The ‘Scaling Trust’ project is a UKRI Future Leaders’ Fellowship examining trust in the cyber security profession. As the initial period of funding comes to an end, CIM academics Matt Spencer and Daniele Pizio have published two policy papers that engage with current challenges in cyber security.

‘Assurance by Principle: Preparing for the next generation of technology assurance’ is a report by Matt Spencer, published through the Research Institute for Sociotechnical Cyber Security (RISCS). It provides a series of recommendations for moving technology assurance policy away from prescriptive standards, and towards the new ‘goal-based’ approach that has become influential in cyber policy.

‘Deperimeterising Zero Trust: Challenging metaphors in information security’ is a policy brief by Matt Spencer and Daniele Pizio, part of the University of Warwick’s Policy Briefing Series. It examines current challenges with the trend towards a ‘Zero Trust’ paradigm for information security, and draws conclusions aimed at industry, government and academia.