Spotlight Post

This week our spotlight is on Dan Prince, Professor of Cyber Security in the School of Computing and Communications. Dan has been at Lancaster University for over 20 years, working on his research passions. Dan’s research is in understanding how we measure the risk posed to our digital systems by cyber attacks. This includes understanding how threat actors (the bad folks) interact with these systems to corrupt them. This includes coming up with ways to measure the things they do to evaluate the threat actors’ different properties, such as technical capabilities and capacity. Much of the work is focused on building traps to observe the threat actors in more detail and for longer to get better intelligence about how they operate.

The main focus of Dan’s work is around the instrumentation needed to make cyber security measurements. He then uses this to build mathematical models and define characteristics of threat actors. Firstly, he works on understanding what needs to be measured. He then works out how these measurements relate to the tools, tactics and procedures of the attackers to work out the attacker capability. The third step is to see how this can then be used to understand attacker goals and providing attribution.

Dan also does a significant amount of activity around engagement and impact, and more generally science communication around cyber security. He finds it important to help develop a rational, public discourse around cyber, because it is so important. He identifies public misinformation widely available, so he does a considerable number of events and media to get the message out about how people can protect themselves. Dan recently appeared on BBC Breakfast’s red sofa over the summer, talking about the Crowdstrike cyber issues and ensuring the public have the most up to date and reliable information possible.

Dan is currently working with a PhD student, funded by Fujitsu, who is developing the techniques and tools mentioned above. Projects like this one do take time, but the long-term goal is to make society a safer place to be. Dan is very proud of getting to help people in the wider public to develop their skills, knowledge and expertise to become better informed regarding cyber. However, he is also proud of sparking an interest and developing expert knowledge in students at the University. If he had to choose a career highlight, he is most proud of the popular Masters programme in cyber security that students can study here at Lancaster University. He developed this over a decade ago and around 500 students have graduated. It has a world leading reputation as one of the first programmes in the UK to be certified by the National Cyber Security Centre. His best moment each year is seeing these students graduate and watching them grow and develop to become cutting edge cyber leaders in their own right.

Dan finds that the best thing about being in the Faculty of Science and Technology is the sense of community and collaboration. The fun stuff happens when you are working with similarly driven people but with different skills, knowledge and problems. He’s open to engaging with anyone and everyone who has an interest in cyber, so feel free to get in touch.