Overview
Background
Professor Ryan Ko is Chair and Director of UQ Cyber and a member of the Academic Board at the University of Queensland, Australia. He holds a Bachelor of Engineering (Computer Engineering)(Hons.) (2005), and PhD (2011) from Nanyang Technological University, Singapore.
Ko has held senior scientific leadership, executive, and directorship roles across industry and academia, and has more than a decade of board, governance and advisory experience across government, industry and NGOs across Australia, New Zealand, Singapore, and USA.
He currently serves on the Audit and Risk Committee for the board of the global not-for-profit ORCID, and has served on boards and advisory groups for AustCyber, Queensland Government, Meat and Livestock Australia (MLA), and the NZX-listed (NZE:LIC) Livestock Improvement Cooperation (LIC).
He has also served as expert advisor to INTERPOL, the government of Tonga, NZDF, NZ Minister for Communications' Cyber Security Skills Taskforce, and one of four nationally-appointed Technical Adviser for the Harmful Digital Communications Act 2015, Ministry of Justice. He has also served as independent technical expert for court cases.
He is also Adjunct Professor at the Singapore Institute of Technology, and Affiliate Faculty Member at NIATEC at the Idaho State University, USA.
He is co-founder of Cyber Security Certification Australia (CSCAU), CyberCert, and First Watch Ltd (NZ) – an industrial cybersecurity spin-off based on his patented OT security and provenance research at the University of Waikato.
Since joining UQ in 2019, he has served as:
- Deputy Head of School (External Engagement) (2021-2022)
- Founding Discipline Leader of the Cyber Security and Software Engineering discipline (2020-2021)
- Group Leader - Cyber Security (2019)
Ko has successfully established several university-wide, multi-disciplinary academic research and education programmes, including establishing and leading:
- UQ Cyber - interdisciplinary cyber scurity research centre involving 60+ academics and their respective teams from the 6 Schools (EECS, Business, Economics, Law, Social Science, Mathematics & Physics), the Centre for Policy Futures, and 4 Faculties since 2019.
- UQ's interdisciplinary postgraduate programme (MCyber, PGDipCyber, GCertCyber) involving four UQ faculties in 2019,
- NZ's first cyber security graduate research programme and lab (Cybersecurity Researchers of Waikato (CROW)) in 2012,
- NZ's first Master of Cyber Security (encompassing technical and law courses), the NZ Cyber Security Challenge since 2014, and
- NZ Institute for Security and Crime Science – Te Puna Haumaru as its founding director, the Evidence Based Policing Centre (at Wellington with NZ Police and ESR), and Master of Security and Crime Science in 2017 with the University of Waikato, NZ.
Over his academic career, Ko has been awarded A$20+million in competitive grants as lead Chief Investigator, and ~A$40+million as co-investigator. Prior to UQ, he was the highest funded computer scientist in New Zealand, as Principal Investigator and Science Leader of the largest MBIE-awarded cloud security research funding for STRATUS (NZ$12.2 million; 2014-2018). STRATUS' research was awarded 'Gold' by MBIE (i.e. top performing project, 2017), adopted by INTERPOL and featured in NZ's Department of Prime Minister and Cabinet's NZ Cyber Security Strategy 2016 annual report.
Ko has a track record developing international and national cyber security curricula, including:
- Co-creation of the gold-standard (ISC)2 Certified Cloud Security Professional (CCSP) curriculum (2014-2015)
- Authoring the draft of the NZQA's Level 6 Cybersecurity Diploma qualification as part of the NZ Cyber Security Skills Taskforce on behalf of the Department of Prime Minister and Cabinet.
Ko has also experience developing competitions and coaching competitive cyber security teams, including:
- Co-founding the NZ Cyber Security Challenge in 2014, and leading the NZCSC from 2014 to 2018. NZCSC is now the premier national cyber security competition in NZ.
- Co-founding the Oceania Cybersecurity Challenge (OCC) in 2020, and leading the competition from 2022 to present. OCC is now the regional qualifiers for the International Cybersecurity Challenge
- Co-founding the International Cybersecurity Challenge (ICC) as part of the Steering Committee in 2022. ICC has been held in Athens (2022) and San Diego (2023). It is aiming to be the world cup of cyber competitions.
