (inter)-national arrangements.
PGP Key for firstname.lastname@example.org: 0xF2D40394