DRONE DELIVERY OF CBNRECy – DEW WEAPONS Emerging Threats of Mini-Weapons of Mass Destruction and Disruption (WMDD)

Drone Delivery of CBNRECy – DEW Weapons: Emerging Threats of Mini-Weapons of Mass Destruction and Disruption (WMDD) is our sixth textbook in a series covering the world of UASs and UUVs. Our textbook takes on a whole new purview for UAS / CUAS/ UUV (drones) – how they can be used to deploy Weapons of Mass Destruction and Deception against CBRNE and civilian targets of opportunity. We are concerned with the future use of these inexpensive devices and their availability to maleficent actors. Our work suggests that UASs in air and underwater UUVs will be the future of military and civilian terrorist operations. UAS / UUVs can deliver a huge punch for a low investment and minimize human casualties.https://newprairiepress.org/ebooks/1046/thumbnail.jp

Cyber defensive capacity and capability::A perspective from the financial sector of a small state

This thesis explores ways in which the financial sectors of small states are able todefend themselves against ever-growing cyber threats, as well as ways these states can improve their cyber defense capability in order to withstand current andfuture attacks. To date, the context of small states in general is understudied. This study presents the challenges faced by financial sectors in small states with regard to withstanding cyberattacks. This study applies a mixed method approach through the use of various surveys, brainstorming sessions with financial sector focus groups, interviews with critical infrastructure stakeholders, a literature review, a comparative analysis of secondary data and a theoretical narrative review. The findings suggest that, for the Aruban financial sector, compliance is important, as with minimal drivers, precautionary behavior is significant. Countermeasures of formal, informal, and technical controls need to be in place. This study indicates the view that defending a small state such as Aruba is challenging, yet enough economic indicators indicate it not being outside the realm of possibility. On a theoretical level, this thesis proposes a conceptual “whole-of-cyber” model inspired by military science and the VSM (Viable Systems Model). The concept of fighting power components and governance S4 function form cyber defensive capacity’s shield and capability. The “whole-of-cyber” approach may be a good way to compensate for the lack of resources of small states. Collaboration may be an only out, as the fastest-growing need will be for advanced IT skillsets

Barriers to Secure ICT in a Maritime Environment

The purpose of the research reported in this thesis was to investigate the barriers to ICT security in a maritime environment so that the findings of the research can be used to develop a secure ICT maritime profile that will be capable of being updated on an on-going basis. This is an important area of research because the maritime sector is increasingly reliant upon ICT yet there is evidence that ICT security and the potential threats and consequences if ICT is not available when needed have not been given the attention they deserve. Indeed, the literature review carried out as part of this research pointed to a big gap in the maritime literature regarding ICT security. Literature from non-maritime specific fields was used to establish a basic understanding of the barriers most likely to be relevant and provide key terminology for use in this research. Empirical data were collected from semi-structured interviews with Royal Naval personnel and informal discussions with Merchant Navy officers. A robust yet flexible approach was used to interpret the results and thus identify the barriers, many of which are caused by complex interactions between social and technical factors, particularly on-board ships. Nine barriers to ICT security were revealed. They are: tensions experienced between security experts and ICT users; operational imperatives override security requirements; security requirements impeding business process; a limited ability to recover from disruption; unable or unwilling to share security incident information; Inadequate security training; disruption to situational awareness; unpredictable behaviour of people in difficult situations; and a lack of ICT security awareness. A new understanding of barriers arose from further interpretation of the findings, the results of which led to recommendations for the design for an updateable maritime ICT security profile that could be used to guide relevant staff (including Ship’s Security Officers) and as a tool to raise security awareness for non-experts

Optimizing Proactive Measures for Security Operations

Digital security threats may impact governments, businesses, and consumers through intellectual property theft, loss of physical assets, economic damages, and loss of confidence. Significant effort has been placed on technology solutions that can mitigate threat exposure. Additionally, hundreds of years of literature have focused on non-digital, human-centric strategies that proactively allow organizations to assess threats and implement mitigation plans. For both human and technology-centric solutions, little to no prior research exists on the efficacy of how humans employ digital security defenses. Security professionals are armed with commonly adopted "best practices" but are generally unaware of the particular artifacts and conditions (e.g., organizational culture, procurement processes, employee training/education) that may or may not make a particular environment well-suited for employing the best practices. In this thesis, I study proactive measures for security operations and related human factors to identify generalizable optimizations that can be applied for measurable increases in security. Through interview and survey methods, I investigate the human and organizational factors that shape the adoption and employment of defensive strategies. Case studies with partnered organizations and comprehensive evaluations of security programs reveal security gaps that many professionals were previously unaware of --- as well as opportunities for changes in security behaviors to mitigate future risk. These studies highlight that, in exemplar environments, the adoption of proactive security assessments and training programs lead to measurable improvements in organizations' security posture

Embedding risk management within new product and service development of an innovation and risk management framework and supporting risk processes, for effective risk mitigation : an action research study within the Information and Communication Technology (ICT) Sector

At first glance, innovation and risk management seem like two opposing disciplines with diverse objectives. The former seeks to be flexible and encourages enhanced solutions and new ideas, while the latter can be seen as stifling such innovative thinking. Since there is a failure rate of as many as eight out of every ten products launched, it is perhaps necessary for organisations to consider applying more structured approaches to innovation, in order to better manage risks and to increase the chances of delivering improved goods and services. A risk management approach is well suited to address the challenge of failure, as it focuses not only on the negative impact of risks but also on the opportunities they present. It aligns these with the strategic objectives of the organisation to increase the chances of its success. The research objective of this study was to establish how to embed risk management within the innovation divisions of an organisation to ensure that more efficient products and services are delivered to customers. To achieve this end, action research was conducted in a large organisation operating in a high-technology environment that launches many diverse products and services and rapidly expanding service offerings to other industries. The study took four years to complete and delivered multiple interventions that successfully embedded risk management within the organisation, leading to changed behaviours and double-loop learning. Two main knowledge contributions are offered by the study. Firstly, a generic and empirically validated integrated Innovation and Risk Management Framework (IRMF) is developed and guides new product and service development by considering both best practices and risks. Secondly, a risk dashboard is designed as a design science artefact within the action research cycles, which consolidates all the knowledge that was generated during the study. This is ultimately a visual interface to support stage-gate decision making. Since the context of the study was broad, extensive and complicated, the use of mixed-method research complemented and expanded on the findings by providing another layer of support and validation. This thesis highlights the complexity of innovation and presents the need for an organising framework that will encourage innovation but is sufficiently flexible to cater for diverse needs and risks. The study delivers several other, valuable contributions regarding what, how and why incidents occur within the real-world context of new product and service development. Several generic artefacts, such as risk processes and maturity frameworks, are also developed, which can guide risk and new product and service development practitioners to deliver more efficient product and services. This study offers several novel approaches to evaluating risks and provides practical support and recommendations, addressing shortcomings of fragmented research in similar, but smaller-scale studies that have been conducted in information systems. It is the premise of this research that a much wider number of risks need to be managed as new products and services are developed, than was noted in previous studies. Effective risk management in new product and service development could lead to competitive advantage for organisations by increasing knowledge and facilitating sustainable, informed risk decision-making

Foundations of Trusted Autonomy

Trusted Autonomy; Automation Technology; Autonomous Systems; Self-Governance; Trusted Autonomous Systems; Design of Algorithms and Methodologie