Cyril Onwubiko
2022-2024 Board of Governors
2020–2022 Distinguished Speaker


Dr. Cyril Onwubiko is Director, Artificial Intelligence, Blockchain & Cyber Security at Research Series Limited, where he directs strategy and governance in AI, Blockchain & Cyber Security. Prior to Research Series, he had worked in the Financial Services, telecommunications, Health, Government, and Public Services Sectors. He is a leading scholar in Cyber Situational Awareness (CyberSA), Cyber Security, Security Information and Event Management (SIEM), Data Fusion, and Cyber Security Operations Centres (SOCs); and vastly knowledgeable in Information Assurance, HMG Security Policy Framework, and Risk Assessment & Management. His work in AI, especially Machine Learning for Cyber Security demonstrates an ability to converge multiple applications of AI across business units (in many domains e.g. NLP, Deep Learning, Machine Learning, Data Science, etc.), and apply these models to solve real-world problems.

He holds a Ph.D. in Computer Network Security from Kingston University, London, UK; MSc in Internet Engineering, and BSc, first-class honors, in Computer Science & Mathematics.

His research interests are in the areas of Cyber Security, Situational Awareness, Cyber-Threat Intelligence, Security Operations Centre, Blockchain & AI.

He has authored several books including Security Framework for Attack Detection in Computer Networks and Concepts in Numerical Methods. He co-edited the book on Situational Awareness in Computer Network Defense: Principles, Methods & Applications. He is the editor of the Cyber Science series, and Editor-in-Chief of the International Journal on Cyber Situational Awareness (IJCSA), ISSN (Online) 2057-2182.  Cyril has authored several book chapters and has published over 30 peer-reviewed articles in leading and most prestigious academic journals and conferences.

He is a Senior Member of the IEEE, currently, the Secretary, IEEE United Kingdom, and Ireland, Founding Chair, IEEE United Kingdom, and Ireland Blockchain Group. He is a member of many IEEE Societies and Affinity Groups e.g. Computer Society, Young Professionals, etc. He is also a Trustee, Director, and Volunteer to other Charity organizations.

He is a passionate speaker, keynote presenter, and invited guest lecturer to a number of universities in the UK, and has given many invited lectures, the most recent being at the Cyber Science 2019 conference at the University of Oxford, UK. He is a reviewer, program & steering committee member to over 30 academic conferences and journals. He is a Ph.D. assessor and examiner to a number of universities in the UK and Europe.

In the summer of 2014, Cyril founded the Centre for Multidisciplinary Research, Innovation and Collaboration (C-MRiC), a not-for-profit and nongovernmental organization dedicated to the advancement of outstanding research and innovation through collaboration, and dissemination of scientific and industrial contributions through seminars and publications.

Tel: +44 (0) 79 74  11 2418

DVP term expires December 2022


Functional Requirements of Situational Awareness in Computer Network Security

The underpinning of situational awareness in computer networks is to identify adversaries, estimate the impact of attacks, evaluate risks, understand situations and make sound decisions on how to protect valued assets swiftly and accurately. SA also underscores situation assessment in order to make an accurate forecast in dynamic and complex environments. In this paper, situational awareness in computer network security is investigated. Functional attributes of situational awareness in computer network security are discussed: dynamism and complexity, automation, real-time processing, multisource data fusion, heterogeneity, security visualization, decision control, risk assessment, resolution, forecasting, and prediction.

A Security Audit Framework for Security Management in the Enterprise

The difficulty in managing security audits in organizations is investigated. A conceptual security audit framework is proposed and discussed. The proposed framework assists organizations to conduct security audits for today’s complex networks that span across multiple domains, security estates, and enterprises. Essential requirements such as types of security audits, things to consider before conducting a security audit, general guidelines in performing security audits, and audit trail analysis are well presented and discussed.

Cyber Onboarding is ‘Broken’

Cybers security operations center (CSOC) is a horizontal business function responsible primarily for managing cyber incidents, in addition to cyber-attack detection, security monitoring, security incident triage, analysis, and coordination. To monitor systems, networks, applications, and services the CSOC must first onboard the systems and services onto their security monitoring and incident management platforms. Cyber Onboarding (a.k.a. Onboarding) is a specialist technical process of setting up and configuring systems and services to produce appropriate events, logs, and metrics which are monitored through the CSOC security monitoring and incident management platform. First, logging must be enabled on the systems and applications, second, they must produce the right set of computing and security logs, events, traps, and messages which are analyzed by the detection controls, security analytics systems, and security event monitoring systems such as SIEM, and sensors, etc.; and further, network-wide information e.g. flow data, heartbeats and network traffic information are collected and analyzed, and finally, threat intelligence data are ingested in real-time to detect or be informed of threats which are out in the wild. While setting up a CSOC could be straightforward, unfortunately, the ‘people’ and ‘process’ aspects that underpin the CSOC are often challenging, complicated, and occasionally unworkable. In this paper, CSOC and Cyber Onboarding are thoroughly discussed, and the differences between SOC vs SIEM are explained. Key challenges to Cyber Onboarding are identified through the reframing matrix methodology, obtained from four notable perspectives – Cyber Onboarding Perspective, CSOC Perspective, Client Perspective, and Senior Management Team Perspective. Each of the views and interests is discussed, and finally, recommendations are provided based on lessons learned implementing CSOCs for many organizations – e.g. government departments, financial institutions, and private sectors.


Functional Requirements of Situational Awareness in Computer Network Security
A Security Audit Framework for Security Management in the Enterprise
Cyber Onboarding is ‘Broken’

Read the abstracts for each of these presentations