Story image

Dr Ryan Ko steps down as head of Cybersecurity Researchers of Waikato

18 Dec 2018

Cybersecurity Researchers of Waikato (CROW) head Dr Ryan Ko is stepping down from his position and moving to Australia to become the University of Queensland’s UQ Cyber Security chair and director.

Ko played a major part in the formation of CROW and worked with the University of Waikato to bring it to life. Ko joined the University of Waikato in 2012.

Ko has also been a driving force behind the New Zealand Cyber Security Challenge, and the government’s $12.2 million STRATUS cybersecurity project.

The STRATUS project, launched in 2014, aims to help users control the security of their data in a cloud environment without third party guarantees.

University of Waikato lecturer Dr Vimal Kumar will take Ko’s place as leader of CROW. He has previously been involved with CROW in a smaller capacity. Kumar’s expertise lies in IoT security, wireless sensor networks, cloud computing, and general cybersecurity.

Recently Ko was one of the principal investigators behind a study about New Zealanders’ perceptions and beliefs about encryption.

Ko worked with Dr Michael Dizon and associate professor Wayne Rumbles on the study, which was funded by the New Zealand Law Foundation’s Information Law and Policy Project.

The study found that New Zealanders put the highest value on privacy, data protection, information security and trust. 

In relation to encryption, New Zealanders also recognise that these technologies can affect national security and law enforcement. That battle is known as ‘the encryption dilemma’, according to the researchers. 

“Trust cuts across and connects the different principles, values and uses of encryption. Users have to be able to: first, trust that the technology is safe and secure; second, trust companies with their privacy and security; and, finally, trust the government to respect their human rights,” comments Dr Dizon.

The researchers suggest that the development of encryption laws and policies must take into account trust, which then must be built into that framework.

“If governments decide to require backdoors in encryption, then no one will trust or use it because it’s insecure. If law enforcement agencies are granted the power to compel people to disclose their encryption passwords, this could result in greater mistrust of government”.

Certainly the Australian government has caused a worldwide furore over that exact issue in the last few weeks.

“Backdoors are also at odds with another key principle that encryption should be resistant to attacks. They compromise a computer system’s security and resilience”, Dizon said earlier this year. 

“Their position against backdoors is supported by the recently proposed Assistance and Access Bill 2018 in Australia, where the Australian Government declares that it has no interest in undermining systems that protect the fundamental security of communications. This includes a prohibition on building a decryption capability. So-called ‘backdoors’ weaken the digital security of Australians and others”.

By requiring Australian service providers to provide backdoors, critics have pointed out that this undermines the entire point of security and may have a huge impact on how other countries deal with Australian technology services."

Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.
Avi Networks: Using visibility to build trust
Visibility, also referred to as observability, is a core tenet of modern application architectures for basic operation, not just for security.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.