Areas of expertise
- Safety, Resilience, Risk & Reliability
- Systems Engineering
Originally qualified as a design engineer with Courtaulds Engineering Ltd, was commissioned in the Army for 12 years. After sub-unit command, worked in industry specialising in information security and organisational design, running a consulting practice for 10 years. After roles in defence, health, oil and postal services, became a lecturer in Information Systems at Cardiff University. Whilst there, helped create the BSc in Information Systems and the MSc in Information Security and Privacy and was PI for one JISC- and 2 EPSRC-funded research projects.
Experienced in the application of systems methods and tools to complex systems including organisations and secure IT operations. Supported the redesign, the development of business architecture and process improvement for a major government department, was interim Head of Information Security for The Post Office, was system manager for a classified MOD site in Germany, supported two major commercial PKI implementations, and responsible for establishing and operating a commercial PKI business in Sweden.
- Chartered Engineer
- Chartered IT Professional
- Fellow of the Higher Education Academy
- BSc Mechanical Engineering
- MSc Design of Information System
Senior Lecturer in Complex Systems where his research is focused on bringing together ways of gaining insight into complexity, integrating systems thinking approaches from many disciplines that include engineering, management science, anthropology, psychiatry, systems science, biology, social science and architecture. He supervises a range of MSc, MPhil and PhD students and is Course Director for the MSc in Systems Thinking Practice.
Conducts research and consultancy in systems thinking methods and tools, applied in the Defence and other industrial, government and academic sectors. The focus is on enabling effective organisations and decision-making, decision support, resilience and Cyber/Information security.
Supervisor for four PhD students researching Information Security; specifically the persistent control of information shared in collaborative environments, integrating information security into business process definition, Cyber-Physical control systems, and software vulnerability modelling.
Currently involved in a number of areas of research covering multiple systems methods, resilient organisations, and information security/cyber defence; including:
- Socio-technical systems theory
- C2 agility and decision support
- Resilient enterprises and systems
- Problem structuring methods
- Contemporary risk modelling and analysis methods for interconnected systems
Articles In Journals
- Cherdantseva Y, Hilton J, Rana O & Ivins W (2016) A multifaceted evaluation of the reference model of information assurance & security, Computers and Security, 63 45-66.
- Lewis PJ, Hilton & JC (2012) A Statistical Analysis of Vulnerability Discovery: Microsoft Operating Systems, Engineering & Technology (E&T) Reference.
- Hilton J (2009) Improving the secure management of personal data :privacy on-line IS important, but it's not easy., Information Security Technical Report, 14 (3) 124-130.
- Hilton J (2009) Improving the secure management of personal data: Privacy on-line IS important, but it's not easy, Information Security Technical Report, 14 (3) 124-130.
- Alsalamah S, Gray WA, Hilton J & Alsalamah H (2013) Information security requirements in patient-centred healthcare support systems. In: 14th World Congress on Medical and Health Informatics (Medinfo), 2013, Copenhagen, 20-23 August 2013.
- Hilton J, Riley T, Mactaggart I & Wright C (2013) Improving decision-making and management by thinking about the enterprise through multiple dimensions. In: Systems Conference (SysCon), 2013 IEEE International, Orlando, FL, 15-18 April 2013.
- Cherdantseva Y & Hilton J (2013) A reference model of information assurance & security. In: 2013 Eighth International Conference on Availability, Reliability and Security (ARES),, Regensburg, 2-6 September 2013.
- Hilton J, Riley T & Wright C (2013) Using multiple perspectives to design resilient systems for agile enterprises. In: IEEE International Systems Conference (SysCon), 2012 , Orlando, FL, 15-18 April 2013.
- Wright C, Kiparoglou V, Williams M & Hilton J (2012) A Framework for Resilience Thinking. In: CSER 2012 : Conference on Systems Engineering Research (CSER), St. Louis, Missouri, 19-22 March 2012.
- Burnap PR, Spasic I, Gray WA, Hilton JC, Rana OF & Elwyn G (2012) Protecting patient privacy in distributed collaborative healthcare environments by retaining access control of shared information. In: International Conference on Collaboration Technologies and Systems (CTS) 2012, Denver, CO, 21-25 May 2012.
- Hilton J, Wright C & Kiparoglou V (2012) Building resilience into systems. In: IEEE International Systems Conference (SysCon), 2012, Vancouver, BC, 19-22 March 2012.
- Alsalamah S, Gray A & Hilton J (2011) Towards Persistent Control over Shared Information in a Collaborative Environment.. In: The 6th International Conference on Information Warfare and Security, Washington, 17 March 2011.
- Tawileh A, Hilton J & McIntosh S (2009) Information Security Status in Organisations 2008. In: ISSE 2008, Madrid, 7-9 October 2008.
- Burnap P & Hilton J (2009) Self Protecting Data for De-perimeterised Information Sharing. In: Third International Conference on Digital Society, 2009. (ICDS '09), Cancun, 1-7 February 2009.
- Tawileh A, Hilton J & McIntosh S (2006) Modelling the economics of free and open source software security. In: Information Security Solutions Europe 2006, Rome, 10-12 October 2006.
- Cherdantseva Y & Hilton J (2013) The 2011 survey of information security and information assurance professionals: Findings. In: Organizational, Legal, and Technological Dimensions of Information System Administration, Hershey, PA: IGI Global, p. 167-198.
- Cherdantseva Y & Hilton J (2013) Information security and information assurance: Discussion about the meaning, scope, and goals. In: Organizational, legal, and technological dimensions of information system administration, Hershey, PA: IGI Global, p. 167-198.
- Cherdantseva Y, Hilton J & Rana O (2012) Towards SecureBPMN - Aligning BPMN with the information assurance and security domain. In: Business Process Model and Notation. Lecture Notes in Business Information Processing, Berlin Heidelberg, p. 107-115.