Making Cyber Risk Visible with RiskOnto

Cybersecurity risks are often invisible until something goes wrong. This image captures my research in action as I work to make those risks understandable before harm occurs. On the table is a printed diagram that shows how cyber risk is reasoned about, connecting digital assets, threats, vulnerabilities, protective controls, and risk. The arrows illustrate how these elements interact through two central processes: threat modelling and risk assessment. On the laptop screen is a live visualization of my ontology model, a structured network that organizes cybersecurity knowledge into meaningful relationships. Together, the physical diagram and the digital model show how complex technical information can be transformed into clear, explainable connections that both humans and computers can analyze. Rather than treating cybersecurity as a collection of isolated tools, my research focuses on organizing knowledge so risks can be examined logically and transparently. By structuring how threats affect valuable systems and how controls reduce impact, this work supports more informed and proactive cyber defense decisions. This image is an original photograph created by the me.  No AI-generated imagery or adjustment was used.