Dr Lynsay Shepherd

Lecturer

School School of Design and Informatics

Department Division of Cyber Security

Contact info

+44 (0)1382 30 8685

Biography

Despite the availability of security tools, devices are still vulnerable to compromise via the risky security behaviour of end-users. Risky behaviour is not necessarily obvious to all end-users, and can be difficult to recognise. Lynsay is interested in the human aspects of cyber security, investigating how to effectively communicate security information to average end-users.

Research interests: usable security; human-computer interaction; eye tracking; security awareness; affective feedback; open-source intelligence, secure software development.

Lynsay supervises a variety of projects at both undergraduate and postgraduate levels. If you are interested in pursing a PhD in any of the aforementioned topics, please get in contact with her.

Modules for 2018/19:

  • CMP204 Dynamic Web Development, 2016 - present (module leader)
  • CMP311 Professional Project Development and Delivery, 2016 - present (computing programme specialist)
  • CMP319 Ethical Hacking 2, 2016 - present (co-deliverer)
  • CMP416 Digital Forensics 2, 2018 - present (co-deliverer, mobile forensics specialist)

Previous modules taught:

  • CMP308 Professional Project Planning and Prototyping (computing programme specialist)
  • CMP401 Honours Project Scoping and Proposal (co-deliverer)
  • CMP412 Mobile Forensics (module leader)
  • CMP414 Web Futures (co-deliverer).

Modules taught as a teaching assistant, or a part-time/visiting lecturer, 2009-2015:

Data Design and Organisation, Information Architecture, Object Oriented Programming 2 – Java, Practical Sessions 2, Database and Internet Application Design, Computer Hardware Architecture and Operating Systems, Advanced Web Scripting, Web Standards, Professional Practice, Database Fundamentals, XML and the Mobile Internet.

Despite the availability of security tools, devices are still vulnerable to compromise via the risky security behaviour of end-users. Risky behaviour is not necessarily obvious to all end-users, and can be difficult to recognise. Lynsay is interested in the human aspects of cyber security, investigating how to effectively communicate security information to average end-users.

Research interests: usable security; human-computer interaction; eye tracking; security awareness; affective feedback; open-source intelligence, secure software development.

Lynsay supervises a variety of projects at both undergraduate (BSc), and postgraduate levels (MSc, PhD). If you are interested in any of the aforementioned topics, please get in contact with her.

For an up-to-date list, please see Lynsay's profile on Abertay's Research Repository.

 

Conference and journal papers

Renaud, K., Shepherd L.A. (2018). How to Make Privacy Policies both GDPR-Compliant and Usable. International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA). Glasgow, 2018.

Shepherd L.A., Renaud, K. (2018). How to Design Browser Security and Privacy Alerts. Proceedings of AISB 2018 Symposium, April 2018, (Symposium on Digital Behaviour Intervention for Cyber Security). Liverpool, UK.

Renaud, K., Shepherd, L. (2018). GDPR: its time has come. Network Security, 2018(2), pp.20-20.

Shepherd L.A., Archibald J., Ferguson R.I. (2017) Assessing the Impact of Affective Feedback on End-User Security Awareness. In: Tryfonas, T. (eds) Human Aspects of Information Security, Privacy, and Trust. HAS 2017. Lecture Notes in Computer Science, vol 10292, pp. 143–159. Springer International Publishing.

Shepherd L.A., Archibald J. (2017) Security Awareness and Affective Feedback: Categorical Behaviour vs. Reported Behaviour. 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA), London, 2017.

Shepherd LA, Archibald J, Ferguson R.I. Reducing Risky Security Behaviours: Utilising Affective Feedback to Educate Users. Future Internet. 2014; 6(4):760-772.

Shepherd, L. A. Archibald, J. and Ferguson, R. I. (2014). Reducing risky security behaviours: utilising affective feedback to educate users, Proceedings of Cyberforensics 2014, University of Strathclyde, Glasgow, pp7-14, 2014

Shepherd, L. A. Archibald, J. and Ferguson, R. I. (2013). Perception of risky security behaviour by users: survey of current approaches. Human Aspects of Information Security, Privacy, and Trust: Lecture Notes in Computer Science, 8030,176-185

 

Theses

Shepherd, L. A. 2016. Enhancing security risk awareness in end-users via affective feedback. PhD, Abertay University, https://rke.abertay.ac.uk/en/studentTheses/enhancing-security-risk-awareness-in-end-users-via-affective-feed

Shepherd, L. A. 2011. Determining Identity on Mobile Phones Using Keystroke Analysis. MSc, Abertay University

More Information

Funding

Selected Funding

  • 2018 - SICSA Cyber Nexus Research Exchange award (Principle Investigator, £2600)
  • 2018 - Awarded a Carnegie Trust Research Incentive Grant, for a project entitled “Exploring the impact of embodied agents on phishing awareness” (Principle Investigator, £10000).
  • 2014 - Collaborative Innovation Funding, Informatics Ventures, June 2014. Secured preliminary funding to perform a market study investigating the requirements needed for a piece of Open Source Intelligence software (Principle Investigator, £3000).
  • 2012 - Recipient of a competitive Scottish Informatics and Computer Science Alliance (SICSA) studentship award of 3.5 years to support PhD work (2012-2016). Funding equated to approximately £18000 per year (total: £63000).

