Professor Wendy Moncur
Computer and Information Sciences
Personal statement
Personal statement
I lead the Cybersecurity Group in Computer & Information Sciences. My research focus is on human factors in cybersecurity, and on trust, identity, privacy and security. I collaborate across disciplines, and am adept at translating between them. Before becoming an academic, I worked in Fintech, Utilities and manufacturing as a database designer, analyst and programmer. I currently teach on the MSc GA Cybersecurity (CS811), and supervise 4th year research projects. I welcome enquiries from potential PhD students with relevant interests.
Back to staff profile
Back to staff profile
What the Dickens : post-mortem privacy and intergenerational trust Schafer Burkhard, Briggs Jo, Moncur Wendy, Nicol Emma, Azzopardi Leif Computer Law and Security Review Vol 49 (2023) https://doi.org/10.1016/j.clsr.2023.105800 Revealing cumulative risks in online personal information : a data narrative study Nicol Emma, Briggs Jo, Moncur Wendy, Htait Amal, Carey Daniel, Azzopardi Leif, Schafer Burkhard Proceedings of the ACM on Human-Computer Interaction Vol 6, pp. 1-25 (2022) https://doi.org/10.1145/3555214 Revealing cumulative risks in online personal information : a data narrative study Nicol Emma, Briggs Jo, Moncur Wendy, Htait Amal, Carey Daniel, Azzopardi Leif, Schafer Burkhard The 25th ACM Conference on Computer-Supported Cooperative Work and Social Computing (2022) https://doi.org/10.1145/3555214 A preliminary study on evaluating cumulative revelations in online personal data : introducing a persona-based cyber safety tool for awareness of online risks and harms Nicol Emma, Azzopardi Leif, Moncur Wendy, Briggs Jo, Nash Callum, Duheric Melissa, Schafer Burkhard 2nd International Conference on Behavioural and Social Sciences in Security (2022) Are Taylor's posts risky? Evaluating cumulative revelations in online personal data : a persona-based tool for evaluating awareness of online risks and harms Azzopardi Leif, Briggs Jo, Duheric Melissa, Nash Callum, Nicol Emma, Moncur Wendy, Schafer Burkhard SIGIR '22 : Proceedings of the 45th International ACM SIGIR Conference on Research and Development in Information Retrieval Special Interest Group on Information Retrieval (SIGIR) 2022 SIGIR 2022 - Proceedings of the 45th International ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 3295–3299 (2022) https://doi.org/10.1145/3477495.3531659 TAPESTRY : a de-centralized service for trusted interaction online Yang Yifan, Cooper Daniel, Collomosse John, Drăgan Constantin C, Manulis Mark, Steane Jamie, Manohar Arthi, Briggs Jo, Jones Helen, Moncur Wendy IEEE Transactions on Services Computing Vol 15, pp. 1385-1398 (2022) https://doi.org/10.1109/TSC.2020.2993081
Publications
Back to staff profile
SPRITE+: The Security, Privacy, Identity and Trust Engagement NetworkPlus (External organisation) Advisor 2/2023 National Crime Agency (External organisation) Advisor 19/10/2022 Your forgotten digital footprints could step on your job prospects - here’s how to clean up Recipient 6/4/2022 EPSRC Equitable Digital Society Prioritisation Panel (External organisation) Advisor 9/2/2022 Exploring the Lived Experience of Physical Activity and Technology for Adolescents Living with Type 1 Diabetes and Parents as Co-users Examiner 21/1/2022 25th ACM Conference on Computer-Supported Cooperative Work and Social Computing (Event) Peer reviewer 2022
Addressing societal cybersecurity challenges Moncur, Wendy (Principal Investigator) The focus is on a crucial societal cybersecurity challenge, online Violence Against Women and Girls (VAWG) . This builds on my prior work on Intimate Partner Violence (IPV) and Stalkerware . Addressing issues around VAWG is urgent and essential. The College of Policing highlights that “a woman was killed by a man every three days on average between 2009 and 2019. Millions of crimes of violence, abuse and harassment against women and girls are recorded each year. …15% of police-recorded crime is related to domestic abuse, with 1.6 million estimated female victims in the year ending March 2020.” Increasingly, the Internet is leveraged to facilitate such violence, abuse and harassment. 14-Jan-2022 - 14-Jan-2025 AP4L: Adaptive PETs to Protect & emPower People during Life Transitions Moncur, Wendy (Principal Investigator) Renaud, Karen (Co-investigator) Yan, Jeff (Co-investigator) AP4L is a 3-year program of interdisciplinary research, centring on the online privacy & vulnerability challenges that people face when going through major life transitions. Our central goal is to develop privacy-by-design technologies to protect & empower people during these transitions. Our work is driven by a narrative that will be familiar to most people. Life often "just happens", leading people to overlook their core privacy and online safety needs. For instance, somebody undergoing cancer treatment may be less likely to finesse their privacy setting on social media when discussing the topic. Similarly, an individual undergoing gender transition may be unaware of how their online activities in the past may shape the treatment into the future. This project will build the scientific and theoretical foundations to explore these challenges, as well as design and evaluate three core innovations that will address the identified challenges. AP4L will introduce a step-change, making online safety and privacy as painless and seamless as possible during life transitions
