Dissemination

Popular science

• Erik Johannes Husom, Finn Lützow-Holm Myrstad, Gencer Erdogan, Elin Volder Rutle. Feature article. Klimakostnaden for bruk av Chat GPT kan bli større enn nytteverdien. digi.no, October 28, 2024.
• Gencer Erdogan, Oddbjørn Gjerde, Merkebu Zenebe Degefa, Martin Gilje Jaatun. Cybersecurity in the electricity grid. SINTEF blogg, June 15, 2023.
• Gencer Erdogan. Syv suksesskriterier for risikovurdering. SINTEF blogg, October 3, 2022.
• Gencer Erdogan, Inger Anne Tøndel. Flere må mobiliseres i kampen mot hackerne. Feature article. Dagens Næringsliv, May 12, 2022.
• Gencer Erdogan. Utviklet kurs med simulerte cyberangrep – høstet lovord i EU. SINTEF news, June 30, 2021.
• Birthe Midtun, Per Håkon Meland, Maria Bartnes, Martin Gilje Jaatun, Ravishankar Bhaskarrao Borgaonkar, Gencer Erdogan, Halvor Molland. Dette må du må vite om cybersikkerhet. Interview, Gemini, June 10, 2021.
• Audun Jøsang, Veronica Jarnskjold Buer, Aida Omerovic, Gencer Erdogan. Tingenes Internett: En kjempeutfordring for sikkerhet og personvern. Feature article. Alt om Samfunnssikkerhet, Mediaplanet, Included as attachment to Aftenposten. September 24, 2020.

Talks, lectures, and seminars

• Guided Understanding and Assessment of Cybersecurity Risks with an LLM-enabled Navigator. Public seminar: AI for Cybersecurity. Organised by the International Research Network on Artificial Intelligence and Cybersecurity. Department of Informatics, University of Oslo, Norway, December 18, 2024.
• Security Risk Assessment of Connected Medical Devices. Invited talk. Meetup: Personvern, pasientsikkerhet, og sikkerhet i medisinskteknisk utstyr i regi av Den Norske Dataforening, Trondheim, Norway, November 28, 2024.
• Using LLMs in the context of security risk assessment. Guest lecture. IN5130 – Unassailable IT-systems, Department of Informatics, the University of Oslo, Norway, October 11, 2024.
• Human and Organizational Risk Modelling in Cybersecurity. Invited lecture. Summer School Cyber In Normandy 2024, Caen, France, 24 June 2024 – 5 July 2024. (pdf)
• Hvilke behov har energisektoren for å vurdere cyberrisiko? Invited talk. Nordea Kraftseminar 2023 – Hvor godt rustet er kraftbransjen til å vurdere og håndtere cyberrisiko? Norsk Maritimt Kompetansesenter (Norwegian Maritime Competence Center), Ålesund, Norway, October 26, 2023. (pdf)
• Needs and Challenges Concerning Cyber-risk Assessment in the Cyber-physical Smart Grid. Guest lecture. IN5130 – Unassailable IT-systems, Department of Informatics, the University of Oslo, Norway, October 6, 2023. (pdf)
• Cybersecurity Awareness and Capacities of SMEs. Guest lecture. IN5130 – Unassailable IT-systems, Department of Informatics, the University of Oslo, Norway, October 6, 2023. (pdf)
• Cybersecurity consequences for security of electricity supply and cyber security considerations in grid planning. Invited talk. CINELDI/NORCICS workshop on cyber security in cyber-physical electricity grids. Statens Hus, Trondheim, 28 March, 2023. (pdf)
• CORAL – a model-based approach to risk-driven security testing. Guest lecture. IN5130 – Unassailable IT-systems, Department of Informatics, the University of Oslo, Norway, November 15, 2017.
• CORAL – a model-based approach to risk-driven security testing. Public seminar titled “Temamøte IKT – Sikkerhet og apper”, NITO Vestfold, Borre, Norway, November 10, 2016.
• Risikovurderingsmetoder innen sikkerhet og personvern. Public seminar titled “Personvern – forordninger og press på forretningsmodeller”, Intelligente transportsystemer ITS Norge, Oslo, Norway, May 4, 2016.
• Risk-based security test design. SINTEF public seminar titled Cyberrisk: Hva slags risk er det og hva er konsekvensene for analyse og testing?, SINTEF, Forskningsveien 1, Oslo, Norway, June 18, 2015.

