Professor of Information Security Raimundas Matulevičius speaks about managing information security risks

On Tuesday 8 October at 16:15, Raimundas Matulevičius, UT Professor of Information Security, will deliver his inaugural lecture “Information Security Risk Management Using System Models” in English in the university’s Assembly Hall.

Information systems play an important role in our everyday lives. They are used to manage, transfer and support such information as documents, financial data and educational records. However, there exist a number of security risks that affect data and information, which need to be kept private, confidential, integral and available only to the intended audience and for the intended use. “Securing information systems and software is a necessity rather than an option,” said Professor Matulevičius.

Matulevičius considers information security risk management a systematic process during which the protected system and business assets are determined, security risks are identified, documented and refined and security countermeasures to mitigate these risks are implemented. In the lecture, Professor Matulevičius will discuss the principles of security risk management and illustrate what security risks and threats are observed in different fields of application. He will also explore how security modelling could help explain the impact of security risks and provide a rationale for security countermeasures.

According to Marlon Gerardo Dumas Menjivar, the Head of Chair of Software Engineering and a professor of Information Systems at the University of Tartu, Matulevičius and his colleagues have been advocating for more than a decade that information systems security is not about making perfectly secure systems, but rather about managing risks. “His research has helped security experts answer fundamental questions in modern information systems security: What is an information systems security risk? How can we identify such risks? How can we document, analyse and mitigate them?” Menjivar explained.

Raimundas Matulevičius is a professor of Information Security at the Institute of Computer Science in the Faculty of Science and Technology at the University of Tartu. His research focuses on the security and privacy of information, security risk management and model-driven security. He received a BSc and MSc diploma in computer science from Vytautas Magnus University in Lithuania and a PhD in computer and information science from the Norwegian University of Science and Technology. After post-doctoral studies in Namur, Belgium, he started working as an associate professor at the University of Tartu.

Matulevičius has published more than 80 articles in respected journals, given presentations at conferences and seminars and taken part in organising reputable international conferences. He is the author of the book Fundamentals of Secure System Modelling (Springer, 2017).

Further information: Raimundas Matulevičius, Professor of Information Security, University of Tartu, +372 737 5421, +372 5606 9774,

Sandra Sommer Press Officer Tel: +(372) 737 5681
Mob: +(372) 5307 7820