Cyber Supply Chain Risk Management: Implications for the SOF Future Operating Environment

The emerging Cyber Supply Chain Risk Management (C-SCRM) concept assists at all levels of the supply chain in managing and mitigating risks, and the authors define C-SCRM as the process of identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of information and operational technology products and service supply chains. As Special Operations Forces increasingly rely on sophisticated hardware and software products, this quick, well-researched monograph provides a detailed accounting of C-SCRM associated laws, regulations, instructions, tools, and strategies meant to mitigate vulnerabilities and risks—and how we might best manage the evolving and ever-changing array of those vulnerabilities and risks

Urban Planning: Post Pandemic America

Today’s urban planners have little to no experience dealing with pandemics as the modern focus in the field has turned away from infectious disease and public health and realigned itself with modest, long-term, encompassing health goals. Considering this, this analysis will focus on two historical case studies of past pandemics and what took place in their planning aftermath. The information garnered will then be used to hypothesize what new changes to state general plan guidelines may be warranted to mitigate the impacts of future pandemics

Digital Weapons of Mass Destablization

In the coming decade, a global proliferation of networked technologies will widen the cyber threat landscape. Pairing new and unforeseen cyber vulnerabilities with weapons of mass destruction (WMD) increases the secondary threats that cyber attacks bring and also necessitates a shift in definitions. WMD will become weapons of mass destabilization, allowing adversaries to gain strategic advantage in novel ways. Altering this definition provides clarity and specific actions that can be taken to disrupt, mitigate and recover from this combined threat. Additionally, a new class of Digital WMD (DWMD) will emerge, threatening military, government, and civilian targets worldwide. These combined and new threats will require the expansion of current defensive or mitigation activities, partnerships, and preparationhttps://digitalcommons.usmalibrary.org/aci_books/1035/thumbnail.jp

Emerging Risks in the Marine Transportation System (MTS), 2001- 2021

How has maritime security evolved since 2001, and what challenges exist moving forward? This report provides an overview of the current state of maritime security with an emphasis on port security. It examines new risks that have arisen over the last twenty years, the different types of security challenges these risks pose, and how practitioners can better navigate these challenges. Building on interviews with 37 individuals immersed in maritime security protocols, we identify five major challenges in the modern maritime security environment: (1) new domains for exploitation, (2) big data and information processing, (3) attribution challenges, (4) technological innovations, and (5) globalization. We explore how these challenges increase the risk of small-scale, high-probability incidents against an increasingly vulnerable Marine Transportation System (MTS). We conclude by summarizing several measures that can improve resilience-building and mitigate these risks

Cross Domain IW Threats to SOF Maritime Missions: Implications for U.S. SOF

As cyber vulnerabilities proliferate with the expansion of connected devices, wherein security is often forsaken for ease of use, Special Operations Forces (SOF) cannot escape the obvious, massive risk that they are assuming by incorporating emerging technologies into their toolkits. This is especially true in the maritime sector where SOF operates nearshore in littoral zones. As SOF—in support to the U.S. Navy— increasingly operate in these contested maritime environments, they will gradually encounter more hostile actors looking to exploit digital vulnerabilities. As such, this monograph comes at a perfect time as the world becomes more interconnected but also more vulnerable

Design of Inexpensive and Easy To Use DIY Internet of Things Platform

This thesis focuses on the design and implementation of a new, inexpensive, and less complex system for a Do-It-Yourself (DIY) Internet of Things (IoT) platform. The hardware aspects focus on a new chip called the ESP8266 which contains both microcontroller and WiFi connectivity capabilities in an extremely affordable package. The system uses the Arduino IDE to program the ESP8266, which is known to be an extremely user-friendly environment. All other software is both free and easy to use. Past methods of creating IoT projects involved either expensive hardware, often ranging from $50-$100 per node, or complicated programming requiring a full computer, or a constant connection to an immobile power source. This method costs as little as $2.50, can last for months or even years off of batteries, can be smaller than a quarter, and only requires a few lines of code to get data moving, making this platform much more attractive for ubiquitous use

The Economic Measurement of Cyber Incidents

In recent decades, Information and Communication Technologies (ICT) have significantly evolved, further establishing the information society. However, ICT systems are subject to security incidents, and most malicious attacks have cascading effects. Decision-makers need to understand the potential financial effects of incidents if they wish to clearly perceive the potential risks and thus make an appropriate allocation of resources to ICT security.Our research attempts to develop a comprehensive toolset for the analysis of cybersecurity incidents. The toolset is based on conventional methodologies of cash-flow evaluation and balance of payments. We discuss several use cases of real-world examples with incidents affecting essential service providers and manufacturers. The case studies involve incidents affecting energy service providers, banks, water utilities, aircraft manufacturers, car manufacturers, IT software providers, air, rail, and water transport companies, the pharmacy, and the health sector. Analysis of the incidents involves our framework being applied at three levels: organisational, governmental, and international