Centre of Expertise Cyber Security

The importance of digital security has become indispensable for the world we live in.

Contact us
Kenniscentrum Cyber Security, IT-engineers werken in een datacenter

About the Centre of Expertise

The mission of the Centre of Expertise Cyber Security is to strengthen the cyber resilience of public and private organisations that are themselves less equipped to deal with cyber threats.  Cyber resilience represents the ability of organisations to recognise cyber threats and respond to them appropriately. The focus on cyber resilience stems from the observation that organisations will all have to deal with cyber incidents sooner or later and therefore need to focus not only on preventive measures, but also, for example, on detection and response.

Infographic 2023 Cyber Security

In order to gain a better understanding of how to realise cyber resilience, our research focuses on three sub-areas:

  1. People: which behavioural and attitudinal aspects influence cyber resilience and how can organisations improve these aspects for cyber resilience?
  2. Organisation: which organisational aspects influence cyber resilience and how can organisations improve these aspects for cyber resilience?
  3. Technology: which technical aspects influence cyber resilience and how can organisations improve these aspects for cyber resilience?

Since its establishment in 2015, the Centre of Expertise Cyber Security has grown rapidly, and a great deal of practice-oriented research has been completed. We remain committed to sustaining previous successes and creating synergies between practice-oriented research, education and professional practice.

Projects

View All

News

View All

Research groups

Team

 

Meet our team

Team Cyber Security

Publications

Factors influencing entrepreneurs in reporting ransomware victimization

Researchers from the Centre of Expertise Cyber Security investigated the willingness of entrepreneurs to report ransomware victimization. What determines whether they choose to report an incident or not, and which factors play a role in this decision?

To report or not to report: Exploring the motivations and factors associated with reporting of ransomware victimisation among entrepreneurs - ScienceDirect
 

 

Information security education based on job profiles and the e-CF

The information security field requires standardised education. This could be based on generic job profiles and a standard competence framework. The question is whether this is possible and feasible. To find out, the author did a case study: developing an information security master curriculum based on a generic PVIB job profile and the underlying competence framework e-CF.

Read more

Cyber crises require anticipation and improvisation

The ransomware attack on Maastricht University (2019) and the wiperware attack on Maersk (2017) painfully demonstrated that major incidents cannot be prevented and can even turn into cyber crises. The extent to which organisations can limit the impact of cyber crises is determined, among other things, by their business continuity and crisis management. How do you adequately organise these control measures, however?

Download article (PDF)

Secure Naming for Distributing Computing using the Condensed Graph Model

Implementing a distributed computation architecture has several basis functional requirements, such as load balancing, fault tolerance and security. The challenge is in how you manage these requirements as a whole. Security is a specific problem in that it is made up of a number of important aspects, such as confidentiality, integrity and availability. Each of these aspects is vital in a distributed system.One important aspect of security is access control. The central premise of this thesis is: “If you can name it, you can control access to it”.This dissertation examines the security requirements of the WebCom distributed computing environment and develops the security architecture for WebCom, primarily to provide a systematic access control mechanism for condensed graph applications.The flexibility of this architecture is demonstrated with a number of case studies, including a micropayment architecture for distributed computations, an automated administration architecture for Grid and an activity based secure workflow architecture.

T.B. Quillinan. Secure Naming for Distributing Computing using the Condensed Graph Model. Ph.D. Thesis. University College Cork, Cork, Ireland. July 2006.