Insights from a computer science expert

Could you give me a bit of background to your own career?

Well firstly I’d say that my own trajectory through education has probably been far from conventional.  I’ve always tended to just follow things that I’ve personally been interested in and that don’t necessarily make sense to other people, though they make sense to me.

So originally, I started out in the arts, in particular multimedia arts, which is where I learnt the very rudimentary basics of things like programming, working with electronics and microcontrollers. Sometimes these things were explicitly part of my art practice, at other times they were a support mechanism for it – such as building web sites or interactive media. At other times, they were entirely separate from it, just basically me pursuing my interests.

The more I worked, the more I became fascinated by the way in which computing technologies had come to permeate so many aspects of society. For me, art is a material means of thinking about the world around you.

Building on this logic, I believe that if you are interested in the arts and its effect on real-world issues, then you really also have to be literate in technology - not just understanding how to use the technology, but actually how to build and create technologies too.

This also means understanding things like programming, computer networking, databases and basically many things that are part of the discipline of computer science.

So that’s kind of how I started my relationship with technology and computing. But also, being Northern Irish, I think politics has always been something of a second language to me too. So I guess an accumulation of those different interests naturally converged in the field of cyber security.

Weaving computer science into the arts curriculum

A bit later on, I became a lecturer and one of the early courses I worked on was a fine arts programme. Given my interests and skills, I worked to develop the programmes curriculum, where I wove programming into the first-year curriculum, alongside more obvious fine art subjects such as painting, drawing and printmaking.

I believed it was really important to develop a strand of the degree programme which had a focus on computing and in which artists could learn to work creatively with technology and data. I was successful in this and we got the curriculum developed running through to 3rd year and, optionally into the masters programme too. This was in about 2009.

I think in some ways I was really trying to break down some of the preconceptions around the study of fine art, and how naturally people wouldn’t put it side-by-side with computing – that’s what made it really unique and valuable.

I was also involved with the Internet of things (IoT) community from around 2013 and people within that community used to tell me that they didn’t know of anywhere else, globally, never mind in the UK where you could learn programming and electronics as part of BA fine art programme.

Because of the work I was doing to join up the dots between fine art and interconnected technology, the university I worked asked me to develop a curriculum for their new computer science programme.

Deep dive into cyber security education

Despite my increasing experience and knowledge of computing technologies, I’d never had a formal university education in the subject, beyond what I’d taught myself over the years. So, on my birthday, as a present to myself, I paid the application fee and tried my hand at getting a place at Oxford University to study with a specialism in cyber security in their computer science department.

I ended up getting invited for interview and I answered all their tricky questions about cryptography and things like that, and I was lucky enough to get offered a place. That experience really deepened my understanding and formalised my technical abilities. It kind of knocked all the rough edges off my knowledge and technical approaches – it was really a life-changing experience for me. So that put me in a position where I could work more formally with cyber security, and computer science more generally.

I’ve now taught at five different universities, and they were all very different and varied immensely in the types of students that studied there. I loved being in education, but I got to the point where I felt like the direction education was going in was changing.

Digital Sherlock Holmes

At the same time, I was invited to become a ‘critical friend’ to North Yorkshire police, which is essentially an advisory role. So, they could come to me for my input on a number of different things to do with live cases or more strategic projects they were developing. That was really interesting being able to apply my cyber skills with them.

I’ve been able to work with them on a number of different projects from software development, to live case investigations. At times, it was kind of like being a digital Sherlock Holmes, for example helping them analyse networks to identify and isolate malware – that kind of thing.

While that was really fun and exciting, it also got me thinking about the fact that I had some quite useful real-world skills that could be used to greater impact.

So I basically decided a couple of years ago to leave education for the time being and set up my own cyber security company, and that’s what I have been focusing on primarily – growing it and trying to develop my own space in that area.

