“Success Is Invisible, But Failure Is Public”: Examining The U.S. Office Of Personnel Management Data Records Breach

In 2015, the U.S. Office of Personnel Management (OPM) suffered one of the largest governmentrelated data breaches in U.S. history. A total of 4.2 million personnel records, 21.5 million background check records, and 5.6 million sets of fingerprints were exfiltrated in a sophisticated, multi-stage cyber espionage operation linked to state-sponsored actors. Such a large data breach invited bipartisan criticism of the agency’s handling of the incidents and thrust the federal government’s cybersecurity preparedness into the limelight. This paper seeks to answer a set of five interrelated questions: 1) What happened in the 2015 U.S. Office of Personnel Management Data breach, and what were the impacts? 2) Did a lack of technical capability hinder OPM’s efforts to detect and block unauthorized access to its network? 3) Were organizational and management weaknesses more to blame? 4) Did the cybersecurity posture at OPM before the incidents change after the events in 2014 and 2015? 5) What can be done by the Office of Personnel Management to prevent or mitigate the damage from similar cyber activities in the future? To answer these questions, this paper first introduces the concept of the “cybersecurity toolkit” to better understand contemporary cyber issues. Second, the OPM case study is discussed, including a timeline of events and key actors. Third, this paper examines the technical, management, and compliance-related factors that contributed to the breaches, including a compilation and analysis of OPM Inspector General cybersecurity audit data from 2007 to 2017. Finally, this paper discusses the short- and long-term impacts of the OPM breach and offers recommendations to improve cybersecurity at OPM and within the federal government.Plan II Honors Progra

Is the Transit Industry Prepared for the Cyber Revolution? Policy Recommendations to Enhance Surface Transit Cyber Preparedness

The intent of this study is to assess the readiness, resourcing, and structure of public transit agencies to identify, protect from, detect, respond to, and recover from cybersecurity vulnerabilities and threats. Given the multitude of connected devices already in use by the transit industry and the vast amount of data generated (with more coming online soon), the transit industry is vulnerable to malicious cyber-attack and other cybersecurity-related threats. This study reviews the state of best cybersecurity practices in public surface transit; outlines U.S. public surface transit operators’ cybersecurity operations; assesses U.S. policy on cybersecurity in public surface transportation; and provides policy recommendations that address gaps or identify issues for Congress, the Executive Branch, and the public surface transit agencies. Research methods include an online survey of public surface transit professionals in the United States and oral interviews conducted with members of the Executive Branch (e.g., U.S. Department of Transportation, U.S. Department of Homeland Security, The White House, and others), as well as research of literature published in periodicals

Best Practices for Critical Information Infrastructure Protection (CIIP): Experiences from Latin America and the Caribbean and Selected Countries

Over the past few decades, Latin America and the Caribbean (LAC) has witnessed numerous changes in its development, with most being beneficial. Positive changes relate to sizable growth and expansion of the region’s network infrastructure sectors, such as transport, energy, and information and communications technologies (ICT), among others. In many cases, ICT interconnects these critical infrastructures, creating substructures referred to as critical information infrastructures (CIIs). This publication is written to provide insights to the strategic thinking behind the creation of the national critical information infrastructure protection (CIIP) frameworks. It also builds its recommendations on in-depth analysis of the best CIIP practices around the world, with consideration of the region-specific landscape to originate a base line from which further development can be delineated

Organizational Conflict Within the Department of Homeland Security

This thesis seeks to explain why the Department of Homeland Security had difficulty fulfilling its roles when it was formed, specifically its role as grant administrator. Role theory surmises that conflict arises from unclear expectations, conflicting expectations, and too many roles. This study utilized various public testimonies, legislation, and other government documents to examine how the missions of the twenty-two agencies that were merged together to make up DHS changed. Even though DHS has changed continually over the five years since its existence most employees seem to be clear on the mission of the organization in which they work. However, there is still a considerable amount of conflict resulting from the agencies being forced together in such a frankensteinian way

What Ukraine Taught NATO about Hybrid Warfare

Russia’s invasion of Ukraine in 2022 forced the United States and its NATO partners to be confronted with the impact of hybrid warfare far beyond the battlefield. Targeting Europe’s energy security, Russia’s malign influence campaigns and malicious cyber intrusions are affecting global gas prices, driving up food costs, disrupting supply chains and grids, and testing US and Allied military mobility. This study examines how hybrid warfare is being used by NATO’s adversaries, what vulnerabilities in energy security exist across the Alliance, and what mitigation strategies are available to the member states. Cyberattacks targeting the renewable energy landscape during Europe’s green transition are increasing, making it urgent that new tools are developed to protect these emerging technologies. No less significant are the cyber and information operations targeting energy security in Eastern Europe as it seeks to become independent from Russia. Economic coercion is being used against Western and Central Europe to stop gas from flowing. China’s malign investments in Southern and Mediterranean Europe are enabling Beijing to control several NATO member states’ critical energy infrastructure at a critical moment in the global balance of power. What Ukraine Taught NATO about Hybrid Warfare will be an important reference for NATO officials and US installations operating in the European theater.https://press.armywarcollege.edu/monographs/1952/thumbnail.jp

The Legal and Regulatory Aspect of International Cybercrime and Cybersecurity: Limits and Challenges

The development of the internet and digital technologies represent a major opportunity for humanity in transforming businesses and providing new tools for everyday communication. Internet users are spending increasing amounts of time online and undertaking a greater range of online and social networking activities. However, just like a double edged sword, the internet also presents opportunities to cybercrimes in the Information society. The nature of some ‘traditional’ crime types has been transformed by the use of computers and other information communications technology (ICT) in terms of its scale and reach, with risks extending to many aspects of social life, such as financial transactions, sexual offences, harassment and threatening behavior, and commercial damage and disorder. Cybercrime is a transnational menace in the sense that it cuts across borders. The most critical challenges of the information society have been the security of digital data and information systems and the prevention of the malicious misuse of information communications technologies by cyber criminals, terrorist groups, or state actors. Measures to address these security challenges of the information society birthed a concept known as “cyber security”. Cyber security seeks to promote and ensure the overall security of digital information and information systems with a view to securing the information society. Thus, the concept is broadly concerned with social, legal, regulatory and technological measures that will ensure the integrity, confidentiality, availability and the overall security of digital information and information systems in order to achieve a high degree of trust and security necessary for the development of a sustainable information cyber space. This dissertation contends that, on the one hand, International laws are behind in providing proper regulatory coverage for cybercrime, while, on the other hand, existing regulations have largely been unsuccessful in containing cyber security threats primarily due to complications caused by the disharmonization of cyber security laws and regulation. This dissertation also attempts to discuss the legal and regulatory aspects of cyber security in International law. An analysis of international, regional and national regulatory responses to cyber security in both developed and developing countries was made. It calls attention to the limits and challenges of these regulatory responses in the promotion of cyber security and explores several regulatory measures to address the highlighted challenges with a view to promoting global cyber security. It suggests several regulatory measures to enhance global cyber security and also emphasizes the need for the collective responsibility of states for global cyber security