CyBOK — The Cybersecurity Body of Knowledge
24 episodes - English - Latest episode: 9 months ago - ★★★★★ - 1 ratingA comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
CyBOK - AI for Security with Matilda Rhode
November 01, 2023 21:25 - 16 minutesCybersecurity, like other industries, has seen an explosion in the use of artificial intelligence (AI) and machine learning (ML) technologies in recent years. AI and ML can help to automate tasks. Data-driven approaches in general can draw patterns from vast volumes of data far quicker than humans are can. This episode summarises the state of AI for security at the time of writing and highlights some of the considerations to guide whether it is an appropriate approach for a given problem, com...
CyBOK - Security Economics with Tyler Moore
November 01, 2023 21:00 - 21 minutesThe Security Economics Knowledge Guide introduces some of the most impactful ways economics has helped to shed light on cybersecurity problems and frame solutions that blend private and public action. The guide focuses on the organizational, rather than individual, perspective, which is where the majority of scholarly activity has focused. The author of this knowledge guides shares canonical security failures from an economic perspective, describes key measurement challenges, reviews firm-lev...
CyBOK - Security and Privacy of AI with Lorenzo Cavallaro and Emiliano De Cristofaro
September 25, 2023 17:35 - 21 minutesMachine Learning (ML) has rapidly become a fundamental technology that underpins count- less applications, from natural language processing and computer vision to fraud detection and personalized recommendations. In recent years, there has been a growing understanding of how to use ML in security contexts, leading to the development of advanced tools and techniques for detecting and preventing malicious activities. However, the security and privacy aspects of ML itself remain less understood,...
CyBOK - Network Security 2.0 with Christian Rossow
September 21, 2021 14:43 - 20 minutesThe ubiquity of networking allows us to connect all sorts of devices and gain unprecedented access to a whole range of applications and services anytime, anywhere. However, our heavy reliance on networking technology also makes it an attractive target for malicious users who are willing to compromise the security of our communications and/or cause disruption to services that are critical for our day-to-day survival in a connected world. The Network Security 2.0 knowledge area explains the cha...
CyBOK - Formal Methods with David Basin
September 21, 2021 14:43 - 31 minutesThe Formal Methods knowledge area surveys the most relevant topics in formal methods for security. As a discipline, formal methods address foundations, methods and tools, based on mathematics and logic, for rigourously developing and reasoning about computer systems, whether they be software, hardware, or a combination of the two. The application of formal methods to security has emerged over recent decades as a well-established research area focused on the specification and proof of security...
CyBOK - Applied Cryptography with Kenny Paterson
September 21, 2021 14:42 - 31 minutesThe Applied Cryptography knowledge area This document provides a broad introduction to the field of cryptography, focusing on applied aspects of the subject. It complements the CyBoK document [1] which focuses on formal aspects of cryptography (including definitions and proofs) and on describing the core cryptographic primitives. That said, formal aspects are highly relevant when considering applied cryptography. As we shall see, they are increasingly important when it comes to providing secu...
CyBOK - Web and Mobile Security with Sascha Fahl
May 01, 2021 04:00 - 22 minutesThe purpose of the Web and Mobile Security chapter is to provide an overview of security mechanisms, attacks and defences in modern web and mobile ecosystems. Web and mobile security have become the primary means through which many users interact with the Internet and computing systems. Hence, their impact on overall information security is significant due to the sheer prevalence of web and mobile applications (apps). Covering both web and mobile security, this Knowledge Area emphasises the i...
CyBOK - Law and Regulation with Robert Carolina
September 01, 2020 04:00 - 37 minutesThe purpose of the Law and Regulation chapter is to provide a snapshot of legal and regulatory topics that merit consideration when conducting various activities in the field of cyber security such as: security management, risk assessment, security testing, forensic investigation, research, product and service development, and cyber operations (defensive and offensive). The hope is to provide a framework that shows the cyber security practitioner the most common categories of legal and regula...
CyBOK - Distributed Systems Security with Neeraj Suri
September 01, 2020 04:00 - 20 minutesThe purpose of the Distributed Systems Security chapter is to introduce the different classes of distributed systems categorising them into two broad categories of decentralised distributed systems (without central coordination) and the coordinated resource/services type of distributed systems. Subsequently, each of these distributed system categories is expounded for the conceptual mechanisms providing their characteristic functionalities prior to discussing the security issues pertinent to ...
CyBOK - Adversarial Behaviours with Gianluca Stringhini
September 01, 2020 04:00 - 17 minutesThe purpose of the Adversarial Behaviours chapter is to provide an overview of the malicious operations that are happening on the Internet today. The chapter discusses how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations. We speak with CyBOK Distributed Systems Security author Gianluca Stringhini for an introductory overview of the topic.
CyBOK - Hardware Security with Ingrid Verbauwhede
September 01, 2020 04:00 - 20 minutesThe purpose of the Distributed Systems Security chapter covers a broad range of topics from trusted computing to Trojan circuits. To classify these topics we follow the different hardware abstraction layers as introduced by the Y-chart of Gajski & Kuhn. We speak with CyBOK Hardware Security author Ingrid Verbauwhede for an introductory overview of the topic.
