The Cyber Risk Lab (CRL) is located at the University of Greenwich and carries out research and development on cyber risk challenges proposing new models and implementing solutions for addressing them!
Our mission is to tackle research challenges within the field of cyber risk management and the goal to invent methods to supoort cyber security decision-makers with their constant ‘‘fights’’ against cyber threats. Our recent work has been funded by the National Center for Cyber Security (NCSC), the EPSRC, and the European Commission. Our research focus is on the lifecycle of cyber risk minimisation process. By using well-known cyber knowledge bases (e.g. CVEs, MITRE TTPs), our research brings together cyber practice and applied mathematics to tackle cyber risk challenges. Prominent part of our work is the development of tools to support optimal strategies and decisions when addressing these challenges.
CRL’s research on cyber risk management studies how to address risk from different yet complementary perspectives to bring context to the overall security of the underlying environment (IoT, healthcare, domestic, SME, automotive). Our research commences with a phase of risk assessment (vulnerability-based, threat-based, and control-based), continuouing with the study of pre-emptive cyber risk controls, identification of threats, and reactive responses. Post-incident analysis within the context of cyber forensics has also been studied as part of CRL’s interests. We then model the interaction of cyber controls, their costs (time, people), and benefits in improving cyber risk. Depending on the underlying use case, CLR’s research proposes optimal ways to achieve security compliance, optimal return-on-security-investment (ROSI), and understandable ways for the decision-maker to communicate their decision to stakeholders prior to cyber investment decisions.
Our members include postdoctoral researchers, PhD students, MSc students, Software Developers, and undergraduate students all working in topics relevant to cyber risk management. CRL is based at the University of Greenwich yet has also established external collaborations with other academic groups and industrial partners.