Vision
By spearheading proactive security practices in software development, we strive to empower organisations and ensure the creation of secure products and safeguarded users
By spearheading proactive security practices in software development, we strive to empower organisations and ensure the creation of secure products and safeguarded users
We believe that security should be a primary consideration from project inception, enabling small to medium enterprises to mitigate complex risks and protect user privacy effectively.
Here at the Hipster Project, our vision is to lead the way in pioneering proactive security practices, empowering organisations to integrate security considerations early in the software development process. Our primary goal is to ensure the development of secure products that effectively safeguard users. Central to our vision is the utilisation of industry cyber threat intelligence, serving as a crucial driving force in our comprehensive risk assessment approach.
We recognise that security and privacy problems can be intricate and elusive, particularly for small to medium enterprises who may lack the resources to employ expensive software security experts. Through our innovative initiative, the Hipster Project (Health IoT Privacy and Security Transferred to Engineering Requirements), we bring together software development teams and product managers to collectively identify and address these complex challenges. By leveraging industry-wide knowledge, we help teams determine which problems require attention, and which might be reasonable to discount.
Our approach to risk assessment is rooted in creativity and a dual-aspect perspective, encompassing both technical and business risks into the process whilst also considering the customer or end user of the products you develop. By empowering teams to proactively identify and mitigate potential risks, we enable organisations to fortify their digital infrastructure against evolving threats. We believe that by harnessing the collective wisdom and real-world experiences of the cybersecurity community, we gain invaluable insights into the ever-changing threat landscape. This allows us to prioritise and address the most critical risks, empowering organisations to make informed decisions and optimise resource allocation.
We extend an invitation to organisations seeking to forge a more secure digital ecosystem. Join us as we redefine the standards of proactive security and contribute to a safer and more resilient future.
This is the research team. We'll be delighted to hear from you.
Security Lancaster, Security Lancaster (Software Security), Security Lancaster (Systems Security)
SCC (Security), Security Lancaster, Security Lancaster (Societal Threats)
Cyber Security Research Centre (Security Group), Cyber Threat Lab, i-DID , SCC (Security), Security Lancaster, Security Lancaster (Academic Centre of Excellence), Security Lancaster (Systems Security)
Take a look at some of our Hipster Activities over the last 18 months
Lancaster Castle played host to our inaugural Hipster Project event, "New Adventures in Health Tech Product Development". Castles symbolise protection and safety, so this was the perfect location to showcase our research which strives to help developers and product owners better secure their products and safeguard their users in a rapidly evolving digital landscape.
Attendees came together for a dynamic workshop taster session. They had the chance to actively trial our cutting-edge approach to threat and risk assessment, and it was fantastic to see them getting stuck into the process we have designed. Our approach is hands-on and interactive to get everyone involved in discussion and exploration around threat and risk.
The Greater Manchester Digital Security Hub (DiSH) is a fantastic initiative bringing together experts from academia and the public and private sectors to help digital security startups in Greater Manchester. Lancaster University is the lead academic partner in the consortium that operates DiSH. With it's central mission being to help digital startups to innovate and thrive, this was a very fitting location to host another of our Hipster workshops.
One of the most valuable elements of the Hipster approach is the discussion the process facilitates. Whether a student, product owner, or software developer, everyone's perspective brings something new and valuable to the table.
We loved the DiSH so much that we went back to host our next event there, New Adventures in Agile Development. Building on the successes of our first event at Lancaster Castle, we wanted to get the Hipster message out even further into the developer community. We had a series of expert speakers sharing their insights on risk, cyber threat intelligence, and the importance of ensuring digital devices keep their users safe. Attendees then took part in our interactive workshop to learn the Hipster approach to improving security decision-making!
Saskia Coplans gave a fantastic talk and told us about her experiences of outsourcing development for a healthcare app. She shared a fascinating experiment she conducted to test just how insecure the results could be! Saskia also gave us some top advice on how to manage outsourcing and boost security to ensure you don't make apps that can harm people.
We had the pleasure of leading a workshop at the Agile Manchester conference. Designed with agile developers in mind, this was the perfect conference for the Hipster Team to showcase the leading-edge research we have been doing.
Our 90 minute session gave attendees the opportunity to try out the Hipster approach to risk and threat assessment in a collaborative environment. Each group had their own unique dynamic, bringing lots of ideas and perspectives to the table.
Professor Dan Prince leads our first Cyber Threat and Risk Developer Training Day. Throughout the day, participants were equipped with essential knowledge and methods in cyber threat and risk assessment. Interactive exercises, complemented by predefined examples, enabled us to delve into the world of technical and business risk exploration. This approach fostered a creative exploration of both dimensions, resulting in a deeper understanding of potential risks and their implications.
The Cyber Threat and Risk Developer Training package builds on two years of Hipster Project research. Delivered in partnership with Barclays Eagle Labs and Plexal, the course is designed to help developers navigate the landscape of security threats and risks; empowering them to consider the causal chain of impact when assessing risk - from threat actor, to customer, to their own businesses. Here we have our inaugural cohort at DiSH Manchester in June!