Soft systems methodology in net-centric cyber defence system development

Complexity is ever increasing within our information environment and organisations, as interdependent dynamic relationships within sociotechnical systems result in high variety and uncertainty from a lack of information or control. A net-centric approach is a strategy to improve information value, to enable stakeholders to extend their reach to additional data sources, share Situational Awareness (SA), synchronise effort and optimise resource use to deliver maximum (or proportionate) effect in support of goals. This paper takes a systems perspective to understand the dynamics within a net-centric information system. This paper presents the first stages of the Soft Systems Methodology (SSM), to develop a conceptual model of the human activity system and develop a system dynamics model to represent system behaviour, that will inform future research into a net-centric approach with information security. Our model supports the net-centric hypothesis that participation within a information sharing community extends information reach, improves organisation SA allowing proactive action to mitigate vulnerabilities and reduce overall risk within the community. The system dynamics model provides organisations with tools to better understand the value of a net-centric approach, a framework to determine their own maturity and evaluate strategic relationships with collaborative communities

Secure portable execution and storage environments: A capability to improve security for remote working

Remote working is a practice that provides economic benefits to both the employing organisation and the individual. However, evidence suggests that organisations implementing remote working have limited appreciation of the security risks, particularly those impacting upon the confidentiality and integrity of information and also on the integrity and availability of the remote worker’s computing environment. Other research suggests that an organisation that does appreciate these risks may veto remote working, resulting in a loss of economic benefits. With the implementation of high speed broadband, remote working is forecast to grow and therefore it is appropriate that improved approaches to managing security risks are researched. This research explores the use of secure portable execution and storage environments (secure PESEs) to improve information security for the remote work categories of telework, and mobile and deployed working. This thesis with publication makes an original contribution to improving remote work information security through the development of a body of knowledge (consisting of design models and design instantiations) and the assertion of a nascent design theory. The research was conducted using design science research (DSR), a paradigm where the research philosophies are grounded in design and construction. Following an assessment of both the remote work information security issues and threats, and preparation of a set of functional requirements, a secure PESE concept was defined. The concept is represented by a set of attributes that encompass the security properties of preserving the confidentiality, integrity and availability of the computing environment and data. A computing environment that conforms to the concept is considered to be a secure PESE, the implementation of which consists of a highly portable device utilising secure storage and an up-loadable (on to a PC) secure execution environment. The secure storage and execution environment combine to address the information security risks in the remote work location. A research gap was identified as no existing ‘secure PESE like’ device fully conformed to the concept, enabling a research problem and objectives to be defined. Novel secure storage and execution environments were developed and used to construct a secure PESE suitable for commercial remote work and a high assurance secure PESE suitable for security critical remote work. The commercial secure PESE was trialled with an existing telework team looking to improve security and the high assurance secure PESE was trialled within an organisation that had previously vetoed remote working due to the sensitivity of the data it processed. An evaluation of the research findings found that the objectives had been satisfied. Using DSR evaluation frameworks it was determined that the body of knowledge had improved an area of study with sufficient evidence generated to assert a nascent design theory for secure PESEs. The thesis highlights the limitations of the research while opportunities for future work are also identified. This thesis presents ten published papers coupled with additional doctoral research (that was not published) which postulates the research argument that ‘secure PESEs can be used to manage information security risks within the remote work environment’

NEW BRAINS FOR THE DEFENCE SYSTEM : Systematic view on the Finnish Defence Forces on the edge of Artificial Intelligence revolution

