Editorial

Welcome to the third issue of JIW for 2011 and the 30^th issue overall. The Journal of Information Warfare is committed to an involvement in the wider discipline of information warfare and information operations. This issue considers a range of issues relating to security and risk within the broad frame of Information Warfare.

 This issue has three papers.  The paper by Saara Jantunen and Aki-Mauri Huhtinen examines cyber discourse within the framework of Information Warfare. It concludes that cyber is a synonym to threat and that from an American perspective the internet is seen more as a battle field than a medium for information sharing.

 The paper by Anthonie Ruighaver, Matt Warren and Atif Ahmad presents an alternative view to the existing traditional method of risk assessment for information security. The paper examines the traditional risk assessment process, and then proposes a split assessment in order to show a more practical way of applicable risk assessment at the organisational level. The resulting framework places a significantly greater emphasis upon situational awareness, thus allowing more clarity in prioritising and decision-making.

 The third paper by Richard Overill and Jantje Silomon looks at cyber crime through the examination of a range of computer crime surveys. The examination specifically looks at whether there is a power law relationship in terms of computer crime. The paper reveals a distinction between opportunistic cyber-crime and serious organised cyber crime of significant proportions.

 As this is the last issue for this year my thanks goes out to all the authors, advisors and reviewers (who take on the task voluntarily) who have responded to my many editorial requests. Your timely responses were highly appreciated. I would also like to put in a special mention for Laima Croft who is particularly flexible and generous with her contributions in getting the Journal’s issues prepared and readied.

David Cook

Coordinating Editor

December 2011

d.cook@ecu.edu.au

Table of Contents

Paper 1: American perspectives on cyber and security: Coining the linguistic tradition

S.Jantunen, A. Huhtinen

Paper 2: Does traditional security risk assessment have a future in Information Security?

A. B. Ruighaver, M. Warren, A. Ahmad

Paper 3: Single and Double Power Laws for Cyber-Crimes

R. E. Overill, J. A. M. Silomon

About the Authors

Aki-Mauri Huhtinen, Professor, LTC (G.S) is docent of practical philosophy in the University of Helsinki and docent of social consequences of media and information technology in the University of Lapland. The author is also docent of information security and information operations in the University of Technology in Tampere. Huhtinen works at the Department of Leadership and Military Pedagogy in the Finnish National Defence University.

 Anthonie Ruighaver is an Honorary Fellow at Deakin University in the School of Information Systems in the Faculty of Business and Law.  He is a regular contributor to the Information Security Research Group.   Previously he was the head of the Computer Security and Forensics Group based  at the University of Melbourne. He was the coordinator of an E-crime course conducted as part of a collaboration between Melbourne University and Victoria Police. Dr. Ruighaver’s primary interests are in Security Governance and Computer Forensics.

 Atif Ahmad is an information security researcher and independent security consultant based at the Department of Information Systems, University of Melbourne. His research interests are in asymmetric warfare and information security risk assessments especially where knowledge artefacts are concerned. In previous years Atif has worked as a consultant for Pinkerton and Worley Parsons where he applied his expertise to Internet corporations and critical infrastructure installations. Atif is a Board Certified Protection Professional (CPP) with the American Society for Industrial Security and holds an adjunct position at the secau Security Research Centre at Edith Cowan University.

 Jantje A M Silomon obtained her Bachelor’s degree in Computer Science from King’s College London, and her Master’s degree in International Security and Global Governance from Birkbeck, University of London. She is currently a Research Associate on the US Office of Naval Research ‘Strategy and the Network Society’ project, and has co-authored seven international conference papers on digital forensics and cybercrime.

 Matthew Warren is a Professor at Deakin University in the School of Information Systems in the Faculty of Business and Law. His research interests are Computer Ethics, Critical Infrastructure Protection, ICT Policy and Information Security Management. He is an editor of the Journal of Information Warfare. He is the Convenor for the Deakin University Information Security Research Group and contributes to the Small and Medium Enterprise Research Group. Previously he was Head of the School of Information Technology, Deakin University, Australia and before that he was an Information Systems lecturer at the Plymouth Business School, UK. He has a PhD in Information Security Management from Plymouth University, UK and during that time worked on several large European Union research projects.

 Richard E Overill obtained his BSc and PhD degrees from the University of Leicester, UK. He has held the positions of Special Lecturer in Computing Methods and Senior Analyst, Lecturer in Computer Science, and Senior Lecturer in Computer Science, all based at King’s College London, University of London. As well as holding the designations of Chartered IT Professional, Chartered Mathematician, Chartered Scientist and Chartered Engineer, he is a Fellow of the British Computer Society, the Institute of Mathematics and its Applications, and the UK Higher Education Academy. His research output includes over 85 refereed papers in international journals, international conference proceedings, and edited volumes, covering topics in computational quantum theory, high-performance computing, and, since 1995, many aspects of information security including fraud detection, information warfare, cybercrime and digital forensics. He is currently joint Principal Investigator of a two-year project funded by the US Office of Naval Research entitled ‘Strategy and the Network Society’, in collaboration with colleagues from the Department of War Studies at King’s College London.

 Saara Jantunen has studied English language and culture in the University of Groningen, and English philology in the University of Helsinki. Currently she is writing her doctoral dissertation in the Finnish National Defence University, where she majors in leadership. Her research interests include language and identity, ideology in discourse, strategic communication and multimodal discourse. Jantunen currently works in education.