- Head Coach of Team Oceania for the ICC. 2022 Results: Overall 4th; 2023 Results: Overall 2nd in the world.
He contributed to the establishment of the Government of Tonga CERT and CERT NZ, and has spoken regularly on cyber and cloud security research across the globe, including the OECD, Republic of Korea National Assembly (2018), INTERPOL (2017), TEDx Ruakura (2017), and the NZ Members of Parliament (2016).
Within the ISO/IEC JTC 1/SC 27, Prof Ko was Head of Delegation for the Singapore national body, served as Editor, ISO/IEC 21878 “Security guidelines for design and implementation of virtualized servers”, and hosted the ISO/IEC JTC 1/SC 27 meetings at Hamilton, NZ, in 2017. He is currently one of the editors of the ISO/IEC PWI 5181 Data Provenance Reference Model. In 2022, Ko co-chaired the development of the Singapore standard TR 106:2022 Tiered cybersecurity standards for enterprises in collaboration with the SPSTC and Singapore Cyber Security Agency.
Ko serves as an assessor for the Australian Research Council (ARC), Irish Research Council, Nederlandse Organisatie voor Wetenschappelijk Onderzoek (NWO), and NZ MBIE College of Assessors (since 2015).
He is also an external expert for the Tertiary Education Quality and Standards Agency (TEQSA).
Ko has externally examined 11 PhD and 3 Masters theses for universities in Australia, New Zealand, Canada, Hong Kong and Singapore.
For his contributions to the field, he was elected Fellow of the Australian Computer Society, Fellow of the Queensland Academy of Arts and Sciences, and Fellow of Cloud Security Alliance (CSA) (2016). He was awarded the Singapore Government (Enterprise Singapore)’s Young Professional Award (2018) for his leadership at ISO, and awarded the inaugural CSA Ron Knode Service Award 2012 for the establishment of Cloud Data Governance and Cloud Vulnerabilities Research Working Groups. He is also recipient of the 2015 (ISC)2 Information Security Leadership Award.
For his research and teaching excellence, he was awarded the University of Queensland Awards for Excellence - Leadership (Commendation) (2023), EAIT Nominations for Most Effective Teacher (both semesters of 2020, 2021, 2022, 2023), University of Waikato's Early Career Excellence Award (2014), Faculty Teaching Excellence Awards (2014, 2015, 2018), and the Nola Campbell eLearning Excellence Award (2014). During his PhD, he was also awarded A*STAR SIMTech's Best Student Award (2009), and clinched the 1st Prize of the IEEE Services Cup 2009 at IEEE ICWS (CORE A*) in Los Angeles, CA.
Earlier in his career, Ko was a systems engineer, and subsequently founded two start-ups (one was a social enterprise which became an events/conventions management contractor with IMG at mega-events in Singapore, including the inaugural Youth Olympics in 2010).
He is an active science communicator and is regularly interviewed and featured by Australian (ABC News, SBS News, 7 News, 9 News, Courier Mail, Network 10, AFR), Singaporean (Channel NewsAsia, CNA Radio938), NZ (NZ Herald, Dominion Post, Stuff.co.nz, Waikato Times, TVNZ, Central TV) and international media on topics of cyber security, cybercrime and data privacy.
Availability
- Professor Ryan Ko is:
- Available for supervision
- Media expert
Fields of research
Qualifications
- Bachelor (Honours) of Computer Engineering, Nanyang Technological University
- Doctor of Philosophy, Nanyang Technological University
- Certificate of Management, Harvard University
- Fellow, Australian Computer Society, Australian Computer Society
- Fellow, Cloud Security Alliance, Cloud Security Alliance
- Fellow, Queensland Academy of Arts and Sciences, Queensland Academy of Arts and Sciences
Research interests
-
Automating Cyber Security for Critical Infrastructure
Designing cyber autonomy to empower all end-users.
-
Operational Technology (OT) Security
Focusing on Industrial Control Systems (ICS) and related protocols.