There are about 3,5 billion smartphones in the world, and all users can use applications based on the research of Artificial Intelligence. The rapid expansion of this research to the new areas creates both new threats and possibilities for the defence systems in the future. The Finnish Defence Forces is obligated to plan, implement, and maintain ade-quate military capabilities for all risk dimensions, and an essential question is raised, how to prepare the whole defence system for the future development of Artificial Intelligence as an emerging research area. To answer this question, the Soft System Methodology is chosen for the main method of this study. This methodology is suitable for the future studies, when the area of study is complex, organized, self-regulating, dynamic, and in interaction with its environment. This provides a needed holistic approach to the defence system along with a foresight perspective. The other method, document analysis is focusing on the open sources and used to study the characteristics of the defense system and the history of technological development. The third method, deductive reasoning, is used especially in model creation and risk analysis. As a result, this study presents five recommendations for the organization: - the organization should increase the intensity of collecting data - the organization should improve the capability to store and share data - the organization should boost the training of agile methods with the experimental projects - the organization should tune-up organizational culture to match the future - the organization should keep on monitoring the development of AI The research results can be summarized in the following conclusion: it is important to choose the role we want to play in this potential Artificial Intelligence revolution - today’s decisions matter the most for the future.Maailmassa on noin 3,5 miljardia älykännykkää, joissa voidaan käyttää applikaatioita, jotka perustuvat tekoälytutkimukseen. Tämän tekoälytutkimuksen nopea leviäminen uusille alueille luo uusia uhkia ja mahdollisuuksia puolustusjärjestelmille tulevaisuudessa. Suomen Puolustusvoimilla on velvoite suunnitella, rakentaa ja ylläpitää riittäviä sotilaallisia suorituskykyjä kaikkia uhkaulottuvuuksia varten, mikä herättää kysymyksen siitä, miten koko puolustusjärjestelmän tulisi varautua tulevaisuuteen nopeasti kehittyvän tekoälytutkimuksen takia. Tässä tutkimuksessa esitettyyn kysymykseen vastataan pehmeän systeemimetodologian avulla, joka on valittu tutkimuksen päämetodiksi. Se soveltuu tulevaisuuden tutkimuksen menetelmäksi, kun tutkittava alue on monimutkainen, organisoitu, it-sesäätelevä, dynaaminen ja vuorovaikutteinen ympäristönsä kanssa. Tämä mahdollistaa puolustusjärjestelmän lähestymisen kokonaisvaltaisella ja tulevaisuuden näkökulman säilyttävällä tavalla. Toinen käytettävä metodi, avoimiin lähteisiin perustuva kirjallisuustutkimus, keskittyy tutkimuksessa puolustusjärjestelmän ominaispiirteisiin ja teknologisen kehityksen historiaan. Kolmatta metodia, deduktiivista päättelyä, käytetään erityisesti mallien luomisessa ja riskien analysoinnissa. Tutkimustuloksena esitetään organisaatiolle seuraavia suosituksia: - organisaation tulisi panostaa datan keräämisen tehokkuuteen - organisaation tulisi parantaa kykyä tallentaa ja jakaa dataa - organisaation tulisi tehostaa harjaantumista ketteriin menetelmiin kokeiluluonteisilla projekteilla - organisaation tulisi virittää organisaatiokulttuuriaan vastaamaan tulevaisuutta - organisaation tulisi jatkaa tekoälyn kehittymisen seurantaa Tutkimustulokset voidaan tiivistää seuraavaan johtopäätökseen: on tärkeää päättää, missä roolissa haluamme kohdata tulevaisuudessa mahdollisen tekoälyn vallankumouksen - tämän päivän päätöksillä on kaikkein tärkein merkitys tulevaisuuden kannalta

CRUSOE: A Toolset for Cyber Situational Awareness and Decision Support in Incident Handling

The growing size and complexity of today’s computer network make it hard to achieve and maintain so-called cyber situational awareness, i.e., the ability to perceive and comprehend the cyber environment and be able to project the situation in the near future. Namely, the personnel of cybersecurity incident response teams or security operation centers should be aware of the security situation in the network to effectively prevent or mitigate cyber attacks and avoid mistakes in the process. In this paper, we present a toolset for achieving cyber situational awareness in a large and heterogeneous environment. Our goal is to support cybersecurity teams in iterating through the OODA loop (Observe, Orient, Decide, Act). We designed tools to help the operator make informed decisions in incident handling and response for each phase of the cycle. The Observe phase builds on common tools for active and passive network monitoring and vulnerability assessment. In the Orient phase, the data on the network are structured and presented in a comprehensible and visually appealing manner. The Decide phase opens opportunities for decision-support systems, in our case, a recommender system that suggests the most resilient configuration of the critical infrastructure. Finally, the Act phase is supported by a service that orchestrates network security tools and allows for prompt mitigation actions. Finally, we present lessons learned from the deployment of the toolset in the campus network and the results of a user evaluation study

The Military Strategic Effects of the Russian National Segment of the Internet

The aim of this thesis is to develop a theoretical and conceptual basis for studying structural cyber asymmetry and to examine the strategic effects of the Russian national segment of the internet. This topic is important because cyberspace is one of the domains through or into which force can be directed to achieve political ends. Methodologically this thesis is a theory-driven qualitative case study based on content analysis and abduction. This thesis demonstrates that cyber power can be studied as a means to shape cyberspace. This approach offers a new perspective on studying the effects of national cyber strategies and the asymmetric power relationships between states. Freedom of action, common situation picture, command and control, and resilience are useful concepts for studying the relationship between closed and open national networks. These four concepts can be combined with the model of a national information security and defence system of systems to examine and compare the management and control of national networks in a novel way which takes into account the way the governance of the internet is currently changing. This thesis argues that the structural cyber asymmetry caused by the creation of a national segment of the internet sets significant premises and frames of reference on the states’ use of force in cyberspace. Structural cyber asymmetry also shapes the effects of the use force. The construction of a national segment of the internet can be compared to strategic level preparation of a cyber battlefield. The Russian national segment of the internet can, if successfully completed, change the global balance of power in cyberspace. However, the national segment, as currently envisioned, has serious vulnerabilities. Moreover, its construction will increase the interdependencies between domains, great power competition, risks of escalation, and the risk of preventive or even pre-emptive cyber strikes. The national segment of the internet increases the fragmentation of cyberspace and strengthens the norm of cyber sovereignty

