Pete Woodward, Chief Information Officer of Securious Limited, explains what PCI DSS means to SMEs and large corporations.

Pete discusses some of his experiences gained through working within large retail as well as smaller merchants, to help understand and get to grips with the latest PCI DSS standard. As Pete demonstrates, it isn't all plain sailing...

The talk was part of Secure South West 6, which was held at Plymouth University on 9 February 2016.

[(CC) BY-NC-SA 2.0 UK]

Many people see security as synonymous with secrecy and confidentiality – properties that we are less able to maintain thanks to technology-enabled data sharing.

This panel explores the impacts of modern online behaviours, including how the Internet has changed the culture of information sharing, what this means for corporate data security, and what can be done to address it.

The session was part of Secure South West 6 at Plymouth University on 9 February 2016. [(CC) BY-NC-SA 2.0 UK]

Robert Bond reviews global data protection frameworks and the future challenges for managing compliance.

Robert is a Partner and Notary Public at Charles Russell Speechlys LLP and a Certified Compliance & Ethics Professional. He is a legal expert and author in the fields of e-commerce, computer games, media and publishing, data protection, information security and cyber risks.

The talk was part of Secure South West 6 at Plymouth University on 9 February 2016. [(CC) BY-NC-SA 2.0 UK]

Henrik Kiertzner discusses the fact that proper security is complicated and depends on getting the details right. There are no silver bullets and time must still be spent integrating and tuning the various components that go into sensible, risk-managed, affordable security architectures, which are effective but do not impact operations or legitimate use of the systems they protect.

The session was part of Secure South West 6, at Plymouth University on 9 February 2016. [(CC) BY-NC-SA 2.0 UK]

When the cyber security function deals with risk, management and mitigation are the first option - and risk transfer is often neglected. However, there are signs that transferring risk through cyber insurance may be the "next big thing" for the insurance industry.

Dr Jeremy Ward looks at cyber risk insurance and what it might mean for cyber security in future.

The session was part of Secure South West 6, which was held at Plymouth University on 9 February 2016. [(CC) BY-NC-SA 2.0 UK]

From 2000BC, cryptography used substitution ciphers and relied on a key exchange. With Public Key Cryptography, Mathematics enabled exchange of a secret message without sharing a secret key. Now, through Physics, cryptography is literally awaiting a quantum leap: Can you transmit a key in the open without risk of eavesdropping?

Prof. Kurt Langfeld explains concepts from Free Mason ciphers through to RSA, before explaining and illustrating Quantum Cryptography.

[(CC) BY-NC-SA 2.0 UK]

Current authentication approaches: secret knowledge, tokens and biometrics, all fail to provide universally strong authentication - with various well-documented failings. Prof. Nathan Clarke discusses research that has been undertaken at Plymouth to develop a new approach that seeks to minimise the burden placed upon users, yet improves the level of security currently being provided. The talk was delivered at Plymouth University on 2 December 2015. [(CC) BY-NC-SA 2.0 UK]

Footage from the Retro Gaming 2015 event, hosted at Plymouth University and run in collaboration with the South West Branch of BCS, the Chartered Institute for IT, on 26 October 2015. Over 30 consoles and electronic games from the mid-1970s to the early 2000s were available to play. [Released under Creative Commons Attribution-NonCommercial-ShareAlike 2.0 UK: England & Wales licence.]

Cybercrime is now a well-established and widely recognised concern. However, attempts to quantify it yield dramatically varied numbers, highlighting a difficulty in establishing the scale, cost and impact of attacks.

Steven Furnell examines the nature of current measures, including the potential disconnect between them and the aspects that are potentially more important for us to understand.

The talk was delivered at University of Oxford on 5 June 2015.

[(CC) BY-NC-SA 2.0 UK]

Users are often referred to as the weakest link, and despite years of talking about security education and awareness, we seem no closer to achieving it on a wide scale.

Are people fundamentally incompatible with good security? Are the barriers too high, and is there simply too much to know for the average user? Is it ultimately better for others to take the decisions for them?

This session was part of HAISA 2015, held in Mytilene, Greece, from 1-3 July 2015.

[(CC) BY-NC-SA 2.0 UK]