-
Provenance and Traceability
Applications into AgTech, IoT, Edge, Cloud Computing and OT environments.
-
Trusted Computing Applications
Applications into agriculture, regulatory, auditing and media.
-
Data Privacy and Privacy Enhancing Technologies
Enabling secure and private multi-party computation.
-
AI Planning/ Automated Planning
Adapting classical AI planning approaches into cyber security.
-
Applying Situation Crime Prevention to Cybercrime Prevention
Applying SCP techniques into processes and controls to prevent cybercrime.
-
Board and Organisational Structures for Cyber Resilience
Understanding how factors and pressures (e.g. board composition and organisational structures, external pressures) affect an organisation's cyber resilience.
-
Creating Measurable Indicators of Cyber Resilience
Developing a framework to quantify factors allowing senior executives to understand and make decisions about cyber resilience.
Research impacts
Ko's research in cyber security focuses on returning control of data to users. His research reduces users' reliance on trusting third-parties and focusses on (1) provenance logging and reconstruction, traceability and (2) privacy-preserving data processing. His research is adopted internationally (e.g. CERN, INTERPOL, and HP clients such as Apple, Nasa, US Treasury/IRS). His papers have received conference Best Paper Awards (2011, 2015, 2017), and resulted in several technology transfers (e.g. HP), open source contributions (e.g. Kali Linux THC) and spin-offs (e.g. First Watch). He has published in top venues including WWW (The Web), NeurIPS, DCC, ESORICS, IEEE TrustCom, IEEE Comms Surveys and Tutorials, IEEE ICWS, IEEE TDSC, IEEE TSC, Computers & Security, IEEE Trans on Smart Grid, and more than 100 publications including books, refereed conference papers, journal papers, book chapters, encyclopaedia entries, technical reports and international patents (PCT).
Recently, he is researching information integrity and cyber autonomy in critical infrastructure sectors such as energy, manufacturing, regulatory and agriculture sectors. He has served in technical programme committees for more than 30 IEEE conferences/workshops, associate editor for 6 journals, and as series editor for Elsevier's security books.
Works
Search Professor Ryan Ko’s works on UQ eSpace
Featured
2022
Conference Publication
Positive-unlabeled learning using random forests via recursive greedy risk minimization
Wilton, Jonathan, Koay, Abigail M. Y., Ko, Ryan K. L., Miao Xu and Ye, Nan (2022). Positive-unlabeled learning using random forests via recursive greedy risk minimization. 36th Conference on Neural Information Processing Systems (NeurIPS 2022), New Orleans, LA, United States, 29 November - 1 December 2022. New Orleans, LA, United States: Neural information processing systems foundation.
Featured
2022
Journal Article
Multiscale adaptive multifractal detrended fluctuation analysis-based source identification of synchrophasor data
Cui, Yi, Bai, Feifei, Yin, Hongzhi, Chen, Tong, Dart, David, Zillmann, Matthew and Ko, Ryan K. L. (2022). Multiscale adaptive multifractal detrended fluctuation analysis-based source identification of synchrophasor data. IEEE Transactions on Smart Grid, 13 (6), 1-4. doi: 10.1109/tsg.2022.3207066
Featured
2022
Journal Article
Preserving privacy for distributed genome-wide analysis against identity tracing attacks
Zhang, Yanjun, Bai, Guangdong, Li, Xue, Nepal, Surya, Grobler, Marthie, Chen, Chen and Ko, Ryan K. L. (2022). Preserving privacy for distributed genome-wide analysis against identity tracing attacks. IEEE Transactions on Dependable and Secure Computing, 20 (4), 1-17. doi: 10.1109/tdsc.2022.3186672
Featured
2022
Journal Article
An exploratory study of organizational cyber resilience, its precursors and outcomes
Tsen, Elinor, Ko, Ryan K. L. and Slapnicar, Sergeja (2022). An exploratory study of organizational cyber resilience, its precursors and outcomes. Journal of Organizational Computing and Electronic Commerce, 32 (2), 1-22. doi: 10.1080/10919392.2022.2068906