Working with Ravensbourne

But then, I still missed education to an extent, especially teaching and working with students. Also, because I’ve been involved in developing so many different degree programmes, I’ve got a really solid knowledge of curriculum development. So when Ravensbourne got in touch and asked me to get involved with the new suite of computer programmes they were developing, I knew I had to get involved.

I wanted to make sure the programmes stayed true to the original ethos of Ravensbourne, with its really rich design history. I have seen it happen before through past experiences where computer science is dropped into creative institutions without much consideration for how it might affect the culture.

That experience has been useful in thinking about how to evolve a curriculum that is at its core solid computer science, but that also works with Ravensbourne’s ethos. Because of this, I’ve been able to signpost some of the issues that Ravensbourne might encounter, because it does require a cultural shift, and these things have to be considered carefully.

In 2022, what are some of the biggest threats to our cyber security?

I think it's useful to distinguish between threats, risks and vulnerabilities. A vulnerability is a weakness in a system. A threat is an event or action that may occur because of a vulnerability. A risk is the damage, destruction or loss that can be caused by the threat action. Therefore, many risks can be mitigated by focusing on closing down vulnerabilities in systems in order to reduce or remove threats.

In those terms, I think we can do a lot to reduce threats and mitigate risk through educating people on how to properly manage their own networks. There have always been a wide range of attackers, ranging from opportunistic people with very little skills to highly skilled nation state actors.

If you haven’t done the basics of keeping up to date with software patches, using a good antivirus solution, password protecting data and backing up your data to a non-network drive, then you could be in real trouble if your network is threatened. But, if you’ve covered these kinds of basic steps, then actually you’re in a much stronger situation should your network be threatened.

For example, in the worst case scenario your antivirus might fail to detect and remove a threat. If your computer was infected by ransomware, but you had all your data backed up, then you may be able to just wipe or replace your computer’s hard drive. This means that the ransomware becomes less of an issue because your data is safe.

I might be biased because of my background in education, but I think the biggest challenge is making sure people are educated and motivated enough to pay attention to whatever little bit of network real estate they’re looking after in cyberspace.

In your opinion, what is the most exciting development in computer science at the moment?

Well, that’s a hard one because it is all so varied. Some of the things I’m pretty excited about are things like blockchain and the various forms of decentralised finance, the culture of the metaverse and what cyber security looks like in this space.

I find this stuff fascinating and I think there are lots of opportunities in this space. I think you’ve got a whole generation of younger people who have been put in a position where their financial prospects are really difficult, because of the price of housing and other things. So, the idea that they have some control over how they design their economy is really compelling.

Watching how things like Bitcoin and Ethereum have gone from being totally dismissed to being part of congressional hearings in America is really something. The people who hold all the power are starting to turn their heads towards it. They might still be trying to dismiss it, but you think, are they dismissing it because it’s bad technology, or because it’s a potential threat to their continued wealth? So the politics of the entire thing is pretty interesting too.

What are the types of things students are getting really excited about in this space?

I think artificial intelligence is something that is really capturing student’s imaginations. I’ve seen students get involved in all sorts, just as an example that springs to mind is using sentiment analysis on Twitter data to predict markets – some really ground-breaking stuff!

I’ve also noticed an increasing number of students interested in the environment, and the relationship between computing and the environment. I think this is a conversation we are going to see crop up more and more. At the moment, it’s at an early embryonic stage, but I think as we develop as a society, it’s going to become a much bigger conversation.

Why do you think a formal education in computing is so important?

I think an important point here is to stress the importance of education in general. You are only ever as good as the stuff you know, and to be really good, you have to understand computers on a fundamental level. That’s something you are never going to learn by just watching YouTube.

I think it’s so important to recognise that it’s a marathon and not a sprint. The more you embrace the learning process, the more empowered it will make you.

Over time, the accumulation of knowledge will make you really valuable, and to some extent really unique too. If you follow your interests rather than a predestined route then it can lead you to some really interesting places, I know it has done for me.

Justin will feature in the next episode of our In Conversation Series.