Editorial Board

Alessandro Acquisti is a Professor of Information Systems and Public Policy at the Heinz College, Carnegie Mellon University, and a member of Carnegie Mellon CyLab. He is the co-director of CMU Center for Behavioral Decision Research, and a member of the National Academies' Committee on public response to alerts and warnings using social media and associated privacy considerations. Alessandro has been the recipient of the PET Award for Outstanding Research in Privacy Enhancing Technologies, the IBM Best Academic Privacy Faculty Award and the Heinz College School of Information's Teaching Excellence Award. 

Carly Beckerman is an Associate Professor at Durham University in the School of Government and International Affairs. Her main research interests include security, foreign policy decision-making and leader perceptions of political risks under conditions of incomplete information. She is particularly interested in issues related to unconventional warfare, such as cybersecurity, and how those seemingly novel risks are communicated to decision-makers.

Madeline Carr is Professor of Global Politics and Cybersecurity at University College London. Her research focuses on the implications of emerging technology for national and global security, international order, and corporate governance.

Professor Carr has published on cyber norms, multi-stakeholder Internet governance, the future of the insurance sector in the IoT, cybersecurity and international law, the public/private partnership in national cyber security strategies, and the ways in which boards approach cyber risk. Professor Carr is a member of the World Economic Forum Global Council on the Connected World where she chairs a cross-sectoral group working on the cybersecurity of the Internet of Things. She is also the Co-Director of an interdisciplinary Centre for Doctoral Training in Cybersecurity at UCL and Deputy Director of the REPHRAIN Protecting Citizens Online research hub. From 2018 – 2022, Carr was the Director of the UK wide Research Institute for Sociotechnical Cyber Security and developed a research programme on cybersecurity in local government. Professor Carr is a Senior Research Associate at RUSI.

Tristan Caulfield is an Associate Professor at University College London, in the department of Computer Science.  His research interests span a wide range of topics including systems modelling, privacy and regulation, security economics, and disinformation.  He is a former director of RISCS, the Research Institute for Sociotechnical Cyber Security.

Lorenzo Cavallaro is a Full Professor of Computer Science at UCL Computer Science, where he joined the Information Security Research Group. There, he leads the Systems Security Research Lab, which focuses on understanding and improving the effectiveness of machine learning methods for systems security in the presence of adversaries. In particular, the lab investigates the intertwined relationships of program analysis and machine learning and the implications they have towards realizing Trustworthy ML for Systems Security.  Lorenzo's research appears in globally-renown computer security conferences, where he often serves on their PC. Lorenzo served as Program Co-Chair of Deep Learning and Security 2021-22 @ IEEE S&P, and DIMVA 2021-22, ACM EuroSec 2019-20 @ ACM EuroSys, and General Co-Chair of ACM CCS 2019.  Lorenzo holds a PhD in Computer Science from the University of Milan (2008), held Post-Doctoral and Visiting Scholar positions at Vrije Universiteit Amsterdam (2010-2011), UC Santa Barbara (2008-2009), and Stony Brook University (2006-2008), worked in the Department of Informatics at King's College London (2018-2021), where he held the Chair in Cybersecurity (Systems Security), and the Information Security Group at Royal Holloway, University of London (2012-2018).

Jonathan Cave is a Professor in the Department of Economics at University of Warwick. His research interests cover economic theory and industrial economics including: combined voting/economic games, regulatory design and evaluation, implementation and mechanism design, telecommunications and internet policy, governance of livestock disease, complexity in healthcare systems, games played on networks, procurement and innovation, sustainable development, privacy, identity and trust, and eGovernment.

Stephen Flowerday is a Professor of Information Systems at the School of Cyber Studies, University of Tulsa. He directs the Graduate Program in Cyber Studies, which has over twenty full-time doctoral students researching cybersecurity-related topics. His research interests lie in behavioral cybersecurity, information security management, privacy, and the human aspects of cybersecurity.