To ensure a breadth of understanding, we will apply these concepts to four very different transitions through a series of carefully designed co-creation activities, devised as part of a stakeholder workshop held in Oct'21. These are relationship breakdowns; LBGT+ transitions or transitioning gender; entering/ leaving employment in the Armed Forces; and developing a serious illness or becoming terminally ill. Such transitions can significantly change privacy considerations in unanticipated or counter-intuitive ways. For example, previously enabled location-sharing with a partner may lead to stalking after a breakup; 'coming out' may need careful management across diverse audiences (e.g - friends, grandparents) on social media.
We will study these transitions, following a creative security approach, bringing together interdisciplinary expertise in Computer Science, Law, Business, Psychology and Criminology.
We will systematise this knowledge, and develop fundamental models of the nature of transitions and their interplay with online lives. These models will inform the development of a suite of technologies and solutions that will help people navigate significant life transitions through adaptive, personalised privacy-enhanced interventions that meet the needs of each individual and bolster their resilience, autonomy, competence and connection. The suite will comprise:
(1) "Risk Playgrounds", which will build resilience by helping users to explore potentially risky interactions of life transitions with privacy settings across their digital footprint in safe ways
(2) "Transition Guardians", which will provide real-time protection for users during life transitions.
(3) "Security Bubbles", which will promote connection by bringing people together who can help each other (or who need to work together) during one person's life transition, whilst providing additional guarantees to safeguard everyone involved.
In achieving this vision, and as evidenced by £686K of in-kind contributions, we will work with 26 core partners spanning legal enforcement agencies (e.g., Surrey Police), tech companies (e.g., Facebook, IBM), support networks (e.g., LGBT Foundation, Revenge Porn Helpline) and associated organisations (e.g., Ofcom, Mastercard, BBC). Impact will be delivered through various activities including a specially commissioned BBC series on online life transitions to share knowledge with the public; use of the outputs of our projects by companies & social platforms (e.g., by incorporating into their products, & by designing their products to take into consideration the findings of our project) & targeted workshops to enable knowledge exchange with partners & stakeholders. 01-Jan-2022 - 31-Jan-2025 Digital Power of Attorney Moncur, Wendy (Principal Investigator) Graham, Martin (Post Grad Student) 01-Jan-2021 - 01-Jan-2024 Cumulative Revelations of Personal Data (Wendy Moncur transfer) Moncur, Wendy (Principal Investigator) Cumulative Revelations in Personal Data takes a multidisciplinary approach to investigating how small, apparently innocuous pieces of employees' personal information, which are generated through interactions with/in networked systems over time, collectively pose significant yet unanticipated risk to personal reputation and employers' operational security. Such cumulative revelations come from personal data that are shared intentionally by an individual, from data shared about an individual by others, from recognition software that identifies and tags people and places automatically, and from common cross-authentication practices that favour convenience over security (e.g. signing into AirBnB via Facebook). Brought together, these data can provide unintended insights to others into (for example) an individual's personal habits, work patterns, personality, emotion, and social influence. Collectively these data thus have the potential to create adverse consequences for that individual (e.g. through reputational damage), their employer (e.g. by creating opportunities for cybercrime), and even for national security.
The research brings together multidisciplinary expertise in Socio-Digital Interaction, Co-design, Interactive Information Retrieval, and Computational Legal Theory, all working in collaboration with a key industry partner, the Royal Bank of Scotland, which employs more than 92,000 staff across 12 national, international and private banks and for which security concerns are paramount, as well as UK Government security agencies, via the Government Office for Science and the Centre for Research and Evidence on Security Threats.
