Cognisance as a Human Factor in Military Cyber Defence Education

The authors may share the final published article on public non-commercial sites in the terms of the Creative Commons CC-BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0/. Additionally, the authors may use the article in a subsequent compilation of their work, or extend it to book length form, or include it in a thesis or dissertation, or otherwise to use or re-use portions or excerpts in other works, for both commercial and non-commercial purposes. All copies of the article should link to the original publication in IFAC PapersOnline via its DOI and have a copyright statement and a reference to the CC-BY-NC-ND license. Except for such uses, IFAC has the exclusive right to make or sub-license commercial useCyber Defence Exercises (CDX) are common training and learning tools. A recently discussed challenge in cyber defence teaching and training is the gap between the fast technological advancement accompanied by rapidly changing demands on future cyber defence operators, and the lack of science-based teaching and training methods. A growing body of evidence suggests a crucial role of human factors as a central predictor for human performance in sociotechnical systems. While this has been acknowledged in a wide range of safety-critical applied fields, there is still a lack of knowledge about the impact of human factors on cyber defence performance. The lack of conventional metrics of performance and learning progress contribute to this deficit. To address this gap, the Norwegian Defence Cyber Academy (NDCA) follows a science-based educational approach that identified in a series of empirical studies cognitive-psychological predictors for learning success of future cyber defence operators. These predictors and elements of a human factors research program are deeply embedded into educational practice and include processes such as metacognition, self-regulation, coping, communication and shared mental modelling. Slow education methods and mentoring are fundamental to enabling the advancement of human factors cognisance among military cyber cadets. As a tool for efficient training, the NDCA developed and implemented a mentoring concept that involves a cyber defence retrospective timeline analysis involving expert and practitioner level mentors. The timeline differentiates between performance relevant hard-and soft-skills and leads progressively towards an alignment of Security Operation Centre (SOC)-and expert judgments of performance. The NDCA argues that this educational concept facilitates educational benefits based on insight, accurate self-perception, motivation and decreased team workloads following more efficient collaboration.publishedVersio

The Federal Cybersecurity Workforce: Background and Congressional Oversight Issues for the Departments of Defense and Homeland Security

[Excerpt] This report examines congressional oversight of two strategies undertaken by Congress and the executive branch to strengthen the federal cybersecurity workforce: (1) initiatives to define and identify the federal cybersecurity workforce, and (2) hiring and pay flexibilities applicable to cybersecurity positions at DOD and DHS. This report focuses on DOD and DHS because of their key roles in federal cybersecurity and because the majority of hiring and pay flexibilities for cybersecurity professionals authorized by Congress apply to DOD and DHS

Secure web application development and global regulation

The World Wide Web (WWW) has been predominantly responsible for instigating radical paradigm transformations in today’s global information rich civilizations. Many societies have basic operational economical components that depend on Web enabled systems in order to support daily commercial activities. The acceptance of E-commerce as a valid channel for conducting business coupled with societal integration and dependence on Web enabled technology has instigated the development of local, national, and global efforts to regulate criminal activities on the World Wide Web. This paper makes two contributions. The first contribution is the high-level review of the United States and United Kingdom legislation that has developed from the escalation and integration of the World Wide Web into society. The second contribution is the support for the idea that legislative compatibility, in concert with an organization’s policy compatibility, needs to be acknowledged in secure Web application development methodologies

Department of Homeland Security Science and Technology Directorate: Developing Technology to Protect America

In response to a congressional mandate and in consultation with Department of Homeland Security's (DHS) Science and Technology Directorate (S&T), the National Academy conducted a review of S&T's effectiveness and efficiency in addressing homeland security needs. This review included a particular focus that identified any unnecessary duplication of effort, and opportunity costs arising from an emphasis on homeland security-related research. Under the direction of the National Academy Panel, the study team reviewed a wide variety of documents related to S&T and homeland security-related research in general. The team also conducted interviews with more than 200 individuals, including S&T officials and staff, officials from other DHS component agencies, other federal agencies engaged in homeland security-related research, and experts from outside government in science policy, homeland security-related research and other scientific fields.Key FindingsThe results of this effort indicated that S&T faces a significant challenge in marshaling the resources of multiple federal agencies to work together to develop a homeland security-related strategic plan for all agencies. Yet the importance of this role should not be underestimated. The very process of working across agencies to develop and align the federal homeland security research enterprise around a forward-focused plan is critical to ensuring that future efforts support a common vision and goals, and that the metrics by which to measure national progress, and make changes as needed, are in place

Factors that Affects the Agriculture Extension Officers’ Skills on Cyber Extension-Based Agriculture Extension

