This project has produced a Foresight Review on Operational Cyber Security for the Industrial Internet of Things, part of the Lloyd's Register Foundation series of Foresight Reviews.  The Foundation is an independent global charity that helps to protect life and property at sea, on land, and in the air. The aim of the report series is to openly disseminate information and provide insights for the research community, and also inform wider debate in society about the engineering safety-related challenges being investigated by the Foundation.

The project team

Sadie Creese

Photo of Sadie Creese


Professor of Cybersecurity in the Department of Computer Science at the University of Oxford. 

She teaches threat detection, risk assessment and operational aspects of security. She is Principal Investigator on the AXIS sponsored project “Analysing Cyber-Value-at-Risk, Residual Risk and models for Systemic Cyber-Risk” focused on developing a method for predicting potential harms arising from cyber-attacks in businesses. She is a co-Investigator on the PETRAS Internet of Things Research Hub project “Cyber Risk Assessment for Coupled Systems” which is developing a new risk assessment method aimed at helping organisations prepare for the threats and vulnerabilities we will face as the Internet of Things evolves. She is the founding Director of the Global Cyber Security Capacity Centre (GCSCC)  where she continues to conduct research into what constitutes national cybersecurity capacity, working with countries and international organisations around the world.


Robert Hannigan

Photo of Robert Hannigan


Robert Hannigan was Director of GCHQ, the UK’s largest intelligence and cyber security agency, from 2014-17 and recently retired from Government after 20 years in national security roles, including Prime Minister’s Security Adviser. Robert established the UK National Cyber Security Centre in 2016, and was responsible for the UK’s first cyber strategy in 2009.
Robert is now European Executive Chairman of BlueVoyant, a global cyber security services company, and a Senior Adviser to McKinsey & Co. He Chairs the Industry Advisory Board of LORCA, a UK Government backed accelerator for cyber security start-ups. He is a Senior Fellow at the Belfer Center, Harvard, Fellow of the Institute of Engineering and Technology and RUSI, London, and Honorary Fellow of Wadham College, Oxford. He writes regularly on cyber issues in the Financial Times and other publications.

Ali El Kaafarani

Photo of Ali El Kaafarani


Founder/CEO of PQShield. As an active participant in NIST's standardisation process of Post-Quantum Cryptography (PQC), PQShield will produce real-world, high-performance implementations of the most effective post-quantum (basic and advanced) algorithms, to shield data from the attacks made possible by quantum computers.  PQShield is also an active participant in NIST's standardisation process of Lightweight Cryptography (LWC), which consists of cryptosystems that are suitable for IoT devices.

Ali has a PhD in Cryptography, with experience both in academia and industry.  He is also a Research Fellow at the University of Oxford's Mathematical Institute: https://www.maths.ox.ac.uk/people/ali.elkaafarani

Katherine Fletcher

Photo of Katherine Fletcher


Project Manager and main point of contact for this project (ocsiiot@cs.ox.ac.uk).  Katherine is also the Coordinator of Cyber Security Oxford, the network of researchers and practitioners at the University of Oxford interested in Cyber Security, and Industry Liaison Officer for the Centre for Doctoral Training in Cyber Security.

Prior to her current work, she has been a Project/Programme Manager specialising in large-scale, multidisciplinary projects spanning academa and industry (CITD, VPH-NoE, PreDiCT, DataFlow, CardiONECT).  She also project-managed the Federated Logic Conference 2018, the largest conference ever hosted by the University of Oxford.

Louise Axon

Photo of Louise Axon

Louise is a Research Associate in the Cybersecurity Analytics Group at the University of Oxford. Her research interests include network-security monitoring and intrusion-detection approaches, cyber risk and insurance, security and privacy of distributed ledger technologies, human-computer interaction (particularly in security environments such as SOCs), and cybersecurity capacity building.

Arianna Schuler Scott

Photo of Arianna Schuler Scott

Arianna is a DPhil student working in the Cyber Analytics Group under Professor Sadie Creese, supervised by Professor Michael Goldsmith. Based in Computer Science at the Centre for Doctoral Training in Cyber Security, Arianna's work on dynamic consent and data protection compliance is co-supervised by Dr Helena Webb, whose focus lies with Human Centred Interaction in the Department of Computer Science, and Dr Harriet Teare, who is Deputy Director of the Centre for Health, Law and Emerging Technology.

Arianna's work focuses specifically on how to inform consent choices by developing an approach that combines technical controls with user engagement to allow individuals to have more control over the data they share, and to outline good practice for those who collect, store, use and share that information. This research is generously funded by the EPSRC.


Marcel Stolz

Phot of Marcel Stolz

Marcel is a DPhil student in cybersecurity and part of Oxford's Centre for Doctoral Training in Cyber Security. He is supervised by Prof. Michael Goldsmith and Prof. Lucas Kello (DPIR). In his interdisciplinary research, he analyses the aspect of neutrality of states, infrastructures and companies in cyberspace.
He is a member of the Cybersecurity Analytics research group in the Department of Computer Science and a Research Affiliate of the Centre for Technology and Global Affairs (CTGA) at the Department of Politics and International Relations.
Marcel’s background lies in Computer Science, in which he holds a Bachelor’s and Master’s degree from the University of Bern (Switzerland). He also studied Musicology as a minor degree during his studies in Bern.