Cyber Security

The Persuasion Game: Serious Gaming Information Warfare and Influence

Abstract:

In an age of hybrid, asymmetric, and non-linear conflict, the role of Information Operations has become increasingly important. This paper presents a research project examining ways of better enabling stakeholders to respond to the increasing use of influence in warfare, in hybrid conflict, in competition, and in the realms of hard and soft politics. The project consisted of an international, cross-sector research group that drew on military, government, academic, and industry expertise in order to understand the best way to employ wargame influence. The use of wargaming as a training/research tool is familiar in military and civil contexts; the project discussed presents a truly innovative approach to influence studies, and shows the benefits of an interdisciplinary, cross-domain research team.

Information Security, Personality, and Justifications for Norm Violation

Abstract:

Human factors account for 27% of data breaches on the global scale. Even with clear and often strict policies in place, employees are often considered to be the weakest link in the field of Information Security (IS. This paper seeks to find one explanation for this phenomenon in military context by exploring military cadets’ personalities, as well as their reasons and justifications for using neutralisation techniques in order to deviate from organisational IS regulations. The results of this paper emphasise that a more personalised approach to IS education could be useful.

A Cyber Counterintelligence Matrix for Outsmarting Your Adversaries

Abstract:

While Cyber CounterIntelligence (CCI) has been a distinctive specialisation field for state security structures internationally for well over a decade, recently there has been growing recognition of CCI’s significance to non-state actors. CCI is central to proactively mitigating cyber risk and exploiting opportunities. With the growing recognition of CCI’s significance comes an appreciation of its complexity. CCI is all about outthinking and outwitting adversaries. This article advances a conceptual matrix that can serve both as a high-level ‘pocket guide’ for outsmarting adversaries and as an aid to academic research.

Assessing Cyber Security Threats and Risks in the Public Sector of Greece

Abstract:

Organisations having to cope with new threats and risks are increasing their focus and looking at novel ways to improve their cyber security assurance. As critical national infrastructures are becoming more vulnerable to cyberattacks, their protection becomes a significant issue for EU member states. The National Cyber Security Authority of Greece (NCSA) takes all necessary steps towards a secure Greek cyberspace.

Adversarial Artificial Intelligence: State of the Malpractice

Abstract:

ArtificialIntelligence (AI), widely deployed in society, is rapidly becoming the next major battleground. Our society depends on the power of AI to solve problems in multiple domains—including commercial, infrastructural, and military systems. But AI is also vulnerable to a variety of attacks, some of which are common across many types and deployments of AI.

Towards a Literature Review on Cyber Counterintelligence

Abstract:

For those connecting the dots, the threat landscape continues to affirm the necessity of having Cyber Counterintelligence (CCI) at the centre of cybersecurity efforts. Concurrent with the growing interest in CCI in corporate boardrooms and the corridors of governments, CCI is evolving from a field of academic enquiry to a distinctive academic sub-discipline. 

Developing a Cyber Operations Computational Ontology

Abstract: 

Cyber operations lack models, methodologies, and mechanisms to describe relevant data and knowledge. This problem is directly reflected when cyber operations are conducted, and their effects assessed, and it can produce dissonance and disturbance in corresponding decision-making processes and communication between different military actors.

Best Practices for Designing and Conducting Cyber-Physical-System War Games

Abstract:

Cyber war games have been shown to be useful for a broad range of purposes. The authors describe and compare  methods for  designing  realistic war games  in  the  domain of Cyber Physical Systems (CPS), review general methods for conducting war games, and illustrate best practices to assist researchers and practitioners in planning their own war games. 

Projected Territoriality: A Case Study of the Infrastructure of Russian Digital Borders

Abstract:

This  article  attempts  to  demonstrate  how  territoriality  can  be  projected  into cyberspace with respect to the infrastructure of a country. It is a case study of the delineation, protection, and control processes of Russia’s so-called digital borders. By combining analysis of border studies, information technology studies, and Russian studies, this article provides an interdisciplinary overview of the infrastructure of the Russian segment of the Internet and examines the principles and practises behind the Russian implementation of the concept of a national  segment  of  the Internet as an infrastructural element of delineating digital borders and achieving a functional digital sovereignty.

Towards a Reconceptualisation of Cyber Risk: An Empirical and Ontological Study

Abstract:

The prominence and use of the concept of cyber risk has been rising in recent years. This paper presents empirical investigations focused on two important and distinct groups within the broad community of cyber-defence professionals and researchers: (1) cyber practitioners and (2) developers of cyber ontologies.

