Richard Henson is Senior Lecturer in Computing at the University of Worcester, specialising in Information Security. He is a Fellow of the British Computer Society, and a member the government’s IAAC (Information Assurance Advisory Committee), through it’s Academic Liaison Panel.
His research leans towards knowledge transfer, although he is helping to develop a body of knowledge informing thinking on information security in smaller business. He has written and co-written published papers over a number of years covering aspects of information security, particularly in relation to small to medium enterprises (SMEs) and the supply chain, and exploring the complex set of reasons why many SMEs have been consistently reluctant to engage with systematic information security when it is clearly in their interest to do so. He has been on local radio and written magazine articles on various aspects of cyber security. He has recently researched the use of insurance in its broader sense as a driver for improved awareness about information security matters, and continues to be perplexed about the low priority many SMEs give to information security.
Prior to his current role, Richard had many years’ experience of teaching, managing and researching computer networks. He led the first Foundation Degree programme in E-Commerce in the country, and was one of the founders of the Technology Strategy Board funded IASME Consortium. He remains passionately involved in the encouragement of an SME perspective in information assurance and information security standards, as a matter of national importance.
Richard is also passionate about the need for software to be secure, reliable and dependable. In the course of his lecturing he has piloted a ground-breaking programme from the Trustworthy Software Initiative (TSI) that will encourage university students and their tutors about the need for code to be developed so it meets clearly defined standards. This initiative is supported by the IET, BCS, and UK government office of Cyber Security and Information Assurance (OCSIA), with the objective of improving the safety, reliability and trustworthiness of UK-developed software over the coming years. This has been helped by the emergence of a standard, PAS754, for specifying software with security considerations built-in.
He is also an external examiner for two universities, a STEMnet ambassador, and Chair of the Hereford & Worcester BCS branch
When I advise businesses on being protected against cyber-attacks, one of the first things I focus on is their desktop operating systems. Updates bring about improvements, and fix potential security flaws. It is free, and can easily be automated, but can also be forgotten. Old operating systems often cannot be updated, and from a security perspective this is dangerous. Organisations […]
Sorry for not posting for some time, but 2016 has been such a topsy-turvy year regarding progress with organisational Cyber Security. It started with the announcement that the EU was going ahead with its new, stronger, data protection regulation (GDPR). This would (of course) include the protection of personal data in the UK. Stronger meant, amongst other things, that organisations […]
The New European Data Protection Law (GDPR), is expected some time in the summer of 2016. Who would have thought that the US State of California would have led the world on an important matter of human rights? Well, back in 2002, against all expectations, California did indeed produce ground-breaking Data Breaches legislation, which became law in 2003 (SB 1386). Most other […]
A cyber crime video was launched recently in Birmingham that took a lot of time in filming and editing, and deserves more of an airing than it has received to date. The video has contributions from a number of local/regional experts and victims of cyber crime and is highly recommended. It is thought that many small businesses that have been […]
Despite the impression given by media reporting on larger companies, it is the small business that is probably most at risk of being hacked. Their customers may not take kindly to having their privacy compromised, or being unable to log in due to systems put out of action. Until very recently, some considered it an acceptable risk assessment strategy for small businesses to “run the risk”, in the […]
When I first heard the term “social engineering” I thought of high rise buildings and moving people from back-to-back terraced housing in the 1960s, in the vain hope that it would create a new (even improved?) social dynamic. That is roughly what the term meant to most social scientists. Quite surprised that it was being presented as a type of […]
So the BBC have finally told it as it is, through the latest Panorama episode, available on i-player. Better late than never, as they say! Highly recommended. Allow me to introduce myself. My name is Richard Henson, and I’ve been lecturing at University of Worcester for over 15 years. Whilst I am interested in technical matters, my passion is the […]