Prof Lynn Futcher

Professor and Head of Department
IT Management and Governance
Lynn.Futcher@mandela.ac.za
+27 83 688 4002
North Campus, R105

Biography / Background


I am currently an Associate Professor of the School of IT, Faculty of Engineering, the Built Environment and Technology. I have a PhD in Information Technology from the Nelson Mandela Metropolitan University and a Higher Education Diploma from UNISA. My primary areas of research include Information and Cyber Security Education and Secure Software Development. As such, I am a key member of the Nelson Mandela University’s Centre for Research in Information and Cyber Security (CRICS). I also have a keen interest in IT Project Management, Human Computer Interaction, User Experience and Usable Security. I have been actively involved in the IFIP Working Group 11.8 (Information Security Education) since 2005 taking on several committee positions including Vice-Chair and Secretary. As current Chair of this working group, I aim to promote Information Security Education, Training and Awareness in academia, government and industry by encouraging collaboration and engagement amongst these key stakeholders.
My key skills relate to three main areas, namely: teaching and learning, research and engagement. I have a passion for excellence in teaching and learning in higher education through empowering learners to reach their full potential. I fully support a learner-centered approach towards the teaching-learning process with the teacher as facilitator. In addition, I have an ongoing commitment to developing my research profile in Information and Cyber Security through the supervision of Masters and PhD students, journal publications and conference proceedings. I strongly believe in building and developing relationships locally, nationally and internationally through involvement in various committees, working groups and professional bodies thereby fostering valuable partnerships.

Qualifications
                                  
• PhD - Information Technology, Nelson Mandela Metropolitan University [2012]. Thesis entitled “An Integrated Risk-Based Approach to Support Undergraduate Students in Secure Software Development”
• Master of Technology: Information Technology, Nelson Mandela Metropolitan University, South Africa [2007]. Dissertation entitled “SecSDM: A Model for Integrating Security into the Software Development Life Cycle”

• Bachelor of Technology:  Information Technology, PE Technikon [2003]. Research project entitled “Incorporating Critical Cross-Field Outcomes and Soft Skills into the IT Diploma at PE Technikon”
• Higher Education Diploma, University of South Africa (UNISA) [2002]
• BSc Degree, University of Port Elizabeth, South Africa [1986]

Awards and Achievements

20 year Long Service Award 2019
IFIP Silver Core Award for Services Rendered to IFIP 2014
15 year Long Service Award 2014
School of ICT Emerging Researcher of the Year Award 2011
10 year Long Service Award  2009
NMMU Teacher of the Year
EBEIT Faculty Teacher of year Award
School of ICT Teacher of the Year 2007

Professional Activities
Chair of IFIP WG11.8
Vice-chair of the Eastern Cape Chapter of the IITPSA.

Teaching Interests


I believe that teaching and learning go hand-in-hand and that the true value of teaching is in the learning that it fosters. It is for this reason that I fully support a learner-centred approach towards the teaching-learning process with the teacher as facilitator. In addition, I maintain that one needs to promote critical thinking and reasoning, collaborative learning and problem solving in order to add real value to the teaching-learning process. Teaching is not about stating facts and covering the content found in textbooks – it goes far beyond this. It should aim at changing the attitude and behaviour of learners in order to enhance their capabilities and develop them as “whole” individuals thereby empowering them to reach their full potential.

My teaching interests lie primarily within the areas of IT Project Management (including the management of Software Development projects) and Information Security Management.
 

Research Interests


As chair of the IFIP WG11.8, I was co-opted onto the Association for Computing Machinery (ACM) Joint Task Force for Cybersecurity Curricula Development. My primary role was that of chair of the Global Advisory Board. This Task Force developed and published the Cybersecurity Curricular Guidelines (CSEC2017). With my involvement in the Joint Task Force, I have realised the increased need for integrating cybersecurity into the computing curriculum, specifically with respect to Software Security. Many of my postgraduate students have therefore pursued their research in this important area of study. This research has ranged from various approaches to teaching secure programming in undergraduate computing curricula to using gamification to teach cybersecurity awareness in higher education institutions. Currently, she I have newly enrolled students specifically focusing on the cybersecurity skills gap in South Africa. I hope that through an increased awareness of this gap within the South African context, academic institutions can better prepare their graduates in filling this gap.