Featured
2022
Journal Article
Situational Crime Prevention (SCP) Techniques to Prevent and Control Cybercrimes: A Focused Systematic Review
Ho, Heemeng, Ko, Ryan and Mazerolle, Lorraine (2022). Situational Crime Prevention (SCP) Techniques to Prevent and Control Cybercrimes: A Focused Systematic Review. Computers & Security, 115 102611, 1-24. doi: 10.1016/j.cose.2022.102611
Featured
2021
Conference Publication
On random editing in LZ-end
Roodt, Daniel, Speidel, Ulrich, Kumar, Vimal and Ko, Ryan K. L. (2021). On random editing in LZ-end. 2021 Data Compression Conference (DCC), Snowbird, UT United States, 23 - 26 March 2021. Piscataway, NJ United States: Institute of Electrical and Electronics Engineers. doi: 10.1109/dcc50243.2021.00074
Featured
2021
Conference Publication
It’s Not Just the Site, It’s the Contents: Intra-domain Fingerprinting Social Media Websites Through CDN Bursts
Wang, Kailong, Zhang, Junzhe, Bai, Guangdong, Ko, Ryan and Dong, Jin Song (2021). It’s Not Just the Site, It’s the Contents: Intra-domain Fingerprinting Social Media Websites Through CDN Bursts. WWW '21: The Web Conference 2021, Ljubljana, Slovenia, 19-23 April 2021. New York, NY United States: ACM. doi: 10.1145/3442381.3450008
Featured
2021
Journal Article
Source authentication of distribution synchrophasors for cybersecurity of microgrids
Cui, Yi, Bai, Feifei, Yan, Ruifeng, Saha, Tapan, Ko, Ryan K L and Liu, Yilu (2021). Source authentication of distribution synchrophasors for cybersecurity of microgrids. IEEE Transactions on Smart Grid, 12 (5) 9454123, 1-1. doi: 10.1109/tsg.2021.3089041
Featured
2020
Journal Article
Differentially private collaborative coupling learning for recommender systems
Zhang, Yanjun, Bai, Guangdong, Zhong, Mingyang, Li, Xue and Ko, Ryan K. L. (2020). Differentially private collaborative coupling learning for recommender systems. IEEE Intelligent Systems, 36 (1) 9130104, 1-1. doi: 10.1109/MIS.2020.3005930
Featured
2020
Conference Publication
PrivColl: practical privacy-preserving collaborative machine learning
Zhang, Yanjun, Bai, Guangdong, Li, Xue, Curtis, Caitlin, Chen, Chen and Ko, Ryan K. L. (2020). PrivColl: practical privacy-preserving collaborative machine learning. European Symposium on Research in Computer Security, Guildford, United Kingdom, 14-18 September 2020. Cham, Switzerland: Springer International Publishing. doi: 10.1007/978-3-030-58951-6_20
Featured
2018
Other Outputs
ISO/IEC 21878:2018 Information technology -- Security techniques -- Security guidelines for design and implementation of virtualized servers
Ko, Ryan, Clarke, Geoff, Ramaswamy, Chandramouli, Ge, Xiaoyu and Chaudury, Abhik (2018). ISO/IEC 21878:2018 Information technology -- Security techniques -- Security guidelines for design and implementation of virtualized servers. ISO/IEC JTC 1/SC 27 Information Security, cybersecurity and privacy protection Geneva, Switzerland: ISO.
Featured
2017
Journal Article
A scalable approach to joint cyber insurance and security-as-a-service provisioning in cloud computing
Chase, Jonathan, Niyato, Dusit, Wang, Ping, Chaisiri, Sivadon and Ko, Ryan (2017). A scalable approach to joint cyber insurance and security-as-a-service provisioning in cloud computing. IEEE Transactions on Dependable and Secure Computing, 16 (4) 7926340, 1-1. doi: 10.1109/tdsc.2017.2703626
Featured
2017
Conference Publication
The full provenance stack: five layers for complete and meaningful provenance
Ko, Ryan K. L. and Phua, Thye Way (2017). The full provenance stack: five layers for complete and meaningful provenance. 10th International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, SpaCCS 2017, Guangzhou, China, 12-15 December 2017. Cham, Switzerland: Springer . doi: 10.1007/978-3-319-72395-2_18
2024
Other Outputs
The Australia-Korea Cyber Cooperation in the Context of the Australian Cyber Security Strategy 2023-2030
Ko, Ryan (2024). The Australia-Korea Cyber Cooperation in the Context of the Australian Cyber Security Strategy 2023-2030. Korea on Point: The Korean Association of International Studies.
