Hi everyone! My name is Katie and I'm a lecturer of Cyber Security at Manchester Metropolitan University and an Early Career Researcher in the domain of Security Reasearch. I have a PhD from Cranfield University, studying natural language processing and insider threat. My research roughly revolves around the intersection of AI/ML and Infosec, both in how AI/ML can improve security applications and processes, supporting practitioners rather than supplanting them and the security of AI/ML systems. I'm very interested in pedagogy and teach on MMU's Cyber Security degree program at Degree Apprenticeship, Undergraduate and Postgraduate level. I'm interested in new teaching methods and incorporating gamification and interactivity into lectures . I speak at conferences and events fairly often and have had the pleasure to speak at CISA's (Cyber Security and Infrastructure Agency) Cybersummit, BlackHat, British Computing Society, OWASP (Open Web Application Security Project) as well as speaking at events with industry partners.
In my free time I am an occasional bug bounty hunter, and make educational cyber security YouTube videos for an audience of over 30,000 people! I used to work at Bugcrowd where I helped provide support to the community team in all things infosec and bug hunting. Although I am a data scientist/engineer at heart security is really growing on me and it's been great to leverage my data brain to help make the internet more secure. I've now found myself knee deep in cyber security, having reported security vulnerabilities to large organisations such as Verizon Media and the US Department of Defense.
I'm interested in applying Machine Learning and Natural Language Processing in Cyber Security. Leveraging my domain knowledge to create tools which supports the complex decision making often needed in Cyber Security. I'm also interested in applying ML/NLP in pentesting and Bug Bounty hunting and I'm working on some new projects in that domain!
My PhD involved the use of NLP techniques to understand an insider threat incident. Using a large amount of reports to explore, visualise and finally understand an attack, without needing to read each report individually. Answering questions like: What was the insiders motivation? What technical approach did they use? What was the outcome of the attack? Providing valuable insights allowing organisational changes which will prevent the next.
Before my PhD my UG dissertation involved the decipherment of an ancient language, automatically using computational techniques. You can watch that here.