Representative Publications

BOOKS

1. Vasileiou, I., & Furnell, S. (2019). Cybersecurity Education for Awareness and Compliance (pp. 1-306). Hershey, PA: IGI Global. doi:10.4018/978-1-5225-7847-5
[Chapter 9: Cybersecurity Curricular Guidelines. Bishop, M., Burley, D. & Futcher, L. p158-180]
2. Bishop, M., Futcher, L., Miloslavskaya, N., Theocharidou, M. (Eds) (2017).  Information Security Education for a Global Digital Society. IFIP Advances in Information and Communication Technology. Volume 503. Springer.
3. Dodge, R.C. & Futcher, L. (Eds) (2013).  Information Assurance and Security Education and Training. IFIP Advances in Information and Communication Technology. Volume 406. Springer.
4. Futcher, L. & Dodge, R.C. (Eds) (2007). Fifth World Conference on Information Security Education. IFIP Advances in Information and Communication Technology. Volume 237. Springer.

JOURNAL PUBLICATIONS

1. B. Tait et al. (Eds.): SACLA 2019, CCIS 1136, pp. 35–49, 2020. https://doi.org/10.1007/978-3-030-35629-3_3
Bangani, S., Futcher, L. & van Niekerk, J. (2019). An Approach towards Secure Programming in Undergraduate Computing Curricula.
2. B. Tait et al. (Eds.): SACLA 2019, CCIS 1136, pp. 50–63, 2020. https://doi.org/10.1007/978-3-030-35629-3_4  Ngwenya, S. & Futcher, L. (2019). Integrating Secure Coding Principles into Undergraduate Programming Modules.
3. L. Drevin and M. Theocharidou (Eds.): An Educational Intervention for Teaching Secure Coding Practises, Mdunyelwa, V., Futcher, L & van Niekerk, J. WISE 2019, IFIP AICT 557, pp. 3–15, 2019. https://doi.org/10.1007/978-3-030-23451-5_1
4. L. Drevin and M. Theocharidou (Eds.): Learning Principles and the Secure Programming Clinic, Bishop, M,  Dark, M, Futcher, L., van Niekerk, J., Ngambeki, I., Bose, S. & Zhu, M., WISE 2019, IFIP AICT 557, pp. 16–29, 2019. https://doi.org/10.1007/978-3-030-23451-5_2
5. Thomson, K., Futcher, L. & Gomana, L. (2019) "Towards a Framework for the Integration of Information Security into Undergraduate Computing Curricula". South African Journal of Higher Education, pp. 155-175, 33(3) http://dx.doi.org/10.20853/33-3-3011.
6. L. Drevin and M. Theocharidou (Eds.): Factors Influencing Smartphone Application Downloads, Janse van Rensburg, W., Thomson, K. & Futcher, L., WISE 2018, IFIP AICT 531, pp. 81–92, 2018. https://doi.org/10.1007/978-3-319-99734-6_7
7. L. Drevin and M. Theocharidou (Eds.): Identifying the Cybersecurity Body of Knowledge for a Postgraduate Module in Systems Engineering, von Solms, S. & Futcher, L., WISE 2018, IFIP AICT 531, pp. 121–132, 2018. https://doi.org/10.1007/978-3-319-99734-6_10
8. Kandeh, A.T., Botha, R.A. & Futcher, L.A., (2018), Enforcement of the Protection of Personal Information (POPI) Act: Perspective of data management professionals, South African Journal of Information Management 20(1), a917. https://doi. org/10.4102/sajim.v20i1.917
9. Joint Task Force on Cybersecurity Education (2017). Cybersecurity Curricula 2017: Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity. ACM, New York, NY, USA. DOI: 10.1145/3184594 
10. M. Bishop et al. (Eds.): WISE10, IFIP AICT 503, pp 121-132, 2017. South African Computing Educators’ Perspectives on Information Security Behaviour,  Mabece, T., Futcher, L., Thomson, . DOI: 10.1007/978-3-319-58553-6_11
11. Safa, N, von Solms, R. & Futcher, L. (2016). Human aspects of information security in organisations, Computer Fraud & Security, Volume 2016, Issue 2, February 2016, Pages 15-18, ISSN 1361-3723, http://dx.doi.org/10.1016/S1361-3723(16)30017-3.(http://www.sciencedirect.com/science/article/pii/S1361372316300173)
12. Lötter, A. & Futcher, L. (2015). A framework to assist email users in the identification of phishing attacks, Information & Computer Security, Vol. 23 Issue: 4, pp.370 – 381
13. Futcher, L. & Von Solms, R. (2011). How Can Secure Software be Trusted? South African Computer Journal, 47.
14. Futcher, L., Schroder, C. & von Solms, R. (2010). Information Security Education in South Africa. Information Management & Computer Security, Volume 18, Issue 5.