2024
Conference Publication
Privacy-preserving and fairness-aware federated learning for critical infrastructure protection and resilience
Zhang, Yanjun, Sun, Ruoxi, Shen, Liyue, Bai, Guangdong, Xue, Minhui, Meng, Mark Huasong, Li, Xue, Ko, Ryan and Nepal, Surya (2024). Privacy-preserving and fairness-aware federated learning for critical infrastructure protection and resilience. WWW '24: ACM Web Conference 2024, Singapore, Singapore, 13-17 May 2024. New York, NY, United States: ACM. doi: 10.1145/3589334.3645545
2024
Book Chapter
AI for designing responsible and resilient food systems
Ko, Ryan, Gain, Alexandria, Bongiovanni, Ivano, Browne, Will, Jarkas, Omar, Uhlmann, Kora and Viller, Stephen (2024). AI for designing responsible and resilient food systems. Food AI: A game changer for Australia’s food and beverage sector. (pp. 69-78) edited by Janet R. McColl-Kennedy and Damian Hine. Brisbane, QLD, Australia: The University of Queensland, Australia's Food and Beverage Accelerator (FaBA). doi: 10.14264/f5f35d0
2024
Conference Publication
Scp-bp framework: situational crime prevention for managing data breaches in business processes
Miao, Cheng, Ho, Heemeng, Tsen, Elinor, Gilmour, John and Ko, Ryan K. L. (2024). Scp-bp framework: situational crime prevention for managing data breaches in business processes. Business Process Management 22nd International Conference, BPM 2024, Krakow, Poland, 1-6 September 2024. Cham, Switzerland: Springer Nature Switzerland. doi: 10.1007/978-3-031-70396-6_26
2024
Journal Article
Utilizing cyberplace managers to prevent and control cybercrimes: a vignette experimental study
Ho, Heemeng, Gilmour, John, Mazerolle, Lorraine and Ko, Ryan (2024). Utilizing cyberplace managers to prevent and control cybercrimes: a vignette experimental study. Security Journal, 37 (1), 129-152. doi: 10.1057/s41284-023-00371-8
2024
Other Outputs
PRISMA Results for Using Situational Crime Prevention (SCP)-C3 Cycle and Common Inventory of Cybersecurity Controls from ISO/IEC 27002:2022 to Prevent Cybercrimes
Ho, Hee Meng, Ko, Ryan, Mazerolle, Lorraine and Miao, Cheng (2024). PRISMA Results for Using Situational Crime Prevention (SCP)-C3 Cycle and Common Inventory of Cybersecurity Controls from ISO/IEC 27002:2022 to Prevent Cybercrimes. The University of Queensland. (Dataset) doi: 10.48610/71aa67b
2024
Journal Article
Using Situational Crime Prevention (SCP)-C3 cycle and common inventory of cybersecurity controls from ISO/IEC 27002:2022 to prevent cybercrimes
Ho, Heemeng, Ko, Ryan, Mazerolle, Lorraine, Gilmour, John and Miao, Cheng (2024). Using Situational Crime Prevention (SCP)-C3 cycle and common inventory of cybersecurity controls from ISO/IEC 27002:2022 to prevent cybercrimes. Journal of Cybersecurity, 10 (1) tyae020. doi: 10.1093/cybsec/tyae020
Funding
Current funding
Past funding
Supervision
Availability
- Professor Ryan Ko is:
- Available for supervision
Before you email them, read our advice on how to contact a supervisor.
