This article was edited by SPRITE+ Research Associate Dmitry Dereshev, with responses and edits from Assistant Professor (Lecturer) with the School of Computer Science and Informatics Neetesh Saxena.
The spotlight today is on Neetesh Saxena – Assistant Professor (Lecturer) with the School of Computer Science and Informatics at Cardiff University, and a SPRITE+ Member. Some of Neetesh’s latest publications include:
How would you describe your job to a 12-year-old?
I am a scientist who researches securing the digital world, including data, applications, and systems.
Could you describe what you do during a typical workday?
I am an academic who researches and teaches cybersecurity at Cardiff University, where I also lead the Cyber and Critical Infrastructure Security (CyCIS) Lab. My typical workday involves delivering talks and lectures and sitting on internal/external committees and stakeholder meetings. I also meet with doctoral students to understand their needs, guide them in developing hypotheses, and offer support in building their experiments and analytical thoughts day in, day out.
Could you describe a challenging project that you have recently worked on?
I am working with our industry partners to create and develop simulation testbeds and experiments around operational technology (OT) security and resilience within the energy sector. Our idea is to explore the existing capabilities, techniques and tools currently applied by the industry, understand their capacity, and identify gaps that cannot be fulfilled with such tools.
Additionally, my focus is on building new experiments and key solutions for enhanced understanding of the dynamics and physics of complex systems that could prepare the industry to anticipate and guard against cyberattacks in real-world settings.
What training/experience did you have at the start of your career?
I was always passionate about science and technology and was tremendously interested in building my career in that area. I completed an undergraduate degree in Computer Science & Engineering, and a master’s degrees in Information Technology. Thereafter, I earned a PhD in Security at the Indian Institute of Technology (IIT) Indore. That was an exciting time for me, as I was learning new things and at the same time, I was able to deliver quality research work. Working on mobile network security, I managed to develop secure techniques against insecure authentication and short-messages’ (SMS) confidentiality within these networks. I also did some work around creating new security protocols for new applications such as SMS security for individuals sending sensitive messages to their friends and colleagues (e.g. sharing personal details, notifying family members and friends for any urgent but confidential help) and delivering secure SMS for mobile banking and value-added services.
With four academic job offers after my PhD, I decided to expand my research skills with postdoctoral training. Further on I realized I had a strong passion for research rather than just teaching. I joined Stony Brook University (and SUNY Korea, Korean campus) and Georgia Tech (USA), working on more advanced interdisciplinary projects on the industrial control system security, particularly on the cyber-physical smart grid. During this period, I developed key tools and techniques for monitoring critical infrastructure and securing data and control information against cyber-attacks. I believe that these jobs have helped me gain deeper insight both into the research and into my skills.
How did you get into your current role?
I was keen to join an esteemed organisation where I can do my research and lead some of the fascinating work in cybersecurity. Fortunately, I was able to secure an academic position at Cardiff University where I am currently involved with research, teaching, and professional services.
What do you wish you had known when you started your career?
I did not have sufficient information or personalised guidance on the right path to success and on how to build resilience to failures. Challenging yourself is the key to success. It is important to feel positive and progressive, even though you face some negativity from society and, importantly, from the professional community members. It will all start to make sense again when things work for you. So, have patience and keep doing things and building yourself. Things may become easier if you have someone who can guide you – especially in what not to do and directing you on how to convert your failure moments into successful ones.
What would you recommend to people who want to follow in your footsteps?
The foremost thing is to realise that stepping into a research career is not about making big monetary gains. More importantly, you must love what you do because if you do not, you will not do it with much conviction or passion. If you feel happy in accomplishing some interesting research, this is the path for you. Otherwise, you will feel frustrated and will be struggling to find happiness in your work. If you are driven by science and technology and willing to address societal challenges by your contributions – this is the path for you. Earning PhD is a very demanding, challenging, and onerous, so make sure you know why you are investing your 3-5 years in this training before you are on board.
The ultimate takeaway from my journey is that it is important to imagine where you want to see yourself in your career first, then plan for it and execute thoroughly. It is vital to have patience while you improve the skills required to perform the job effectively. If you have admiration and enormous devotion for that kind of work, and you intend to build the right skills, it is just a matter of time. Sooner or later you will achieve your goal. Look at the world from the point of view of positivity and hopefulness.
What troubles did you have progressing through your career?
One thing that all researchers must accept is failure. Many times, we get rejections whether it is with research articles or funding for projects. This happens to most of us. We all live in a competitive world where only the best candidates get the hat. There is no issue in getting rejected, but it is important to learn from rejections and failures, understand challenges, address issues, and move on.
What one stereotype would like to dispel about your job or industry?
Many people think researchers and academics know only the theoretical stuff and they are not close to what industry does. In my opinion, many people choose this profession because they want to use academic freedom in doing what they want to do, which is not always possible in the industry. It is true that most academic research evolves around grounding work, but it is extremely vital for the industry to use this base for undertaking more practical research.
Besides, many more researchers, professors and scientists are now involved with their industry partners to conduct cutting-edge research and develop advanced tools and techniques directly advantageous to the industry. This also allows our students to have an extra edge when they face industry job roles. It is not only the responsibility of the academic world to build students’ competencies close to industry work, but the industry itself is also equally accountable for offering opportunities and facilitation for the students to learn practical aspects of the work beneficial in the corporate world.
How would you describe your research or business interest in relation to SPRITE+?
The work carried out by SPRITE+ matches my interest and research work. I think it is good to be connected and feel like a community member involved in exchanging ideas and efforts.
How do you hope to benefit from working with SPRITE+ network?
SPRITE+ runs several exciting workshops and events for researchers and students. This helps, especially the PhD students, to take in key ideas and learn about advanced and ongoing research. I am mostly interested in security and privacy on how to develop secure systems in the digital world from an interdisciplinary perspective.
Which of the SPRITE+ Challenge Themes can you relate to from the job that you do? How does it impact your role?
I would say ‘Digital Vulnerabilities’, particularly, how to protect networks, hardware, individuals and organisations from progressively complex harms and make them resilient against such damage. My work on the cyber-physical smart grid is well linked with this theme. We, at Cardiff University, are trying to build secure and resilient cyber-physical systems via threat and system modelling, anomaly detection and effective incident response.