In the cyber extension implementation, it was found that agriculture extension officers still have limited skills, namely in knowledge, attitude and skills in practice. Agriculture extension officers, who were expected to be capable in extending information about agriculture growth and motivating society to act right under the demand of information technology development, were not capable to fulfill the standard competition. This study was trying to cover that area and in the same time to study extension officers’ skills. The aim of this research was to know extension officers’ skills on cyber extension-based agriculture extension and factors that affected extension officers’ skills on cyber extension-based agriculture extension. This research was held in Tulungagung Regency, East Java, by taking samples of 105 agriculture extension officers using the simple random sampling technique. Data then was analyzed with path analysis. Form the analysis result that was based on Bloom’s psychomotoric Aspect distribution, it found that the psychomotoric skill of Tulungagung Regency’s agriculture extension officers was on perception level but there was some extension officers that reached origination level. Whereas, the result of path analysis concluded that factors that affected the extension officers on cyber extension-based agriculture extensions in Tulungagung Regency were the extension officers’ knowledge and attitude on cyber extension. Keywords : cyber extension, extension officer, training, knowledge, attitude dan skills

Recruiting the cyber leader: an evaluation of the human resource model used for recruiting the Army’s "Cyber Operations Officer"

Includes supplementary materialFor the first time since the creation of the Special Forces branch in 1987, the Army authorized the creation of a new branch, the Cyber branch. With this, the Army joined the ranks of other organizations in this rapidly expanding arena. The Army found itself in a situation where it needed to quickly fill the positions required of this new branch. To accomplish this goal the Army developed a recruitment strategy based on the Army human resource management model. The purpose of our research is to evaluate the effectiveness of that model to recruit Cyber Operations Officers and to examine the effects of its continued use. To perform this evaluation we conduct an operational assessment that included identifying and assessing measures of performance (MOPs) and measures of effectiveness (MOEs) based on data collected from: Army institutions; a survey of the Cyber Branch population; and the Person-Event Data Environment database. Our research also examined recruitment strategies and practices in other selected organizations to identify practical recommendations for improvements to current Army practices. The results of this research suggest that while the Army was generally successful in accomplishing the identified tasks of its recruitment strategy, there were inconsistencies in its application. Additionally, through analysis of the survey data we were able to identify attributes that had the most impact on achieving desired effects. Finally, we found that the Army did not recruit in accordance with best practices for the cyber workforce and that it did not use available tools to measure aptitude in its recruitment and the selection process. We identify some practical implications and provide recommendations for further research in this fast-paced operational environment.http://archive.org/details/recruitingcyberl1094556161Major, United States ArmyMajor, United States ArmyApproved for public release; distribution is unlimited

An Examination of the Role of vCISO in SMBs: An Information Security Governance Exploration

Information security threats and their associated breaches are exponentially growing, with millions of records containing personally identified information released to the public each year. Cyber incidents targeting businesses nearly doubled in US past 6 years, with more than 130 large-scale targeted breaches per year in U.S. In the first half of 2020, 36 billion records were exfiltrated by external hackers, with the average cost to recover from a cyber-attack averaging $21.00 per record. While Small and Mid-sized Businesses (SMBs) attempt to stay ahead of this growing trend and protect organizational data, they have specific behaviors that do not affect larger organizations. The four behaviors (non-strategic executive-level sponsorship, apathetic risk management procedures, constrained resources, and non-existent technical skills) are identified in the literature and recognized within the small to midsized industry. If not correctly identified and remediated, these behaviors may impede the businesses from protecting information assets and achieve a mature level of information security governance. To assist organizations in achieving information security governance, the literature identifies five domains that all organizations should possess for organizational alignment and governance maturity. These governance domains are Strategic Alignment, Value Delivery, Risk Management, Performance Measurement, and Resource Management. However, extant literature does not align the five governance domains with the small to midsized business behaviors, nor provide a solution to assist SMBs in achieving information security governance. The literature review focused on four main aspects that are relevant to the study: SMB Characteristics, Virtual Leadership, Information Security Governance, and Information Security program. Previous research identified how similar organizations utilized virtual leadership positions to overcome SMB behaviors to attain organizational business requirements but did not identify virtual positions that can assist SMBs with information security governance. To bridge this gap, this study explored a recent phenomenon, identified as a virtual Chief Information Security Officer (vCISO), that can align the SMB behaviors with the five governance domains and provide a viable solution for SMBs to achieve Information Security Governance within the identified behaviors. Specifically, this qualitative exploratory study interviewed six vCISOs and 14 companies to examine the role the vCISO provided in bridging SMB’s organizational behaviors with the five Information Security Governance domains