Supervision history
Current supervision
-
Doctor Philosophy
Distributed data collection infrastructure for IT and OT networks for automated early warning detection
Principal Advisor
Other advisors: Associate Professor Guangdong Bai, Dr Naipeng Dong
-
Doctor Philosophy
Efficient Methods for Automating Reconstruction of Provenance and Cryptocurrency Networks for Crime Attribution
Principal Advisor
Other advisors: Dr Miao Xu
-
Doctor Philosophy
Evaluating and Improving Type Inference Models for Web Application Reverse Engineering
Principal Advisor
Other advisors: Associate Professor Mark Utting, Professor Michael Bruenig
-
Doctor Philosophy
Adaptive, secure and resilient programmable logic controllers (PLCs) and data transfer protocols
Principal Advisor
Other advisors: Professor Tapan Saha, Associate Professor Guangdong Bai
-
Doctor Philosophy
Virtualized Root of Trust in Cloud Computing
Principal Advisor
Other advisors: Dr Naipeng Dong
-
Doctor Philosophy
Secure, Accountable and Provenance-Centric File System
Principal Advisor
Other advisors: Associate Professor Guangdong Bai
-
Doctor Philosophy
Applying Situational Crime Prevention to Business Processes to Prevent Cybercrime
Principal Advisor
-
Doctor Philosophy
A Distributed Data Collection Infrastructure For Automating Industrial Control Systems Security
Principal Advisor
Other advisors: Associate Professor Guangdong Bai, Dr Naipeng Dong
-
Doctor Philosophy
Distributed data collection infrastructure for IT and OT networks for automated early warning detection
Principal Advisor
Other advisors: Associate Professor Guangdong Bai, Dr Naipeng Dong
-
Doctor Philosophy
The nexus between data breaches, cyber safety and employee productivity in the hybrid work context
Associate Advisor
Other advisors: Associate Professor Remi Ayoko
-
-
Doctor Philosophy
Advancing cyberworthiness via integration of AI and Model-Based Systems Engineering (MBSE)
Associate Advisor
Other advisors: Dr Priyanka Singh
-
Doctor Philosophy
Security of Internet of Things (IoT) Integration
Associate Advisor
Other advisors: Associate Professor Guangdong Bai
-
Doctor Philosophy
IoT security analytics
Associate Advisor
Other advisors: Dr Naipeng Dong, Associate Professor Guangdong Bai
-
Doctor Philosophy
Unified Cyber Security Framework for Distributed Learning
Associate Advisor
Other advisors: Associate Professor Guangdong Bai
-
Doctor Philosophy
Examining Changes in Conspiracy Discourse on Reddit from 2019 - 2023
Associate Advisor
Other advisors: Dr Martin Schweinberger
-
Doctor Philosophy
Informal and formal justice for rape: Digital "court" and court trials in Australia
Associate Advisor
Other advisors: Dr Allison Fish, Dr Jonah Rimer
-
Completed supervision
-
2024
Doctor Philosophy
Using Situational Crime Prevention (SCP) to Prevent Cybercrimes
Principal Advisor
Other advisors: Professor Lorraine Mazerolle
-
2023
Doctor Philosophy
Security and Performance Evaluation of Software Defined Networking adopting Moving Target Defenses
Associate Advisor
Other advisors: Associate Professor Dan Kim
-
2023
Doctor Philosophy
Investigating the components of a contextual cyber resilience for organisations
Associate Advisor
Other advisors: Associate Professor Sergeja Slapnicar
-
2021
Doctor Philosophy
Privacy-preserving Sharing for Genome-wide Analysis
Associate Advisor
Other advisors: Dr Caitlin Curtis, Associate Professor Guangdong Bai, Professor Xue Li
Media
Enquiries
Contact Professor Ryan Ko directly for media enquiries about:
- AI for Cyber Security
- Cloud Computing Security
- Critical infrastructure security
- Cyber Attack Attribution
- Cyber Crime
- Cyber Security
- Cybersecurity
- Data Accountability
- Data Control
- Data Privacy
- Data Provenance
- Data Tracking
- ICS Security
- Industrial control systems security
- Information Security
- Privacy enhancing technologies
Need help?
For help with finding experts, story ideas and media enquiries, contact our Media team: