Vol. 10, Issue 1

Editorial

Welcome to the first issue of JIW for 2011 and the 28^th issue overall. The Journal of Information Warfare is committed to an involvement in the wider discipline of information warfare and information operations. This issue considers a range of issues relating to Information Warfare.

This issue has four papers. The paper by Choobineh, Anderson, Fazen and Grimaila assesses mission risk from the operational context. It explains the need for a more nuanced consideration of the impact of communications breaches, as well as their associated impacts on critical decision-making in a command structure. The methodology presented offers command decision-making at a high level that is based upon pragmatic risk indexing.

The paper by Cook and Smith examines fundamental differences in how money-laundering is undertaken through a variety of informal remittance frameworks. The paper identifies the rapidly growing (and largely overlooked) range of online remittance options and the associated compliance difficulties with an anti-money laundering system that relies on self regulation in regards to remittance legislation.

The paper by Flaherty considers ‘highly perishable information’. This paper discusses the possible trade – off between reduced training and higher situational awareness. These offsets are studied by means of case study analyses of mass public events and high profile London Underground incidents. This piece looks at steward preparation and situational awareness in the lead-up to the 2012 Olympic Games to be held in London.

The final paper by Beraud and Ahmad considers security risk assessment from a different perspective. Whilst most assessments focus on likely threats and vulnerabilities, this paper looks at critical infrastructure protection through the lens of complex interdependencies. The paper does not oppose traditional risk assessment, but rather it posits an augmentation to standard assessment methodology by incorporating a multi-factor interdependency model.

David Cook

Coordinating Editor

April 2011

d.cook@ecu.edu.au

Table Of Contents

Paper 1: Assessment of Mission Risk: Role of Protection of Information and Communication Technology Resources

Paper 3: Rewarding Situational Awareness and Highly Perishable Information

C. Flaherty

Paper 4: A Process of Identification of Security Risks from Critical Infrastructure Interdependencies

About the Authors

Atif Ahmad is an information security researcher, lecturer and independent security consultant based at the Department of Information Systems, University of Melbourne. His research interests are in asymmetric warfare and information security risk assessments especially where knowledge artifacts are concerned. In previous years Atif has worked as a consultant for Pinkerton and WorleyParsons where he applied his expertise to Internet corporations and critical infrastructure installations.

Chris Flaherty is a senior risk consultant at Greymans Limited. He currently specializes in the area of Mass Gathering Vulnerability analysis in the United Kingdom, as well as advising on risk analysis projects for building facilities. His work covers a broad spectrum of risk-related endeavours including resilience, counter-terrorism, critical infrastructure protection, 3D tactics, fragmentation and vulnerability analysis. Chris has a PhD in Economic Relations from the University of Melbourne.

David Cook is a Lecturer in Security at Edith Cowan University (ECU). He joined ECU in 2008 after graduating with an MBA and a BA Honours (First Class) from Murdoch University. David has considerable experience in South-East Asia spending time at both Gajah Mada University in Central Java and Universitas Muhammadiyah in Malang, Indonesia. His research interests include counter-terrorism, money laundering, governance, cyber resilience, information security, new media ethics, and critical infrastructure protection. He is currently the Coordinating Editor for the Journal of information Warfare. In 2010 he was the Australian Computer Society “Education Across the Nation” guest lecturer.

Evan Anderson, is a Professor of Management Information Systems. He joined Texas A&M University in 1998 as the E.D. Brockett Professor of Information and Operations Management and is a co-founder of the Texas A&M Center for Information Assurance and Security. Prior to joining Texas A&M, he was GMU Foundation Professor and Director of Technology Management in the Graduate Business Institute at George Mason University. He received a Ph.D. (1970) from Cornell University, England. His research has appeared in journals such as: Accounting Review, Decision Sciences, Operations Research, Naval Research Logistics, Management Science, Mathematical Methods of Operations Research, University of Chicago’s Journal of Business, IIE Transaction, Journal of Management Information Systems, MIS Quarterly, Computers and Security, and IEEE Transactions: Engineering Management. His research has have been funded by grants from organizations such as: Bell Atlantic-Nynex, CISCO Systems, EDS, Hughes Electronics, IBM, Perot Systems, the National Security Agency and Teradata (NCR).

Patrick Beraud is an innovative Information Technology Professional with over 14 years experience gained from managing and directing complex global ICT projects in several regions including Europe, Australia, Taiwan, West Africa and Canada. He has several key career achievements under his belt, including team leadership for implementation of the Active Directory Services for the Public Financial Management Reform Program for the Republic of Ghana, Technical Director for Pharaon Telecom & Technologies in Australia and Benin, and analysing and designing network engineering projects for Sparq Solutions and its parent Australian companies, ENERGEX & Ergon Energy. His current post is Manager, Systems Engineering Management for a Market Trading Systems at Australian Energy Market Operator (AEMO). He passes on his knowledge through presentations, including in 2009 at University of Melbourne (Impact on Digitization) and as a speaker at the Computer Security Institute Conference in Washington, D.C. (paper on strategic Critical Infrastructure Protection Frameworks). Patrick received a Master of eForensics and Enterprise Security from the University of Melbourne in 2009.

Timothy Smith is a Security Science student at Edith Cowan University. He is currently working towards the completion of a Bachelor of Counterterrorism, Security and Intelligence. His research interests include money laundering and Just War theory.

Joobin Choobineh’s (B.S., MBA, Ph.D. U. of Arizona) research areas include Management Information Systems and their security, Business Database Systems, and Systems Analysis and Design. He has authored or been a coauthor of more than fifty (50) articles that have appeared in journals and conference proceedings such as (in alphabetical order) Annals of Operations Research, Communications of the ACM, Communications of the AIS, Database Engineering, Computers & Security, Decision Support Systems, IEEE Transactions on Software Engineering, Information and Management, Information Strategy, Information Systems, Information Systems Management, INFORMS Journal on Computing, Intl. J. Of Operations & Production Management, J. of Database Management, J. of Management Information Systems, Omega, and The Database for Advances in Information Systems. He has served as the chair of 8 and committee member of 11 Ph.D. students. Dr. Choobineh is currently an Associate Editor of INFORMS Journal on Computing and serves on the editorial board of the International Journal of Business Information Systems.

Michael Fazen (MS/MIS, Texas A&M University) is a Lieutenant Colonel, US Army. He is a Strategic Planner at 106th Signal Brigade, 7th Signal Command (T), 9th Signal Command (A).

Michael Grimaila (BS, Electrical Engineering; MS, Electrical Engineering; and PhD, Computer Engineering, all from Texas A&M University) is an associate professor in the Systems and Engineering Management department, member of the Center for Cyberspace Research (CCR), and a visiting research fellow in the Air Force Center for Systems Engineering (CSE) at the Air Force Institute of Technology (AFIT), Wright-Patterson AFB, Ohio. He holds the Certified Information Security Manager (CISM), the Certified Information Systems Security Professional (CISSP), and the National Security Agency’s INFOSEC Assessment Methodology and INFOSEC Evaluation Methodology certifications. He teaches and conducts research in the areas of computer security, data communications, database, information assurance and security, and information warfare. Dr. Grimaila serves as an Editorial Board member of the Information System Security Association (ISSA) Journal and consults for numerous DoD organizations and agencies. He is a member of the ACM, IRMA, ISACA, ISC2, ISSA, ISSEA, and is a senior member of the IEEE.