MOST people will have revealed their mother's maiden name or perhaps the name of their first school or pet to verify their identity when applying online for credit. This is known as your Personal Identifiable Information (PII). Alarmingly, this same information has become increasingly available for online fraudsters to view as people share their entire lives through their social media profiles and posts.
Now, a cybersecurity researcher from the University of Huddersfield has secured government funding to create and develop a product that will educate people about the risk of posting such personal information online and teach them how they can make their PII more secure.
Study Computer Science at Huddersfield
Abigail McAlpine is a researcher from the University's Secure Societies Institute and is currently in her final year of PhD study. She has been awarded £19,000 by the Department for Digital, Culture, Media and Sport (DCMS) to take part in the Cybersecurity Academic Start-up Accelerator Programme (CyberASAP) with a project entitled, SocialSPI - Training the Public about Sensitive Personal Information on Social Media.
Through Innovate UK and the Knowledge Transfer Network, the annual start-up accelerator programme, now in its fourth year, is designed to help academic teams from across the UK commercialise their ideas for cybersecurity products or services. The programme will provide researchers, like Abigail McAlpine, with all of the expertise and knowledge they need to develop an original idea into a commercial end product.
The year-long programme will be delivered via specialist training, workshops, briefings and bootcamps and is set to culminate in February 2021 with a 'Demo Day' where the teams will showcase their prototypes to potential investors and industry.
For her PhD, Abigail McAlpine has conducted in-depth research on personal data protection and end-user understanding of the way their personal information is collected, shared, stored and used on social networking services (SNS). She discovered key areas where the public are not appropriately informed about interacting on social media and that some are completely unaware of the possible dangers that could arise.
"What parents can potentially post on social media not only leaves themselves vulnerable but can unintentionally put their children at risk too," she said.
By sharing too much personal information online, she believes parents are making it even easier for criminals and online fraudsters to discover their child's Personal Identifiable Information. This PII can then be used against the child to breach online security checks or to even commit identity fraud, usually for financial gain, as soon as they turn 18 years of age.
Through accessing CyberASAP's help and expertise throughout the programme, the Huddersfield researcher hopes to create a commercialised end product that will educate the public via an interactive training platform. It will also introduce them to social engineering concepts and the Open Source Intelligence Tools (OSINT) that could leave end users vulnerable to future threats.
"If all goes well, the course will teach life-long cybersecurity skills as well as an understanding of how social media platforms collect, store, share and use personal data and how PII can be abused," she added.
"This will enable the course trainees to make more informed choices about their own social media use and they will be encouraged to pass on the knowledge to friends and family, including their children, who will in turn pass it on to society at large."
