My publications are available from the University of Kent's Academic Repository.
I belong to the following research groups:
My research focuses on the interaction between users and aspects of cyber security, privacy and trust. This considers the full spectrum of technologies in use today and encompasses topics such as:
- security and privacy in the internet of things (IoT) and social media (with an organisational and personal device focus);
- usable security as well as security awareness programmes in organisations and for the public;
- technical and psychological aspects of cybercrime (e.g., insider threat, phishing susceptibility and ransomware)
- identity security and privacy risks in cyberspace (this also considers areas such as open-source intelligence);
- detection of fake news and rumours (or conversely, trustworthy content) on social media; and
- corporate security in light of new forms of technology (e.g., IoT, wearables and cyber-insurance)
If you are interested in studying for a PhD in any of the topics above, please drop me a line.
- Nouh, M., Nurse, J.R.C., Webb, H. and Goldsmith, M., "Cybercrime Investigators are Users Too! Understanding the Socio-Technical Challenges Faced by Law Enforcement", in Workshop on Usable Security (USEC) at the Network and Distributed System Security (NDSS) Symposium, 2019, Internet Society. Link.
- Webb, H., Nurse, J.R.C., Bezuidenhout, L. and Jirotka, M., "Lab Hackathons to Overcome Laboratory Equipment Shortages in Africa: Opportunities and Challenges", in CHI Conference Extended Abstracts on Human Factors in Computing Systems. 2019. ACM. Link
- Agrafiotis, I., Nurse, J.R.C., Goldsmith, M., Creese, S. and Upton, D., "A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate", in Journal of Cybersecurity, volume 4, number 1, 2018. OUP. 10.1093/cybsec/tyy006.
- Nurse, J.R.C., "Cybercrime and You: How Criminals Attack and the Human Factors That They Seek to Exploit", In: Attrill-Smith, A., Fullwood, C., Keep, M. and Kuss, D.J., eds. The Oxford Handbook of Cyberpsychology. 2018. Oxford University Press. 10.1093/oxfordhb/9780198812746.013.35.
- Nurse, J.R.C. and Bada, M., "The Group Element of Cybercrime: Types, Dynamics, and Criminal Operations", In: Attrill-Smith, A., Fullwood, C., Keep, M. and Kuss, D.J., eds. The Oxford Handbook of Cyberpsychology. 2018. Oxford University Press. 10.1093/oxfordhb/9780198812746.013.36.
- Giasemidis, G., Kaplis, N., Agrafiotis, I., and Nurse, J.R.C. "A semi-supervised approach to message stance classification", in IEEE Transactions on Knowledge and Data Engineering. 10.1109/TKDE.2018.2880192.
- Kingston, C., Nurse, J.R.C., Agrafiotis, I., and Milich, A. B., "Using semantic clustering to support situation awareness on Twitter: the case of world views", in Human-centric Computing and Information Sciences Journal, volume 8, number 22, 2018. Springer. 10.1186/s13673-018-0145-6.
- Nurse, J.R.C., Creese, S., and De Roure, D., "Security Risk Assessment in Internet of Things Systems", in IEEE IT Professional, October, 2017. IEEE. DOI: 10.1109/MITP.2017.3680959.
- Nurse, J.R.C., Erola, A., Gibson-Robinson, T., Goldsmith, M. and Creese, S., "Analytics for Characterising and Measuring the Naturalness of Online Personae", in the Security Informatics Journal, volume 5, number 3, 2016. Springer. DOI: 10.1186/s13388-016-0028-1.
- Iuga, C., Nurse, J.R.C. and Erola, A., "Baiting the Hook: Factors Impacting Susceptibility to Phishing Attacks", in the Journal of Human-centric Computing and Information Sciences (HCIS), 2016. Springer. DOI: 10.1186/s13673-016-0065-2.
- Bada, M., Sasse, A. M. and Nurse, J.R.C., "Cyber Security Awareness Campaigns: Why do they fail to change behaviour?", in proceedings of the International Conference on Cyber Security for Sustainable Society (CSSS 2015). SSN+. Link.
- Nurse, J.R.C., Buckley, O., Legg, P.A., Goldsmith, M., Creese, S., Wright, G. and Whitty, M., "Understanding Insider Threat: A Framework for Characterising Attacks", in proceedings of the IEEE Security and Privacy Workshops (SPW 2014), associated with the 35th IEEE Symposium on Security and Privacy (SP 2014). IEEE. DOI: 10.1109/SPW.2014.38.
- Nurse, J.R.C., Agrafiotis, I., Creese, S., Goldsmith, M. and Lamberts, K., "Two Sides of the Coin: Measuring and Communicating the Trustworthiness of Online Information", in the Journal of Trust Management, volume 1, number 5, 2014. Springer. DOI: 10.1186/2196-064X-1-5.
I have also contributed directly or provided expert feedback to several industry/government reports. These include:
- The Role of Further and Higher Education in Cyber Security Skills - UK Department for Digital, Culture, Media & Sport (DCMS)
- Internet of Things: Realising the Potential of a Trusted Smart World - Royal Academy of Engineering. 2018.
- Lloyd’s of London Emerging Risk Report - Networked world Risks and opportunities in the Internet of Things. 2018.