Uncertain Security Community: Building Western Cyber-Security Order

Abstract:

Leading NATO countries (such as the United States, the United Kingdom, Germany, and France) are rather like-minded when it comes to cyber-threat assessments and cyber-security policy priorities. They share common security values and norms and identify common cyber threats. In this regard, they can be identified as members of the same security community. However, when it comes to strategies for building cyber security, there is disparity among them.

Cyber Apprenticeship: A Traditional Solution to a Vexing New Problem

Abstract:

This paper proposes a new approach to a relatively new and often vexing problem facing many businesses today: meeting the growing demands for a trained and certified cyber-security workforce. The proposed approach uses the traditional apprenticeship model, combined with the targeting of rural candidates as a mechanism to develop a greater loyalty to any firm making the investment.

Cyber Security in the Context of Armenia-NATO Cooperation

Abstract:

NATO is one of the main actors in the development and modernisation of the national security architecture of Armenia. One of the main research goals of the authors is to understand the qualitative and quantitative framework of Armenia-NATO cooperation. From this perspective, the authors of this article analyse cyber-security cooperation between Armenia and NATO based on DOTMLPF II components.

Preparation, Modelling, and Visualisation of Cyber Common Operating Pictures for National Cyber Security Centres

Abstract:

Common Operating Pictures (COPs) have long been a common denominator of effective cyber defence operations (for example, in law enforcement and the military). COPs are widely used to represent, visualise, and assess situations. In recent years, Cyber COPs (CCOPs) have become important in establishing cyber situational awareness. 

Should ‘RuNet 2020’ Be Taken Seriously? Contradictory Views about Cyber Security Between Russia and the West

Abstract:

Russia aims to create an independent state information system that ensures the network’s overall stability by controlling the Internet routing architecture inside Russia. A tightly regulated and secure ‘information space’ will not only ensure stronger defence against external attacks, but also increase offensive capabilities.

An Open-Source Tool to Support the Quantitative Assessment of Cyber Security for Software Intensive System Acquisition

Abstract:

This paper presents an open-source tool to support the quantitative assessment of software reliability and cyber security. The tool enables assessment of a system’s security from penetration-testing data and can be used to estimate the number of vulnerabilities remaining. This approach will enable organisations that acquire software to establish quantitative requirements for inclusion in contracts, thereby providing clear requirements for software and system developers to meet. The tool will enable contractors to regularly assess the security of their software, which will facilitate the identification and reporting of programs that may fail to achieve contractually specified security objectives.

Managing Cybercrimes through the Implementation of Security Measures

Abstract:

Today’s global environment has seen tremendous growth in the number of online transactions and Internet subscribers. This increase is creating a situation in which businesses are now largely dependent on information systems and their inherent technologies. The increase, however, is also causing a rise in the volume and extent of cybercrimes and security lapses.

Security-Information Flow in the South African Public Sector

Abstract:

Information-security management programs are becoming increasingly important in enabling organisations to promote a high level of accountability and good governance. Organisations need accurate and relevant real-time information to make effective and efficient decisions pertaining to cyber threats and attacks. Based on a qualitative study, this article introduces and discusses the components of an information-security management program.

The Role of the U.S. Military in Cyberspace

Abstract:

As the United States has grown dependent on cyberspace, the U.S. military has come to have an increasingly important role to play in protecting U.S. national interests in the cyber domain. In addition to operating and defending its own cyberspace resources and supporting other military missions, the U.S. military must now be prepared to defend the country as a whole. These missions require the military to innovate and to collaborate effectively with a whole host of international, governmental, and private sector actors.

A Century of Convergence: Technology, Ideology, and U.S. National Security

Abstract:

‘Convergence’ is a term typically used to denote the conflation of several technologies. In a larger sense, convergence can signify the blending of technology, law, policy, doctrine, and capability in ways that boost knowledge and power for those who compel or defend states. The world has become globalized in the sense that virtually anyone, anywhere, can be targeted. These awesome powers of surveillance and force are still growing, but their oversight lags far behind. Ironically, efforts to limit surveillance have helped to spur the overall growth of surveillance capabilities, in part to answer the growing demand for intelligence for precision targeting. Understanding the origins and current breadth of that gap is key to resolving it.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.871.3949
  • jiw@gbpts.com