Researcher biography

Professor Ryan Ko is Chair and Director of UQ Cyber at the University of Queensland, Australia. He is also Research Director of the Cooperative Research Centre for Mega-Event Innovation (MegaCRC) bid. He holds a Bachelor of Engineering (Computer Engineering)(Hons.) (2005), and PhD (2011) from Nanyang Technological University, Singapore.

Ko has held senior scientific leadership, executive, and directorship roles across industry and academia, and has more than a decade of board, governance and advisory experience across government, industry and NGOs across Australia, New Zealand, Singapore, and USA. He currently serves on the Risk and Audit Committee for the board of the global not-for-profit ORCID, AustCyber Queensland Innovation Node advisory board, Queensland Government's Digital Professionals Workforce Plan (DPWP)'s Program Advisory Board, Technical Reference Group member of Meat and Livestock Australia (MLA)'s Integrity Systems Company, and Technology Advisory Board member of the NZX-listed (NZE:LIC) Livestock Improvement Cooperation (LIC).

He is co-founder of Cyber Security Certification Australia (CSCAU), and co-founder of First Watch Ltd (NZ) – an industrial cybersecurity spin-off based on his patented OT security and provenance research at the University of Waikato. He is also an advisor to leading Australian cyber security startup Cybermetrix Pty Ltd, and the Silicon Valley-headquartered startup Nyriad.

He has also served as expert advisor to INTERPOL, the government of Tonga, NZDF, NZ Minister for Communications' Cyber Security Skills Taskforce, and one of four nationally-appointed Technical Adviser for the Harmful Digital Communications Act 2015, Ministry of Justice. Earlier in his career, Ko was a systems engineer, and subsequently founded two start-ups (one of which was a social enterprise which became an events/conventions management contractor with IMG at mega-events in Singapore, including the inaugural Youth Olympics in 2010).

Since joining the School of ITEE at UQ in 2019, he has served as Group Leader - Cyber Security (2019), the founding Discipline Leader of the Cyber Security and Software Engineering discipline (2020-2021), and most recently as Deputy Head of School (External Engagement) (2021-2022).

Ko has successfully established several university-wide, multi-disciplinary academic research and education programmes, including UQ's interdisciplinary cyber security research and postgraduate programme involving four UQ faculties, establishing NZ's first cyber security graduate research programme and lab (CROW) in 2012, establishing NZ's first Master of Cyber Security (encompassing technical and law courses), the NZ Cyber Security Challenge since 2014, and being the founding director of the New Zealand Institute for Security and Crime Science – Te Puna Haumaru, the Evidence Based Policing Centre (at Wellington with NZ Police and ESR), and Master of Security and Crime Science in 2017 with the University of Waikato, NZ.

Over his academic career, Ko has been awarded A$14.5million in competitive grants as lead Chief Investigator. Prior to UQ, he was the highest funded computer scientist in New Zealand, as Principal Investigator and Science Leader of the largest MBIE-awarded cloud security research funding for STRATUS (NZ$12.2 million; 2014-2018). STRATUS' research was awarded 'Gold' by MBIE (i.e. top performing project, 2017), adopted by INTERPOL and featured in NZ's Department of Prime Minister and Cabinet's NZ Cyber Security Strategy 2016 annual report.

Ko has a track record developing international and national cyber security curricula, including the co-creation of the gold-standard (ISC)2 Certified Cloud Security Professional (CCSP) curriculum (2014-2015), and authoring the initial draft of the NZQA's Level 6 Cybersecurity Diploma qualification as part of the NZ Cyber Security Skills Taskforce on behalf of the Department of Prime Minister and Cabinet.

Ko's research in cyber security focuses on returning control of data to users. His research reduces users' reliance on trusting third-parties and focusses on (1) provenance logging and reconstruction, traceability and (2) privacy-preserving data processing. His research is adopted internationally (e.g. CERN, INTERPOL, and HP clients such as Apple, Nasa, US Treasury/IRS). His papers have received conference Best Paper Awards (2011, 2015, 2017), and resulted in several technology transfers (e.g. HP), open source contributions (e.g. Kali Linux THC) and spin-offs (e.g. First Watch). He has published in top venues including WWW (The Web), NeurIPS, DCC, ESORICS, IEEE TrustCom, IEEE ICWS, IEEE TDSC, IEEE TSC, Computers & Security, IEEE Trans on Smart Grid, and more than 100 publications including books, refereed conference papers, journal papers, book chapters, encyclopaedia entries, technical reports and international patents (PCT).