Conference presentations

• A Light-Weight Tool-Supported Method for Cyber-Risk Assessment in the Planning of Cyber-Physical Smart Grids. Presented at the 15th IEEE International Conference on Smart Grid Communications, Control, and Computing Technologies (SmartGridComm 2024). Oslo, Norway, 19 September 2024.
• Dynamic Cyber Risk Assessment for Connected Medical Devices: the NEMECYS Approach. Presented at the 18th International Conference on Research Challenges in Information Science (RCIS 2024). Guimarães, Portugal, 16 May 2024.
• New Medical Cybersecurity and Design Solutions (NEMECYS). Presented at the 18th International Conference on Research Challenges in Information Science (RCIS 2024). Guimarães, Portugal, 16 May 2024.
• Advanced Risk-Based Secure Computing Continuum. Presented at the Horizon Europe Cluster 3 Info-day and Brokerage Event. Brussels, Belgium, 28 June 2023.
• Cyber-risk assessment in grid planning. Presented at the CINELDI/NORCICS workshop on cyber security in cyber-physical electricity grids. Trondheim, Norway, 28 March 2023.
• Cybersecurity Awareness and Capacities of SMEs. Presented at the 9th International Conference on Information Systems Security and Privacy (ICISSP’23). Lisbon, Portugal, February 22, 2023. (pdf)
• NEMECYS: New Medical Cybersecurity Assessment and Design Solutions. Presented at the 9th International Conference on Information Systems Security and Privacy (ICISSP’23). Lisbon, Portugal, February 23, 2023.
• Vurdering av cyberrisiko for planlegging av smarte distribusjonsnett. Presented at CINELDI open day, Trondheim, Norway, November 8, 2022.
• Needs and Challenges Concerning Cyber-Risk Assessment in the Cyber-Physical Smart Grid. Presented at the 17th International Conference on Software Technologies (ICSOFT’22), Lisbon, Portugal, July 12, 2022.
• Centre for Intelligent Electricity Distribution (CINELDI). Presented at the 17th International Conference on Software Technologies (ICSOFT’22), Lisbon, Portugal, July 12, 2022.
• Information Security and Risk Management: Trustworthiness and Human Interaction. Presented at the 16th International Conference on Research Challenges in Information Science (RCIS’22), Barcelona, Spain, May 19, 2022.
• A Systematic Mapping Study on Approaches for Al-Supported Security Risk Assessment. Presented at the 45th Annual Computers, Software, and Applications Conference (COMPSAC’21), online, July 14, 2021.
• Developing Cyber-risk Centric Courses and Training Material for Cyber Ranges: A Systematic Approach. Presented at the 7th International Conference on Information Systems Security and Privacy (ICISSP’21), online, February 12, 2021.
• An Approach to Train and Evaluate the Cybersecurity Skills of Participants in Cyber Ranges based on Cyber-Risk Models. Presented at the 15th International Conference on Software Technologies (ICSOFT’20), online, July 8, 2020.
• CYBERWISER.eu – Cyber Range & Capacity Building in Cybersecurity. Presented at the 6th International Conference on Information Systems Security and Privacy (ICISSP’20), Valletta, Malta, February 26, 2020.
• A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids. Presented at the 4th International Conference on Complexity, Future Information Systems and Risk (COMPLEXIS’19), Crete, Greece, May 3, 2019.
• The learning path in CYBERWISER.eu. Presented at the 1st CYBERWISER.eu Open Pilots Workshop, Pisa, Italy, November 5, 2019.
• A Method for Developing Qualitative Security Risk Assessment Algorithms. Presented at the 12th International Conference on Risks and Security of Internet and Systems (CRiSIS’17), Dinard, France, September 21, 2017.
• Towards Transparent Real-Time Privacy Risk Assessment of Intelligent Transport Systems. Presented at the 4th Workshop on Risk Assessment and Risk-Driven Quality Assurance (RISK’16), in conjunction with the 28th International Conference on Testing Software and Systems (ICTSS’16), Graz, Austria, October 18, 2016.
• Design Decisions in the Development of a Graphical Language for Risk-Driven Security Testing. Presented at the 4th Workshop on Risk Assessment and Risk-Driven Quality Assurance (RISK’16), in conjunction with the 28th International Conference on Testing Software and Systems (ICTSS’16), Graz, Austria, October 18, 2016.
• Evaluation of the CORAL approach for risk-driven security testing based on an industrial case study. Presented at the 2nd International Conference on Information Systems Security and Privacy (ICISSP’16), Rome, Italy, February 20, 2016.
• Poster presentation of the WISER project. Presented at the 2nd International Conference on Information Systems Security and Privacy (ICISSP’16), Rome, Italy, February 20, 2016.
• Schematic generation of English-prose semantics for a risk analysis language based on UML interactions. Presented at the 2nd International Workshop on Risk Assessment and Risk-driven Testing (RISK’14), in conjunction with the 25th IEEE International Symposium on Software Reliability Engineering (ISSRE’14), Naples, Italy, November 3, 2014.
• A systematic method for risk-driven test case design using annotated sequence diagrams. Presented at the 1st International Workshop on Risk Assessment and Risk-driven Testing (RISK’13), in conjunction with 25th IFIP International Conference on Testing Software and Systems (ICTSS’13), Istanbul, Turkey, November 13, 2013.
• Risk-driven Security Testing versus Test-driven Security Risk Analysis. Presented at the 1st Doctoral Symposium on Engineering Secure Software and Systems, in conjunction with the International Symposium on Engineering Secure Software and Systems (ESSoS’12), Eindhoven, The Netherlands, February 15, 2012.
• Assessing the Usefulness of Testing for Validating the Correctness of Security Risk Models Based on an Industrial Case Study. Presented at the International Workshop on Quantitative Aspects in Security Assurance (QASA’12), in conjunction with the European Symposium on Research in Computer Security (ESORICS’12), Pisa, Italy, September 14, 2012.
• Security Testing in Agile Web Application Development – A Case Study Using the EAST Methodology. Presented at the 11th International Conference on Agile Software Development (XP’10), Trondheim, Norway, June 3, 2010.