CONFERENCE PUBLICATIONS

1. Bangani, S., Futcher, L. & van Niekerk, J. (2019). An Approach towards Secure Programming in Undergraduate Computing Curricula. Proceedings of the 48th SACLA Conference, July 2019, Drakensburg, South Africa.
2. Ngwenya, S. & Futcher, L. (2019). Integrating Secure Coding Principles into Undergraduate Programming Modules. Proceedings of the 48th SACLA Conference, July 2019, Drakensburg, South Africa.
3. Scholtz, B. & Futcher, L (2019). An Investigation into Best Practice Approaches for Computing Research Programmes in South Africa. Proceedings of the 48th SACLA Conference, July 2019, Drakensburg, South Africa.
4. Janse van Rensburg, W., Thomson, K. & Futcher, L. (2018). An Educational Intervention Towards Safe Smartphone Usage. Proceedings of the 12th International Symposium on Human Aspects of Information Security & Assurance,  August 2018, Dundee, Scotland
5. Von Solms, S. & Futcher, L. (2017). Towards the Design of a Cybersecurity Module for Postgraduate Engineering Studies. Proceedings of the 11th International Symposium on Human Aspects of Information Security & Assurance,  November 2017, Adelaide, Australia
6. Mdunyelwa, V., van Niekerk, J. &  Futcher, L. (2017). Secure Coding Practices in the Software Development Capstone Project. Proceedings of the 12th International Symposium on Human Aspects of Information Security & Assurance,  November 2017, Adelaide, Australia
7. Bishop, M., Burley, D., Buck, S., Ekstrom, J.J., Futcher, L., Gibson, D., Hawthorne, E.K., Kaza, S., Levy, Y., Mattord, H. & Parrish, A.  (2017). Cybersecurity Curricular Guidelines,  Proceedings of the 10th World Information Security Education Conference, May 2017, Rome, Italy.
8. Scharnick, N., Gerber, M. & Futcher, L. (2016). Data Storage Protection Approaches for POPI Compliance within SMMEs in South Africa. Proceedings of the 2016 Information Security South Africa Conference, August 2016, Johannesburg, South Africa.
9. De Kock, R. & Futcher, L. (2016). Mobile Device Usage in Higher Education Institutions in South Africa: A Case Study. Proceedings of the 2016 Information Security South Africa Conference, August 2016, Johannesburg, South Africa.
10. Fredericks, D., Futcher, L. & Thomson, K. (2016). Comparing Student Password Knowledge and Behaviour: A Case Study. Proceedings of the 10th International Symposium on Human Aspects of Information Security & Assurance,  July 2016, Frankfurt, Germany.
11. Gomana, L., Futcher, L. & Thomson, K. (2016). An Educators Perspective of Integrating Information Security into Undergraduate Computing Curricula. Proceedings of the 10th International Symposium on Human Aspects of Information Security & Assurance,  July 2016, Frankfurt, Germany
12. Mabece, T., Futcher, L. & Thomson, K. (2016). Towards using pervasive information security education to influence information security behaviour in undergraduate computing graduates. Proceedings of the 2016 International Conference on Information Resources Management, Cape Town, South Africa.
13. Gomana, L., Futcher, L. & Thomson, K. (2015). Integrating Information Security into the IT Undergraduate Curriculum: A Case Study, Proceedings of the 44th SACLA Conference, July 2015, Johannesburg, South Africa.
14. Van Niekerk, J. & Futcher, L. (2015). The use of software design patterns to teach secure software design: an integrated approach,  Proceedings of the 9th World Information Security Education Conference May 2015, Hamburg, Germany
15. Lötter, A. & Futcher, L. (2014). A framework to assist e-mail clients in the identification of phishing scams, Proceedings of the 8th International Symposium on Human Aspects of Information Security & Assurance,  July 2015, Plymouth, United Kingdom
16. Marias, C., Futcher, L. & van Niekerk, J. (2014). Incorporating lessons learned from the ‘Indie paradigm’ into student game development projects, Proceedings of SACLA Conference, June 2014, Port Elizabeth, South Africa.
17. Futcher, M. & Gerber, M. (2014).  Comparison of institutional recommended e-learning platforms for coordination and supervision of student projects at higher educational level, Proceedings of SACLA Conference, June 2014, Port Elizabeth, South Africa.
18. Gerber, M. & Futcher, L. (2013). Towards a blended learning approach to improving the coordination and supervision of student projects. Proceedings of the ICEE ICIT 2013 Conference, December 2013, Cape Town, South Africa.
19. Lötter, A. & Futcher, L. (2013). Towards the development of a framework to assist email clients in the identification of phishing attacks, Proceedings of the 15th Annual Conference on World Wide Web Applications, September 2013, Cape Town, South Africa
20. Colesky, M.,  Futcher, L. & Van Niekerk, J. (2013). Design patterns for secure software development: demonstrating security through the MVC pattern. Proceedings of the 15th Annual Conference on WWW Applications, September 2013, Cape Town, South Africa
21. Futcher, L. & Yngström, L. (2013). A Review of IFIP TC11 WG11.8 Publications through the Ages, Proceedings of WISE8 Conference, July 2013, Auckland, New Zealand
22. Futcher, L., & von Solms, R. (2012). SecSDM: A usable tool to support IT undergraduate students in secure software development, Proceedings of HAISA Conference, June 2012, Crete, Greece
23. Van Niekerk, J. & Futcher, L. (2011). Developing Criteria for the Supervision of Computer Game Development Projects, SACLA Conference, July 2011, Durban, South Africa.
24. Futcher L. & van Niekerk, J. (2011). Towards a Pervasive Information Assurance Security Educational Model for Information Technology Curricula, Proceedings of WISE7 Conference, June 2011,  Luzerne, Switzerland.
25. Futcher, L., Schroder, C. & von Solms, R. (2010). An Integrative Approach to Information Security Education, SAISMC Conference, May 2010,  Port Elizabeth, South Africa
26. Futcher, L., & von Solms, R. (2009). A Risk-Based Approach to Formalise Information Security Requirements for Software Development, Proceedings of WCCE/WISE6 Conference, July 2009, Bento Goncalves, Brazil
27. Futcher, L., & von Solms, R. (2008). Criteria for Secure Software Development, SAICSIT Conference, October 2008, Wilderness, SA
28. Futcher, L., & von Solms, R. (2007). SECSDM: A Model for Integrating Security into the Software Development Life Cycle, Proceedings of WISE5 Conference, May 2007, New York, USA.
29. Meyer, S., Futcher, L. & van Greunen, D. (2007) Designing Accessible Portals in SA, 9th Annual Conference on WWW Applications, September 2007, Johannesburg, SA