The research will examine the potential adverse revelations delivered by an individual employee's holistic digital footprint through the development of a prototype software tool that maps out a portrait of a user's digital footprint and reflects it back to them. This tool will enable individuals to understand the cumulative nature of their personal data, and better comprehend the associated vulnerabilities and risks. Responding to employers' concerns over organisational security risks created by cumulative revelations of their employees' data, the research will also identify conflicts and ambiguities in security service design and implementation when the motivations and actions of individual employees are balanced against organisational security philosophy, enabling mitigation against the attendant risks, issues and consequences of cumulative revelations from organisational and individual perspectives.
31-Jan-2020 - 30-Jan-2022 TAPESTRY: Trust, Authentication and Privacy over a DeCentralised Social Registry Moncur, Wendy (Principal Investigator) 01-Jan-2017 - 30-Jan-2020
Research Interests
My research group carries out research into lived experience in the Digital Age, with a focus on online identity, reputation, trust and cybersecurity. We traverse disciplinary boundaries, drawing on Human Computer Interaction, psychology, sociology, digital anthropology and design.
Professional Activities
Projects
To ensure a breadth of understanding, we will apply these concepts to four very different transitions through a series of carefully designed co-creation activities, devised as part of a stakeholder workshop held in Oct'21. These are relationship breakdowns; LBGT+ transitions or transitioning gender; entering/ leaving employment in the Armed Forces; and developing a serious illness or becoming terminally ill. Such transitions can significantly change privacy considerations in unanticipated or counter-intuitive ways. For example, previously enabled location-sharing with a partner may lead to stalking after a breakup; 'coming out' may need careful management across diverse audiences (e.g - friends, grandparents) on social media.
We will study these transitions, following a creative security approach, bringing together interdisciplinary expertise in Computer Science, Law, Business, Psychology and Criminology.
We will systematise this knowledge, and develop fundamental models of the nature of transitions and their interplay with online lives. These models will inform the development of a suite of technologies and solutions that will help people navigate significant life transitions through adaptive, personalised privacy-enhanced interventions that meet the needs of each individual and bolster their resilience, autonomy, competence and connection. The suite will comprise:
(1) "Risk Playgrounds", which will build resilience by helping users to explore potentially risky interactions of life transitions with privacy settings across their digital footprint in safe ways
(2) "Transition Guardians", which will provide real-time protection for users during life transitions.
(3) "Security Bubbles", which will promote connection by bringing people together who can help each other (or who need to work together) during one person's life transition, whilst providing additional guarantees to safeguard everyone involved.
In achieving this vision, and as evidenced by £686K of in-kind contributions, we will work with 26 core partners spanning legal enforcement agencies (e.g., Surrey Police), tech companies (e.g., Facebook, IBM), support networks (e.g., LGBT Foundation, Revenge Porn Helpline) and associated organisations (e.g., Ofcom, Mastercard, BBC). Impact will be delivered through various activities including a specially commissioned BBC series on online life transitions to share knowledge with the public; use of the outputs of our projects by companies & social platforms (e.g., by incorporating into their products, & by designing their products to take into consideration the findings of our project) & targeted workshops to enable knowledge exchange with partners & stakeholders.
The research brings together multidisciplinary expertise in Socio-Digital Interaction, Co-design, Interactive Information Retrieval, and Computational Legal Theory, all working in collaboration with a key industry partner, the Royal Bank of Scotland, which employs more than 92,000 staff across 12 national, international and private banks and for which security concerns are paramount, as well as UK Government security agencies, via the Government Office for Science and the Centre for Research and Evidence on Security Threats.
The research will examine the potential adverse revelations delivered by an individual employee's holistic digital footprint through the development of a prototype software tool that maps out a portrait of a user's digital footprint and reflects it back to them. This tool will enable individuals to understand the cumulative nature of their personal data, and better comprehend the associated vulnerabilities and risks. Responding to employers' concerns over organisational security risks created by cumulative revelations of their employees' data, the research will also identify conflicts and ambiguities in security service design and implementation when the motivations and actions of individual employees are balanced against organisational security philosophy, enabling mitigation against the attendant risks, issues and consequences of cumulative revelations from organisational and individual perspectives.
Back to staff profile
Contact
Professor
Wendy
Moncur
Computer and Information Sciences
Email: wendy.moncur@strath.ac.uk
Tel: Unlisted