Carlos H. Gañán is an associated professor in the Cybersecurity group at TU Delft, where he conducts research on Internet security. His research interests include the Internet of Things and data science, with a focus on understanding and improving the Internet for all users from a security perspective. He uses global-scale measurement and data-driven security mechanisms to study the deployment and security of Internet services and analyzes the implications of emerging technologies on the Internet. Dr. Gañán has participated in national and international projects related to cybersecurity and network communications, and has designed cryptographic and privacy-preserving protocols to secure mobile networks.

Dr Alice Hutchings is a University Lecturer in the Security Group at the Computer Laboratory, University of Cambridge. She is also Deputy-Director of the Cambridge Cybercrime Centre, an interdisciplinary initiative combining expertise from computer science, criminology, and law. Specialising in cybercrime, she bridges the gap between criminology and computer science. Generally, her research interests include understanding cybercrime offenders, cybercrime events, and the prevention and disruption of online crime.

Richard S. John is Professor of Psychology and area head for Quantitative Methods and Computational Psychology at the University of Southern California (USC). He is also Associate Director of the National Center for Risk and Economic Analysis of Terrorism Events (CREATE) at USC. His research focuses on normative and descriptive models of human judgment and decision making and methodological issues in the application of decision analysis and probabilistic risk analysis (PRA). His current research focuses on adversary risk analysis and the psychology of deterrence. 

Susan Landau is Bridge Professor in the Fletcher School of Law and Diplomacy and the School of Engineering, Department of Computer Science, Tufts University and Visiting Professor of Computer Science, University College London. Landau works at the intersection of cybersecurity, national security, law, and policy. Her new book, "Listening In: Cybersecurity in an Insecure Age," was published by Yale University Press. Landau has testified before Congress and frequently briefed US and European policymakers on encryption, surveillance, and cybersecurity issues. Landau has been a Senior Staff Privacy Analyst at Google, a Distinguished Engineer at Sun Microsystems, and a faculty member at Worcester Polytechnic Institute, the University of Massachusetts Amherst and Wesleyan University. She is a member of the Cybersecurity Hall of Fame, a fellow of the American Association for the Advancement of Science and of the Association for Computing Machinery.

Kanta Matsuura received his Ph.D. degree in electronics from the University of Tokyo in 1997. He is currently a Professor of Institute of Industrial Science at the University of Tokyo. His research interests include cryptography and cybersecurity management such as security economics. He was an Associated Editor of IPSJ Journal (2001-2005) and IEICE Transactions on Communications (2005-2008). He was Editor-in-Chief of Security Management (2008-2012), and is an Editorial-Board member of Design, Codes, and Cryptography (2010-present). He is a fellow of IPSJ, and a senior member of IEEE, ACM, and IEICE. He is President of JSSM (Japan Society of Security Management) (2021-present). He is a member of Science Council of Japan (2017-present).

Jason R.C. Nurse is an Associate Professor in Cyber Security in the School of Computing at the University of Kent and the Institute of Cyber Security for Society (iCSS), UK. He also holds the roles of Visiting Fellow in Defence & Security at Cranfield University, and Associate Fellow at the Royal United Services Institute for Defence and Security Studies (RUSI). His research explores the interdisciplinary nature of security, with a particular focus on human factors, psychology, and organisational aspects.

Peter Y A Ryan is Professor of Applied Security at the University of Luxembourg. He has over 30 years of experience in cryptography, information assurance and formal verification. He pioneered the application of process algebras to modelling and analysis of information flow and crypto protocols. He has published extensively on cryptography, cryptographic protocols, mathematical models of computer security and, most recently, high assurance voting systems. He is the creator of Prêt à Voter, Pretty Good Democracy (with Vanessa Teague) and OpenVote (with Feng Hoa) and Selene (with P Roenne and V Iovino) and Hyperion verifiable voting schemes. With Feng Hao he proposed the Password Authenticated Key Establishment Protocol J-PAKE. Prior to joining the University of Luxembourg he was a Professor of Computing Science at Newcastle University. He has worked at GCHQ, the Defence Research Agency, SRI in Cambridge UK and the Software Engineering Institute, CMU Pittsburgh. He is a Visiting Professor at the University of Surrey and the ENS Paris.