OTHER RECOGNISED RESEARCH OUTPUTS
As Chair of IFIP WG11.8 I was invited as one of the members of the ACM Joint Task Force responsible for this publication. My main role was that of Chair of the Global Advisory Board ensuring international input on this publication.

1. Joint Task Force on Cybersecurity Education (2017). Cybersecurity Curricula 2017: Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity. ACM, New York, NY, USA. DOI: 10.1145/3184594 

Graduated Research Students

Mr B Mathew MTech: IT [part-time] Exploring the privacy calculus on social networking services from a South African perspective Graduated 2020
Mr R Evezard  Masters: IT Guidelines for the use of machine learning to predict student project group academic performance Graduated 2020
Mr S Bangani Masters: IT A framework to integrate secure programming principles into undergraduate computing curricula Graduated 2020
Mr A Mbuqe Masters: IT Cybersecurity Curricular Framework for IT Undergraduates in South Africa Graduated 2020
Mr V Mdunyelwa
(co-supervisor) Masters: IT A framework for teaching secure coding practices through a blended learning approach Graduated 2019 (cum laude)
Dr T Hilmer MPhil: IT Governance A strategy for improving the maturity level of IT Service Management in a higher education institution in South Africa Graduated 2019 (cum laude)
Mr D Fredericks Masters: IT Users Perceptions of Password Policies Graduated 2018
Ms T Mabece Masters: IT Towards an information security culture in computing related curricula   Graduated 2017
Ms L Gomana Masters: IT Guidelines for integrating information security into computing related curricula Graduated 2017
Ms N Scharnick
(co-sup) Masters: IT Guidelines for the Secure Storage of Information Assets within SMMEs in South Africa Graduated 2018
Mr R de Kock Masters: IT A Framework for Implementing Bring Your Own Device in Higher Education Institutions Graduated 2017 (cum laude)
Mr J Louw (co-sup) MTech: IT User Experience Factors For Mobile Banking Adoption Graduated 2016
Mr M Colesky MTech: IT A Model for Secure Software Design Based on the Model-View-Controller Pattern Graduated 2015 (cum laude)
Mr C Marais MTech: IT Guidelines for the use of the Indie approach in game development projects in the context of a capstone experience Graduated 2014