Dr Anna Cartwright


Principal Lecturer in Accounting, Finance and Economics

Oxford Brookes Business School


In the role of a principal lecturer I carry out various leadership and management responsibilities. This includes reviewing the performance of the school in accordance with the university’s strategic plan, taking care of our recruitment strategies and human resources more generally. In this leadership role I also see it as my duty to set out an example of being an active academic who works across disciplines, contributes towards knowledge exchange activities and generate an external income.


My research interests are within the areas of industrial economics, public economics, behavioural economics and cybersecurity.

A particular passion of mine is cross-disciplinary work and I am actively collaborating with colleagues from computer-science, psychology, criminology and data science.

I am involved with a number of externally funded projects on cyber security. The most recent project ‘Ransomware: The Role of Cyber Insurance’ (RaCI) is the cross disciplinary collaborations of academics form the University of Kent, De Montfort University, Oxford Brookes University and team of think tank Royal United Services Institute (RUSI). In this project we are aiming to understand the role of cyber insurance in handling the challenges posed by ransomware and the impact on how governments, law enforcement and the insurance industry to tackle ransomware.

In terms of public economics and behavioural economics, the main focus of my work is on the provision of threshold public goods. In this research I combine theory and lab experiments to understand how cooperation within small groups can be achieved and maintained. Recent work is published in International Journal of Game Theory, Economics Letters and Journal of Public Economic Theory.

I am a RISCSs Fellow on “Quantification and Cyber Risk” theme, since May 2021

The Fellowship on the theme was designed to contribute to two strands:

  • to optimize the use of existing UK government data on cyber security and
  • cyber-risk management in small organizations.

With the first strand, our main objective is to enable and encourage researchers to use already existing government data on cyber security like Home Office Commercial Victimization Survey, Action Fraud data, the Cyber Security Breaches Survey.

With the second strand we aimed to building on the work we done in our Home Office funded project. In that project we identified that local IT companies might be well placed to help micro and small organizations to adopt best cyber security practices. In this Fellowship we aimed to work on this and try to find answer to various questions, for example, how one could quantify cyber risk of micro businesses?

Research Projects

  • National Cyber Security Centre Grant (2021-2022) "Ransomware and insurance markets" (cross disciplinary team led by The Royal United Services). Total amount of grant is £200,000.
  • Ethereum Foundation research grant (2021) “Game theoretic modelling of an attack on the validation process of cryptocurrency” (with J. Hernandez-Castro and E. Cartwright). Total amount of grant is £30,000.
  • Home Office Grant (2018-2020) “Connecting Delayed pre-commitment with cyber awareness in order to address the perception gap and present bias”. Acted as PI with a cross university, interdisciplinary team. Total amount of grant is £43,000.
  • EPSRC Standard Grant (2017-2020) “EconoMical, PsycHologicAl and Societal Impact of ranSomware (EMPHASIS)” (interdisciplinary, cross-university collaboration team lead by E.Boiten, De Montfort University). Total amount of grant is £916,000.
  • Defence Human Capability Science & Technology Centre BAE Systems project (2016). Programme “Understanding the Moral Component of Conflict” (with E. Cartwright). Total amount of grant is £13,000.
  • Faculty research grant, University of Kent (2014). “Impulse Balance Theory and binary threshold public good games”. Total amount of grant is £3,180.

Projects as Principal Investigator, or Lead Academic if project is led by another Institution

  • RISCS Cyber Risk Quantification (02/10/2023 - 31/03/2024), funded by: National Cyber Security Centre, funding amount received by Brookes: £25,756


slide 1 of 6

Professional information

Memberships of professional bodies

  • Certified Management and Business Educator (CMBE) of The Chartered Association of Business Schools