Founder

Founder

Dr Steph Rudd is the founder of Dr Speffle Cyber Resilience Ltd (DSCR), an independent cyber resilience research and advisory practice focused on quantitative models of ransomware defence and organisational cyber readiness.

Her work centres on the development of measurable enterprise resilience frameworks that allow organisations to understand how governance structures, operational dependencies, and technical safeguards interact to influence defensive readiness against ransomware and cyber extortion threats.

Steph’s research bridges academic security research and enterprise architecture practice, translating complex security dynamics into clear executive-level metrics and structured readiness models that can be interpreted by leadership, insurers, regulators, and technical teams alike.

Her work focuses particularly on the structural conditions that allow ransomware to propagate across organisations, and on the development of formal readiness metrics capable of quantifying defensive posture before an incident occurs.

About DSCR

Dr Speffle Cyber Resilience Ltd (DSCR) is an independent cyber resilience research and advisory practice specialising in ransomware readiness measurement and structural resilience modelling.

Rather than focusing solely on compliance checklists or point security technologies, DSCR examines how organisational structure influences defensive outcomes.

DSCR engagements analyse the interaction between:

  • Organisational governance structures
  • Operational technology dependencies
  • Identity and access control architecture
  • Monitoring and detection capability
  • Backup and recovery resilience

These factors are modelled to provide organisations with a structured understanding of their defensive posture, enabling leadership teams to evaluate cyber readiness in a clear and defensible way.

The work combines:

  • Academic research methodologies
  • Enterprise architecture analysis
  • Governance and regulatory alignment

to produce board-level resilience assessments and quantitative readiness models.

Publications

Steph’s research focuses on quantitative cyber resilience metrics, ransomware propagation modelling, and lightweight security architectures for constrained systems, bridging academic security research with enterprise cyber resilience practice.

  • Quantifying Human Entry-Point Risk: Phishing Resilience Metrics for Operational Readiness. Proceedings of the International Conference on Internet of Things, Big Data and Security (IoTBDS 2026). Paper accepted, publication pending.

  • Ransomware Reconnaissance: Interrogating Certificates Towards Proactive Threat Mitigation.
    Proceedings of the 9th International Conference on Internet of Things, Big Data and Security (IoTBDS 2024), pp. 97–106. SCITEPRESS – Science and Technology Publications.

  • Threat Modelling with the GDPR towards a Security and Privacy Metrics Framework for IoT Smart-Farm Application.
    Proceedings of the 7th International Conference on Internet of Things, Big Data and Security (IoTBDS 2022), pp. 91–102.

  • Towards Lightweight Authorisation of IoT-Oriented Smart-Farms Using a Self-Healing Consensus Mechanism.
    Proceedings of the 31st Conference of Open Innovations Association (FRUCT), pp. 265–276. IEEE.

  • Low-Energy Authentication with Selective Privacy for Heterogeneous IoT Devices in Smart-Farms.
    Proceedings of the 30th Conference of Open Innovations Association (FRUCT), pp. 230–238. IEEE.

  • Selective Privacy in IoT Smart-Farms for Battery-Powered Device Longevity.
    Permanent identifier: arXiv:2108.02579