Air Power’s Cyber Risk: How Operational Causes will have Strategic Consequences

This thesis argues that air power's cyber risk which has emerged from operational causes will create profound strategic consequences. Through a comprehensive examination of existing literature, it challenges prevailing perspectives by highlighting a critical gap in knowledge: a failure to map the link between operational causes and strategic consequences of air power’s cyber risk which, when realised, will threaten the roles and, in extremis, survival of states. While acknowledging the risks emergent nature and situational specificity with not all states reliant on air power and size inverse to severity, the thesis asserts that the realisation of these strategic consequences is a matter of 'when', not 'if'. Developed within a risk management framework, supported by literature reviews and case studies, and leading to observations and recommendations, the thesis responds by offering a pathway for further research which can mitigate air power’s cyber risk. If embraced, an opportunity exists for academia and practitioners to act in synergy, fill the identified gap in knowledge and address the risk proactively. Conversely, if ignored and the pathway is not followed, the implications will, the thesis predicts, result in the unmitigated strategic consequences of air power’s cyber risk reshaping the geopolitical landscape of the 21st century

Vehicular over-the-air software upgrade threat modelling

The major vehicle manufacturers deploy Over-the-Air (OTA) software update technology for their vehicle systems. In this research, we review the literature on the cybersecurity of the OTA software update mechanism. This allowed the derivation of a high-level reference architecture for the OTA system. The architecture and review guided the analysis of the OTA system attack surface. A novel asset-centric threat modelling method is derived from the analysis and applied to the OTA software upgrade use case. System assets identification, system decomposition and labelling are three steps of a four-step threat modelling methodology. The final step enables attack vector threat analysis and mitigation. The final contribution comes from actionable cybersecurity recommendations for software upgrade systems, providing threat mitigation recommendations for their secure implementation. Knowledge of potential long-range wireless attacks and other OTA system threats provides a foundation for stakeholders’ strategic investment in cybersecurity risk reduction. This investment is needed to address a dilemma. On the one hand, OTA systems are a useful technology for updating the software in cyber-physical systems, however, they do provide a potential conduit for cyber attacks. Whilst this work researched vehicular OTA systems, it could be applied to other cyber-physical systems that require secure software updates over a lifecycle

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

The threat of ransomware in the food supply chain: a challenge for food defence

In the food industry, the level of awareness of the need for food defence strategies has accelerated in recent years, in particular, mitigating the threat of ransomware. During the Covid-19 pandemic there were a number of high-profile organised food defence attacks on the food industry using ransomware, leading to imperative questions over the extent of the sector’s vulnerability to cyber-attack. This paper explores food defence through the lens of contemporary ransomware attacks in order to frame the need for an effective ransomware defence strategy at organisational and industry level. Food defence strategies have historically focused on extortion and sabotage as threats, but often in terms of physical rather than cyber-related attacks. The globalisation, digitalisation and integration of food supply chains can increase the level of vulnerability to ransomware. Ransomware is an example of an organised food defence threat that can operationalise both extortion and sabotage, but the perpetrators are remote, non-visible and often anonymous. Organisations need to adopt an effective food defence strategy that reduces the risk of a ransomware attack and can enable targeted and swift action in the event an incident occurs. Further collaboration between government and the private sector is needed for the development of effective governance structures addressing the risk of ransomware attacks. The novelty of this article lies in analysing the issue of ransomware attacks from the perspective of the food sector and food defence strategy. This study is of potential interest to academics, policy makers and those working in the industry

Distinguishing Acts of War in Cyberspace: Assessment Criteria, Policy Considerations, and Response Implications

View the Executive SummaryDetermining an act of war in the traditional domains of land, sea, and air often involves sophisticated interactions of many factors that may be outside the control of the parties involved. This monograph seeks to provide senior policymakers, decisionmakers, military leaders, and their respective staffs with essential background on this topic as well as introduce an analytical framework for them to utilize according to their needs. It develops this theme in four major sections. First, it presents the characterization of cyberspace to establish terms for broader dialogue as well as to identify unique technical challenges that the cyberspace domain may introduce into the process of distinguishing acts of war. Second, it explores assessment criteria involved with assaying cyber incidents to determine if they represent aggression and possible use of force; and if so, to what degree? Third, it looks at the policy considerations associated with applying such criteria by examining relevant U.S. strategies as well as the strategies of other key countries and international organizations, and considers how nonstate actors may affect U.S. deliberations. Fourth, it examines the influences that course of action development and implementation may have on the assessment of cyberspace incidents, such as reliable situational awareness, global and domestic environment considerations, and options and their related risks and potential consequences. It argues that the United States must also expect and accept that other nations may reasonably apply the criteria we develop to our own actions in cyberspace.https://press.armywarcollege.edu/monographs/1481/thumbnail.jp