Story image

Dr Ryan Ko steps down as head of Cybersecurity Researchers of Waikato

18 Dec 2018
Twitter
Facebook

Cybersecurity Researchers of Waikato (CROW) head Dr Ryan Ko is stepping down from his position and moving to Australia to become the University of Queensland’s UQ Cyber Security chair and director.

Ko played a major part in the formation of CROW and worked with the University of Waikato to bring it to life. Ko joined the University of Waikato in 2012.

Ko has also been a driving force behind the New Zealand Cyber Security Challenge, and the government’s $12.2 million STRATUS cybersecurity project.

The STRATUS project, launched in 2014, aims to help users control the security of their data in a cloud environment without third party guarantees.

University of Waikato lecturer Dr Vimal Kumar will take Ko’s place as leader of CROW. He has previously been involved with CROW in a smaller capacity. Kumar’s expertise lies in IoT security, wireless sensor networks, cloud computing, and general cybersecurity.

Recently Ko was one of the principal investigators behind a study about New Zealanders’ perceptions and beliefs about encryption.

Ko worked with Dr Michael Dizon and associate professor Wayne Rumbles on the study, which was funded by the New Zealand Law Foundation’s Information Law and Policy Project.

The study found that New Zealanders put the highest value on privacy, data protection, information security and trust. 

In relation to encryption, New Zealanders also recognise that these technologies can affect national security and law enforcement. That battle is known as ‘the encryption dilemma’, according to the researchers. 

“Trust cuts across and connects the different principles, values and uses of encryption. Users have to be able to: first, trust that the technology is safe and secure; second, trust companies with their privacy and security; and, finally, trust the government to respect their human rights,” comments Dr Dizon.

The researchers suggest that the development of encryption laws and policies must take into account trust, which then must be built into that framework.

“If governments decide to require backdoors in encryption, then no one will trust or use it because it’s insecure. If law enforcement agencies are granted the power to compel people to disclose their encryption passwords, this could result in greater mistrust of government”.

Certainly the Australian government has caused a worldwide furore over that exact issue in the last few weeks.

“Backdoors are also at odds with another key principle that encryption should be resistant to attacks. They compromise a computer system’s security and resilience”, Dizon said earlier this year. 

“Their position against backdoors is supported by the recently proposed Assistance and Access Bill 2018 in Australia, where the Australian Government declares that it has no interest in undermining systems that protect the fundamental security of communications. This includes a prohibition on building a decryption capability. So-called ‘backdoors’ weaken the digital security of Australians and others”.

By requiring Australian service providers to provide backdoors, critics have pointed out that this undermines the entire point of security and may have a huge impact on how other countries deal with Australian technology services."