Dr. Jonathan Spring is a cybersecurity specialist in the Cybersecurity and Infrastructure Security Agency. Working within the Cybersecurity Division’s Vulnerability Management Office, his area of focus includes researching and producing reliable evidence to support effective cybersecurity policies at various levels of vulnerability management, machine learning, and threat intelligence.

Rahul Telang is a Professor of Information Systems and Management at the Heinz College at Carnegie Mellon University and at the Tepper School of Business (Courtesy). He is interested in economics of information security and privacy broadly. His research predominantly uses empirical methods to examine the incentives of various parties (users, firms and hackers) in investing in security and privacy, why markets fail, how to create a useful policy framework and how to measure the effectiveness of such policies. His work has explored the challenges of vulnerability disclosure, vulnerability markets and their role in generating optimal outcomes. Recently, he has been examining the role of data breach policies.

Luca Viganò is Professor at the Department of Informatics of King's College London, UK, where he heads the Cybersecurity Group. His research focuses on formal methods and tools for the specification, verification and testing of security and privacy. He is particularly interested in formal analysis of socio-technical systems, whose security depends intrinsically on human users, and of cyber-physical systems, where one needs to explicitly consider the underlying physical processes. He also works in explainable security, and in applications of mathematical logic to security and privacy and to other problems in computer science.

Julian Williams is chair in accounting and finance at Durham University’s Business School and executive director of the Durham University Institute of Hazard Risk and Resilience (IHRR). His research area crosses the broad spectrum of risk and resilience with particular focus on cyber security, cyber-insurance and cyber markets. Julian’s recent work has been on secure distributed market infrastructure and has a patent pending on the cryptographic implementation of secure distributed limit order-books. He has worked, and lead, numerous projects on risk-based modelling including acting as the scientific director of the European Commission multinational project SECONOMICS studying cyber physical risks, insurance and critical national infrastructure. Since 2019 Julian has been the executive director of Durham’s IHRR working on projects using secure technology to enable and empower people across the world.

Pieter Wolters is an associate professor at the Radboud Business Law Institute and Radboud's interdisciplinary research hub on digitalization and society (iHub). His research concerns the intersections of cybersecurity, privacy and private law. His research topics include the private enforcement of privacy and cybersecurity law, the European legal framework for cybersecurity and privacy, legal obligations to provide secure software and the legal requirements on the cybersecurity of digital information.

Daniel Woods is a Lecturer in Cybersecurity at the University of Edinburgh’s School of Informatics, a position that is jointly appointed by the British University in Dubai. He researches the economics of security and privacy with a focus on cyber insurance, risk management, cybersecurity quantification, and privacy preference signals. Daniel completed his PhD in cybersecurity at the University of Oxford.

Konrad Wrona is a Principal Scientist at the NATO Cyber Security Centre in The Hague, The Netherlands, where he is leading the Architecture, Policy and Innovation team. He also holds a research position at the Military University of Technology in Warsaw, Poland. Konrad has over 20 years of work experience in an industrial (Ericsson Research and SAP Research) and in an academic (RWTH Aachen University, Media Lab Europe, and Rutgers University) research and development environment. He received his M.Eng. in Telecommunications from Warsaw University of Technology, Poland, in 1998 and his Ph.D. in Electrical Engineering from RWTH Aachen University, Germany, in 2005. He is an author and a co-author of over seventy publications, as well as a co-inventor of several patents. His professional interests include a broad range of security issues in information systems, communication networks, wireless and mobile applications, distributed systems, and the Internet of Things. Konrad Wrona is a Senior Member of the IEEE, a Senior Member of the ACM and a Member of IACR.