Horizon CDT Research Highlights

Research Highlights

A novel approach to cybersecurity

  Neeshé Khan (2018 cohort)   neeshekhan.wordpress.com/author/neeshekhan

Industry 4.0 has led to a fluent exchange and capturing of communications and data, with big data more accessible to more individuals with a few clicks in a matter of minutes. While this empowers individuals, it has also created a new host of problems.

There are large amounts of information that individuals encounter daily resulting in excessive complexity in informed decision-making. Furthermore, seamless connectedness of technology has led to a merging of personal and professional life and an increasing amount of valuable assets individuals and organisations own. This results in a natural tension between the need to process information effectively, devising and adapting efficient ways to achieve goals instantly while still being able to protect information and assets from theft, abuse or to cause harm. These dangers can emerge from others, known or unknown, as well as to ourselves. Therefore, it is essential to address Insider Threat within Cybersecurity.

‘Insider Threat’, with a lack of agreement in literature [1], can essentially be defined as a threat that can be posed by an individual or a group, is a recurrent theme within Cybersecurity. Despite the growing attention to Cybersecurity in the past decade, it continues to be a field of importance [2, 3] and poses new challenges as the technologies evolve at a rapid pace and human behaviour adapts even faster [4] to find new ways to infiltrate systems for data cultivation and to profiteer from these activities. Cybersecurity remains an active research area, with growing importance on Insider Threat [5].

In this project I will incorporate a multidisciplinary approach by using established models that successfully mitigate threats and risks in other sectors such as health industry, financial, aviation, nuclear energy, automation and manufacturing. These applied models, adopted from Risk and Safety Engineering and Human Factors, are agile and consider dynamic environments. I will use a qualitative approach to understanding Insider Threat through collaborations with industry partner(s) with mixed-methods approach through questionnaires, interviews and case studies.

The outcomes will lead to a better understanding of the nature of this threat and development of a suite of tools that are solution based to identify, intervene and mitigate this threat. These tools will be developed to be utilised on an individual and organisational level with an aim to limit shortcomings whilst enhancing and supporting individual ways of working. I will also contribute to academia through testing the applicability of existing models in a new domain.


  1. D. A. Mundie, S. Perl and C. L. Huth. (2013) Toward an Ontology for Insider Threat Research: Varieties of Insider Threat Definitions. In IEEE 2013 Third Workshop on Socio-Technical Aspects in Security and Trust. Retrieved from here

  2. ENISA (2016) National Cyber security Strategies (NCSSs) Map. In European Union Agency for Network and Information Security Retrieved from here

  3. BEIS (2018) Policy paper- Industrial Strategy: building a Britain fit for the future Retrieved from here

  4. B. Hay et al. (2011) Storm Clouds Rising: Security Challenges for IaaS Cloud Computing. In IEEE 2011 44th Hawaii International Conference on System Sciences Retrieved from here

  5. J. Lewis (2018) McAfee: Economic Impact of Cybercrime — No Slowing Down. Retrieved from here

This author is supported by the Horizon Centre for Doctoral Training at the University of Nottingham (RCUK Grant No. EP/L015463/1) and Warwick Manufacturing Group and Catapult Manufacturing.