CyBOK - Privacy and Online Rights with Carmela Troncoso
July 17, 2020 19:06 - 18 minutesThe purpose of the Privacy and Online Rights chapter is to introduce system designers to the concepts and technologies that are used to engineer systems that inherently protect users’ privacy. We aim to provide designers with the ability to identify privacy problems, to describe them from a technical perspective, and to select adequate technologies to eliminate, or at least, mitigate these problems. We speak with CyBOK Privacy and Online Rights Knowledge Area author Carmela Troncoso for an in...
CyBOK - Network Security with Sanjay Jha
July 17, 2020 18:46 - 22 minutesThe purpose of the Network Security chapter is to explain the challenges associated with securing a network under a variety of attacks for a number of networking technologies and widely used security protocols, along with emerging security challenges and solutions. This chapter aims to provide the necessary background in order to understand other knowledge areas. An understanding of basic networking protocol stack and TCP/IP suite is assumed. We speak with CyBOK Network Security Knowledge Are...
CyBOK - Operating Systems & Virtualisation Security with Herbert Bos
July 17, 2020 18:31 - 17 minutesThe purpose of the Operating Systems & Virtualisation Security chapter is to introduce the principles, primitives and practices for ensuring security at the operating system and hypervisor levels. We see that the challenges related to operating system security have evolved over the past few decades, even if the principles have stayed mostly the same. We speak with CyBOK Operating Systems & Virtualisation Security author Herbert Bos for an introductory overview of the topic.
CyBOK - Human Factors with Awais Rashid
July 17, 2020 18:12 - 21 minutesThe Human Factors chapter presents a foundational understanding of the role of human factors in cyber security. One key aspect of this is how to design security that is usable and acceptable to a range of human actors, for instance, end-users, administrators and developers. This knowledge area also introduces a broader organisational and societal perspective on security that has emerged over the past decade. We speak with CyBOK Human Factors co-author Awais Rashid for an introductory overview...
CyBOK - AAA with Dieter Gollmann
July 17, 2020 18:08 - 20 minutesThe Authentication, Authorisation & Accountability (AAA) chapter presents the general foundations of access control and some significant instantiations that have emerged as IT kept spreading into new application areas. It will survey modes of user authentication and the way they are currently deployed, authentication protocols for the web, noting how new use cases have led to a shift from authentication to authorisation protocols, and the formalisation of authentication properties as used in ...
CyBOK - Risk Management and Governance with Pete Burnap
July 17, 2020 17:44 - 18 minutesThe Risk Management and Governance chapter explains the fundamental principles of cyber risk assessment and management and their role in risk governance, expanding on these to cover the knowledge required to gain a working understanding of the topic and its sub-areas. We speak with CyBOK Risk Management and Governance author Pete Burnap for an introductory overview of the topic.
CyBOK - Digital Forensics with Vassil Roussev
June 26, 2020 16:00 - 17 minutesThe Forensics chapter provides a technical overview of digital forensic techniques and capabilities, and to put them into a broader perspective with regard to other related areas in the cybersecurity domain. The discussion on legal aspects of digital forensics is limited only to general principles and best practices, as the specifics of the application of these principles tend to vary across jurisdictions. We speak with CyBOK Forensics author Vassil Roussev for an introductory overview of the...
CyBOK - Cyber-Physical Systems Security with Alvaro Cardenas
June 25, 2020 15:20 - 19 minutesCyber-Physical Systems Security are engineered systems that are built from, and depend upon, the seamless integration of computation, and physical components. While automatic control systems like the steam governor have existed for several centuries, it is only in the past decades that the automation of physical infrastructures like the power grid, water systems, or chemical reactions have migrated from analogue controls to embedded computer-based control, often communicating through computer...
CyBOK — Software Security with Frank Piessens
December 24, 2019 06:00 - 17 minutesThe purpose of the Software Security chapter is to provide a structured overview of known categories of software implementation vulnerabilities, and of techniques that can be used to prevent or detect such vulnerabilities, or to mitigate their exploitation. We speak with CyBOK Software Security Knowledge Area author Frank Piessens for an introductory overview of the topic.
CyBOK — Cryptography with Nigel Smart
December 17, 2019 06:00 - 20 minutesThe purpose of this chapter is to explain the various aspects of cryptography which we feel should be known to an expert in cyber-security. We speak with CyBOK Cryptography Knowledge Area author Nigel Smart for an introductory overview of the topic.
CyBOK — Security Operations and Incident Management with Hervé Debar
December 10, 2019 06:00 - 16 minutesAfter nearly 40 years of research and development, the Security Operations and Incident Management domain has reached a sufficient maturity to be deployed in many environments. We speak with CyBOK Security Operations and Incident Management Knowledge Area author Hervé Debar for an introductory overview of the topic.
CyBOK — Secure Software Lifecycle with Laurie Williams
December 04, 2019 13:15 - 20 minutesThe purpose of this Secure Software Lifecycle knowledge area is to provide an overview of software development processes for implementing secure software from the design of the software to the operational use of the software. We speak with CyBOK Secure Software Lifecycle Knowledge Area author Laurie Williams for an introductory overview of the topic.
Welcome to CyBOK with Awais Rashid
September 23, 2019 20:31 - 9 minutesWelcome to CyBOK, the Cybersecurity Body of Knowledge. A comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector. The CyBOK project aims to bring cyber security into line with the more established sciences by distilling knowledge from major internationally-recognised experts to form a Cyber Security Body of Knowledge that will provide much-needed foundations for this emerging topic. The project, funded by the National Cyber Sec...