- Cybersecurity in the EU Common Security and Defence Policy (CSDP): Challenges and risks for the EU. 2017.
- Visiting Academic in Computer Science at the University of Oxford
- Visiting Fellow in Defence and Security at Cranfield University
- Professional Member of the British Computer Society
- Research Member of Wolfson College Oxford
- Member of the Security Awareness Special Interest Group (SASIG)
- Seminar organiser for Kent's Cyber Security Group / Kent Interdisciplinary Research Centre in Cyber Security (KirCCS)
Selected Professional Activities
- Publicity Chair for the International Workshop on Cyber Insurance and Risk Controls in conjunction with the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (2018, 2019)
- Programme Committee member for the European Conference on Cognitive Ergonomics (2019)
- Programme Committee member for the International Conference on Privacy, Security and Trust (2019)
- Programme Committee member for the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (2019)
- Co-Chair for the Trust track for the International Conference on Privacy, Security and Trust (2018)
- Programme Committee member for the World Conference on Information Security Education (2018)
- Programme Committee member for the Annual International Conference on Computational Social Science (2018)
- Programme Committee member for the British Human Computer Interaction Conference (2017 – Present)
- Programme Committee member for the International Conference on Social Informatics (2017 – Present)
- Guest Editor of the Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable, Special Issue on "Insider Threat Solutions: Moving from Concept to Reality" (2017)
- Co-Chair for the Special Session on "Modelling for user behaviour: Towards a formal understanding of user errors in secure systems" at the International Conference on Human Aspects of Information Security, Privacy and Trust at the HCI International Conference (2017)
- Programme Committee member for the IEEE Computer Society International Conference on Computers, Software & Applications (2016)
- Programme Committee member for the International Workshop on Managing Insider Security Threats, part of the ACM Conference on Computer and Communications Security (2015 – Present)
- Programme Committee member for the Workshop on Research for Insider Threat, a part of the IEEE Computer Society Security and Privacy Workshops (2014 – 2016)
- Programme Committee member for the International Conference on Human Aspects of Information Security, Privacy and Trust at the HCI International Conference (2013 – 2017)
- Programme Committee member for the International Conference on Information Security and Digital Forensics
- Programme Committee member and Poster Reviewer for the ACM Conference on Security and Privacy in Wireless and Mobile Networks (2013)
Selected Research and Public Engagement Talks/Articles
- Amazon, Facebook and Google don’t need to spy on your conversations to know what you’re talking about - The Conversation. (2019)
- Fortnite has another security flaw and Epic's response wasn't great - Interviewed for Wired UK (2019).
- Advice for CISOs: Want More Resources? Think Beyond Pure Tech - Interviewed for Symantec Blogs Feature Stories (2019).
- Fitness apps and privacy - Interviewed for BBC World Service, The Why Factor (2019).
- Featured Scientist in Children's book, Fantastic Jobs and How to Get Them. Copies available here (2018).
- At least 57 negative impacts from cyber-attacks - covered by Phys.org, ScienceDaily, FlipBoard, GlobalHomeland, ThreatBrief, and others.
- How to avoid being a victim of cybercrime in Kent - Interviewed for Kent Online. (2018)
- Cybersecurity in the Internet of things - Interviewed for Internet of things podcast. (2018)
- Fortnite is setting a dangerous security trend - The Conversation. (2018)
- Strava storm: why everyone should check their smart gear security settings before going for a jog - The Conversation. (2018)
- The Internet of Things and Voice Assistant Tech – Balancing the risks and benefits - EPSRC Blogs. (2018)
- Cybersecurity: What keeps me up at night? – Lecture at British Computing Society (BCS) Oxfordshire event, in Oxford, UK. (2018)
- How cybercriminals exploit us and what we can do about it – Lecture at Pint of Science Festival, in Oxford, UK. (2018)
- Risks to online privacy – Lecture at Parque Explora Science Museum, in Medellin, Colombia. (2018)
- The Cybersecurity Challenge: Emerging risks in complex environments – Keynote at the Advisen Annual Cyber Risk Insights Conference, in London, UK (2018)
- Cybersecurity: It's so much more than just 1s and 0s! – Keynote at the 59th London International Youth Science Forum (LIYSF), in London, UK. (2017) [pdf booklet]
- BBC Tech Tent: fake news, algorithms and listening gadgets – BBC Tech Tent podcast to speak about voice assistant technology and its privacy risks, in UK. (2017)
- Is Your Device Listening To You? – Panellist at Cheltenham Science Festival, in Cheltenham, UK. (2017) [pdf booklet]
- Faces of Social Media – Privacy and Security – Lecture at Oxfordshire Science Festival in Oxford, UK. (2017)
- Examining Cyber Risk from a Technical Perspective – Lecture at SCOR 2016 Global P&C Annual Conference on Cyber Risk and Cyber Insurance, in Paris, France. (2016)
- On the Beauty and Peril of Social Media – Lecture at Hay-on-Wye Festival, in Hay-on-Wye, UK. (2016)
- Science in Social Media* - University of Oxford’s Annual Christmas Science Lectures (MPLS), in Oxford, UK. (2014–2016) *Selected to represent Computer Science to give the prestigious Oxford Christmas Science Lecture in 2014, 2015 and 2016. [video]