Vol. 10 Issue 1 Abstracts
Paper 1: Assessment of Mission Risk: Role of Protection of Information and Communication Technology Resources
Joobin Choobineh1, Evan E. Anderson1, Michael Fazen2, and Michael R. Grimaila3
1Department of Information and Operations Management
Texas A&M University, College Station, TX 77843-4217 USA
2LTC, FA/FA53
Plans Division Chief, 106th Signal BDE
Fort Sam Houston, TX 78234 USA
3Department of Systems and Engineering Management
Center for Cyberspace Research
Air Force Institute of Technology, Wright Patterson AFB, OH 45433-7765 USA
Abstract: The ability to assess risk to missions resulting from cyber incident is of paramount importance for command decision making. In this paper, a five step methodology to assess the risk to a mission resulting from cyber security breaches is presented. The methodology is based on modeling the activities of the mission and the impact of breaches of communications and information technology on the activities. The outcome of the methodology provides the commanders with an enhanced understanding and estimation of the impact of cyber attacks on their missions. The methodology is demonstrated through its application to a typical ground movement of troops.
Keywords: Risk Assessment, Mission Modeling, Business Process Modeling Notation
Paper 2: The Battle for Money Transfers: The allure of PayPal and Western Union over Familial remittance networks.
David M.Cook1,2, Timothy Smith1
1Edith Cowan University,
2SECAU – Security Research Centre
Abstract: Informal Money Transfer systems continue to provide importunate loopholes in the global wrestle against terrorism. Radical cells, as well as broader criminal networks, maintain their use of Hawala systems, but do so in concert with other informal transfer systems, largely to sidestep the regulatory and administrative management of formally institutionalized worldwide money transactions. At a time when financial acts are globally regulated under the Basel Accord and other global instruments, the enduring use of Informal Value Transfers (IVTs) in Australia is cause for mounting unease. To concentrate on the informal money transfer system known as Hawala, is to overlook much of the problem. PayPal and its related cyber-systems outperform Hawala transfers through the commercial necessity for fast, efficient capital mobility. This paper posits that prevention and mitigation strategies for the wider group of online financial transactions need urgent re-evaluation. The activities of PayPal, Western Union, and other cyber-dependent systems, conceal transactions that support terrorist and criminal activities.
Key Words: Hawala, Hawaladar, Informal Value Transfer, Non Government Organisations, Islamic Banking, Money Laundering, Remittance, eBay, Paypal, Western Union
Paper 3: Stewarding Situational Awareness and Highly Perishable Information
Chris Flaherty
Email: chris.flaherty@greymans.com
Abstract: The aim is to examine the concept of ‘highly perishable information’, and how an individual security person (police, security guard or steward) in high-density crowds achieves situational awareness. The specific focus is on the perception level issues, identifying the typical barriers to achieving situational awareness for volunteer stewards. This will look at case studies about stewards working in mass public events, and also lessons learned about public situational awareness from the Haymarket and London Underground incidents, amongst other examples. Recent research explores training and recruitment requirements for the 2012 Olympics volunteers, and identifies some issues that may be relevant to overcoming barriers to achieving lone situational awareness. This is then examined as an interposing tactics problem. The key finding is that recruitment of people likely, due to employment, education or community involvement to have greater situational awareness, can help offset a lack of suitable training. However, this nevertheless represents a reduced capability. This is because, the impact organisationally is an increased need to intensify command and control management.
Keywords: Situational Awareness, Highly Perishable Information, Interposing Tactics.
Paper 4: A Process for the Identification of Security Risks from Critical Infrastructure Interdependencies
P. Beraud1 and A. Ahmad2, 3
1Manager, Technical Architecture & Infrastructure Services
Australian Energy Market Operator Ltd
2Department of Information Systems
University of Melbourne, Australia
atif@unimelb.edu.au
3secau – Security Research Centre
Edith Cowan University
Perth, Western Australia
Abstract: Traditional security risk assessment takes a broad asset-based view of organizations. The risk identification process therefore focuses on well-known threats and vulnerabilities to static and discrete assets that fall within the scope of organizational boundaries under investigation. It does not offer a methodology or framework that systematically deals with risks that arise from the complex interdependencies[1] among the critical infrastructures2. To support this proposition, this paper conducts a systematic analysis of the security risks resulting from logical, cyber, geographical and physical interdependencies between telecommunications and power infrastructures. The analysis demonstrates that certain security risks arising from interdependencies cannot be identified using the traditional risk identification approach. A process model is then proposed to extend existing risk methodologies to include a systematic identification of the security risks that arise from the interdependencies of infrastructures.
Keywords: Critical Infrastructure Protection, Information Security, Security Risk Assessment