Recently, he is researching information integrity and cyber autonomy in critical infrastructure sectors such as energy, manufacturing, regulatory and agriculture sectors. He has served in technical programme committees for more than 30 IEEE conferences/workshops, associate editor for 6 journals, and as series editor for Elsevier's security books.

Within the ISO/IEC JTC 1/SC 27 technical committee, Prof Ko is Head of Delegation for the Singapore national body, served as Editor, ISO/IEC 21878 "Security guidelines for design and implementation of virtualized servers", and hosted the ISO/IEC JTC 1/SC 27 meetings at Hamilton, New Zealand, in 2017. He is currently one of the editors of the ISO/IEC PWI 5181 Data Provenance Reference Model. In 2022, Ko co-chaired the development of the Singapore standard TR 106:2022 Tiered cybersecurity standards for enterprises in collaboration with the SPSTC and Singapore Cyber Security Agency.

Ko serves as an assessor for the Australian Research Council (ARC), Irish Research Council, Nederlandse Organisatie voor Wetenschappelijk Onderzoek (NWO),and the NZ MBIE College of Assessors (since 2015). He is also an external expert for the Tertiary Education Quality and Standards Agency (TEQSA). Ko has externally examined 11 PhD and 3 Masters theses for universities in Australia, New Zealand, Canada, Hong Kong and Singapore.

He contributed to the establishment of the Government of Tonga CERT and CERT NZ, and has spoken regularly on cyber and cloud security research across the globe, including the Republic of Korea National Assembly (2018), INTERPOL (2017), TEDx Ruakura (2017), and the NZ Members of Parliament (2016).

He is a Fellow of the Queensland Academy of Arts and Sciences, a life member of the Association for Computing Machinery (ACM), and member of the IEEE and the Australian Computer Society (ACS).

For his contributions to the field, he was elected Fellow of Cloud Security Alliance (CSA) (2016) for significant contributions to cloud security research and education, the Singapore Government (Enterprise Singapore)'s Young Professional Award (2018) for his leadership at ISO, and awarded the inaugural CSA Ron Knode Service Award 2012 for the establishment of Cloud Data Governance and Cloud Vulnerabilities Research Working Groups. He is also recipient of the 2015 (ISC)2 Information Security Leadership Award.

For his research and teaching excellence, he was awarded the University of Waikato's Early Career Excellence Award (2014), Faculty Teaching Excellence Awards (2014, 2015, 2018), and the Nola Campbell eLearning Excellence Award (2014). During his PhD, he was also awarded A*STAR SIMTech's Best Student Award (2009), and clinched the 1st Prize of the IEEE Services Cup 2009 at IEEE ICWS (CORE A*) in Los Angeles, CA.

He is an active science communicator and is regularly interviewed and featured by Australian (ABC News, SBS News, 7 News, 9 News, Courier Mail, Network 10, AFR), Singaporean (Channel NewsAsia, CNA Radio938), NZ (NZ Herald, Dominion Post,, Waikato Times, TVNZ, Central TV) and international media on topics of cyber security, cybercrime and data privacy.

Featured projects Duration
An Industrial Internet of Things Testbed for Secure Digital Agriculture
UQ Cyber Seed Funding
Secure communications for space
A pilot study of technical viability, criminal justice applications, and social implications of multilingual cross‐platform account linking
UQ Cyber Seed Funding
Secure quantum communications
Privacy preserving federated deep learning for medical imaging
UQ Cyber Seed Funding
Cyber autonomy and automation
Real-time Automatic Detection of Cyber-Attacks using Weakly Supervised Learning
UQ Cyber Seed Funding
Internet of things (IoT) and cyber physical security
A Framework to Support Organisational Leaders in Making more Informed Cybersecurity Decisions
UQ Cyber Seed Funding
Data privacy and user data control
Cyber Security for Digital Identities: A Human-Centered Approach to Safely Empowering Older Australians Online
UQ Cyber Seed Funding
Cyber law and ethics
A methodology and framework to assist organisations in managing cyber security requirements of their suppliers
UQ Cyber Seed Funding
Secure software engineering
Minimizing the Risk of Data Breaches in Virtual Workspaces
UQ Cyber Seed Funding
National security and cyber policies
Algorand Centre of Excellence on Sustainability Informatics for the Pacific
Cyber criminology
Attributing global digital payments linked to crime
ARC National Intelligence and Security Discovery Research Grants
Critical Infrastructure – Industrial Control Systems (ICS) Security