Esteem

Invited talks

  • Dagstuhl Seminar 18321 Web Application Security, Schloss Dagstuhl – Leibniz-Zentrum für Informatik GmbH, Dagstuhl, Germany. Talk title: "How to Design Browser Security and Privacy Alerts" (August 2018)
  • Cherwell Launch Event, Dundee One Building, Dundee, Scotland (July 2018)
  • Keynote at the Aberdeenshire GamesCon 2018 Final, Robert Gordon University, Aberdeen. Speech title: "From Computer Geek to Cyber Security Researcher" (June 2018)
  • Social Market Foundation event, SNP Conference, Glasgow, Scotland. Panel title: "Digital security: how do we keep our money – and ourselves – safe online?"  (October 2017)
  • Invited speaker at the Cyber Security Christmas Lectures in 2017 (Aberdeen and Dundee). Gave a presentation entitled “A Fridge Full Of Spam” and a demonstration of an IoT child’s toy (December 2017)
  • Invited speaker at the SICSA Cyber Security Christmas Lectures in 2016 (Inverness and Dundee). Gave a presentation entitled “A Fridge Full Of Spam” (December 2016).
  • Speaker at the SICSA Cyber Security Christmas Lectures from 2012-2014. Delivered talks to school pupils about social engineering and the danger of geolocation data shared in tweets (December 2012-2014).

Editorial and reviewer roles

  • Programme Committee (Reviewer) – 8th International Workshop on Socio-Technical Aspects in Security and Trust (STAST2018), 2018 – present
  • Reviewer – Expert Systems With Applications (Elsevier), 2018 – present
  • Programme Committee (Reviewer) – International Conference on Cyber-Technologies and Cyber-Systems (IARIA CYBER), 2018 – present
  • Judging Panel, Aberdeenshire GamesCon 2018, Robert Gordon University, Aberdeen, Scotland (June 2018)
  • Reviewer – Journal of Information Security and Applications (Elsevier), 2018 – present
  • Reviewer – Information Technology and People journal (Emerald Publishing), 2017 – present
  •  Programme Committee (Reviewer) – International Conference On Cyber Situational Awareness (IEEE Cyber SA), 2017 – present
  •  Programme Committee (Reviewer) – International Conference On Cyber Security and Protection (IEEE Cyber Security) – present
  •  Judging Panel, Poster Competition for Women in Cyber Security, Napier University, Edinburgh, Scotland (May 2017)

 

Chairing roles

  • Conference chair, Cyber Science 2018 conference, Glasgow, UK, 2018
  • Publicity chair, Cyber Science 2018 conference, Glasgow, UK, 2018
  • Session chair, Human Behaviour in Security and Privacy, HCII 2017, Vancouver, Canada

Knowledge Exchange

  • International Health Battle and iAge Project (Interreg Europe Project)- Lynsay participated as a team security expert in the International Health Battle and iAge Meetings, Hanze University Groningen, Netherlands, November 2013. It involved working on an eHealth case with a multidisciplinary team, forming a solution and presenting a pitch.

Outreach

Invited talks

  • Invited keynote speaker at the Aberdeenshire GamesCon 2018 Final (Robert Gordon University, Aberdeen). Speech title "From Computer Geek to Cyber Security Researcher", and discussed the journey from school to PhD.
  • Invited speaker at the Cyber Security Christmas Lectures in 2017 (Aberdeen and Dundee). Gave a presentation entitled “A Fridge Full Of Spam” and a demonstration of an IoT child’s toy.
  • Invited speaker- Social Market Foundation event, SNP Conference, "Digital security: how do we keep our money – and ourselves – safe online?", Glasgow, Scotland (October 2017)
  • Invited speaker at the SICSA Cyber Security Christmas Lectures in 2016 (Inverness and Dundee). Gave a presentation entitled “A Fridge Full Of Spam”.
  • Speaker at the SICSA Cyber Security Christmas Lectures from 2012-2014. Delivered talks to school pupils about social engineering and the danger of geolocation data shared in tweets.

Events

  • "Women in Security: protecting ourselves, protecting our world" event at Abertay University in March 2013. The aim of the event was to showcase the work female scientists are currently undertaking, and to persuade girls to pursue a career in STEM subjects. Lynsay provided a demo, illustrating the dangers of revealing too much information online.

Press

2018

2017

2016

 

Meet the rest of the team

Mr Ross Heenan

Mr Ross Heenan

Division of Cyber Security | Teaching Fellow

View profile

Dr Ethan Bayne

Dr Ethan Bayne

Division of Cyber Security | Lecturer

View profile