Cyril Onwubiko
2020–2022 Distinguished Speaker


Dr. Cyril Onwubiko is Director, Artificial Intelligence, Blockchain & Cyber Security at Research Series Limited, where he directs strategy and governance in AI, Blockchain & Cyber Security. Prior to Research Series, he had worked in the Financial Services, Telecommunication, Health, Government and Public Services Sectors. He is a leading scholar in Cyber Situational Awareness (CyberSA), Cyber Security, Security Information and Event Management (SIEM), Data Fusion, and Cyber Security Operations Centres (SOCs); and vastly knowledgeable in Information Assurance, HMG Security Policy Framework and Risk Assessment & Management. His work in AI, especially Machine Learning for Cyber Security demonstrates an ability to converge multiple applications of AI across business units (in many domains e.g. NLP, Deep Learning, Machine Learning and Data Science etc.), and applying these models to solve real world problems.

He holds a PhD in Computer Network Security from Kingston University, London, UK; MSc in Internet Engineering, and BSc, first class honours, in Computer Science & Mathematics.

His research interests are in the areas of Cyber Security, Situational Awareness, Cyber-Threat Intelligence, Security Operations Centre, Blockchain & AI.

He has authored several books including Security Framework for Attack Detection in Computer Networks and Concepts in Numerical Methods. He co-edited the book on Situational Awareness in Computer Network Defense: Principles, Methods & Applications. He is the editor of the Cyber Science series, and Editor-in-Chief of the International Journal on Cyber Situational Awareness (IJCSA), ISSN (Online) 2057-2182.  Cyril has authored several book chapters and has published over 30 peer-reviewed articles in leading and most prestigious academic journals and conferences.

He is a Senior Member of the IEEE, currently, the Secretary, IEEE United Kingdom and Ireland, Founding Chair, IEEE United Kingdom and Ireland Blockchain Group. He is a member of many IEEE Societies and Affinity Groups e.g. Computer Society, Young Professionals, etc. He is also a Trustee, Director and Volunteer to other Charity organisations.

He is a passionate speaker, keynote presenter, and invited guest lecturer to a number of universities in the UK, and has given many invited lectures, the most recent being at the Cyber Science 2019 conference at the University  of Oxford, UK. He is a reviewer, programme & steering committee member to over 30 academic conferences and journals. He is a PhD assessor and examiner to a number of universities in the UK and Europe.

In the summer of 2014, Cyril founded the Centre for Multidisciplinary Research, Innovation and Collaboration (C-MRiC), a not for profit and nongovernmental organisation dedicated to the advancement of outstanding research and innovation through collaboration, and dissemination of scientific and industrial contributions through seminars and publications (

Tel: +44 (0) 79 74  11 2418

DVP term expires December 2022


Functional Requirements of Situational Awareness in Computer Network Security

The underpinning of situational awareness in computer networks is to identify adversaries, estimate impact of attacks, evaluate risks, understand situations and make sound decisions on how to protect valued assets swiftly and accurately. SA also underscores situation assessment in order to make accurate forecast in dynamic and complex environments. In this paper, situational awareness in computer network security is investigated. Functional attributes of situational awareness in computer network security are discussed: dynamism and complexity, automation, realtime processing, multisource data fusion, heterogeneity, security visualization, decision control, risk assessment, resolution, forecasting and prediction.

A Security Audit Framework for Security Management in the Enterprise

The difficulty in managing security audits in organizations is investigated. A conceptual security audit framework is proposed and discussed. The proposed framework assists organizations to conduct security audits for today’s complex networks that spans across multiple domains, security estates and enterprise. Essential requirements such as types of security audits, things to consider before conducting a security audit, general guidelines in performing security audits, and audit trail analysis are well presented and discussed.

Cyber Onboarding is ‘Broken’

Cyber security operations centre (CSOC) is a horizontal business function responsible primarily for managing cyber incidents, in addition to cyber-attack detection, security monitoring, security incident triage, analysis and coordination. To monitor systems, networks, applications and services the CSOC must first on-board the systems and services onto their security monitoring and incident management platforms. Cyber Onboarding (a.k.a. Onboarding) is a specialist technical process of setting up and configuring systems and services to produce appropriate events, logs and metrics which are monitored through the CSOC security monitoring and incident management platform. First, logging must be enabled on the systems and applications, second, they must produce the right set of computing and security logs, events, traps and messages which are analyzed by the detection controls, security analytics systems and security event monitoring systems such as SIEM, and sensors etc.; and further, network-wide information e.g. flow data, heartbeats and network traffic information are collected and analyzed, and finally, threat intelligence data are ingested in real-time to detect, or be informed of threats which are out in the wild. While setting up a CSOC could be straightforward, unfortunately, the ‘people’ and ‘process’ aspects that underpin the CSOC are often challenging, complicated and occasionally unworkable. In this paper, CSOC and Cyber Onboarding are thoroughly discussed, and the differences between SOC vs SIEM are explained. Key challenges to Cyber Onboarding are identified through the reframing matrix methodology, obtained from four notable perspectives – Cyber Onboarding Perspective, CSOC Perspective, Client Perspective and Senior Management Team Perspective. Each of the views and interests are discussed, and finally, recommendations are provided based on lessons learned implementing CSOCs for many organizations – e.g. government departments, financial institutions and private sectors.


Functional Requirements of Situational Awareness in Computer Network Security
A Security Audit Framework for Security Management in the Enterprise
Cyber Onboarding is ‘Broken’

Read the abstracts for each of these presentations