Moving from a "human-as-problem" to a "human-as-solution" cybersecurity mindset

Cybersecurity has gained prominence, with a number of widely publicised security incidents, hacking attacks and data breaches reaching the news over the last few years. The escalation in the numbers of cyber incidents shows no sign of abating, and it seems appropriate to take a look at the way cybersecurity is conceptualised and to consider whether there is a need for a mindset change.To consider this question, we applied a "problematization" approach to assess current conceptualisations of the cybersecurity problem by government, industry and hackers. Our analysis revealed that individual human actors, in a variety of roles, are generally considered to be "a problem". We also discovered that deployed solutions primarily focus on preventing adverse events by building resistance: i.e. implementing new security layers and policies that control humans and constrain their problematic behaviours. In essence, this treats all humans in the system as if they might well be malicious actors, and the solutions are designed to prevent their ill-advised behaviours. Given the continuing incidences of data breaches and successful hacks, it seems wise to rethink the status quo approach, which we refer to as "Cybersecurity, Currently". In particular, we suggest that there is a need to reconsider the core assumptions and characterisations of the well-intentioned human's role in the cybersecurity socio-technical system. Treating everyone as a problem does not seem to work, given the current cyber security landscape.Benefiting from research in other fields, we propose a new mindset i.e. "Cybersecurity, Differently". This approach rests on recognition of the fact that the problem is actually the high complexity, interconnectedness and emergent qualities of socio-technical systems. The "differently" mindset acknowledges the well-intentioned human's ability to be an important contributor to organisational cybersecurity, as well as their potential to be "part of the solution" rather than "the problem". In essence, this new approach initially treats all humans in the system as if they are well-intentioned. The focus is on enhancing factors that contribute to positive outcomes and resilience. We conclude by proposing a set of key principles and, with the help of a prototypical fictional organisation, consider how this mindset could enhance and improve cybersecurity across the socio-technical system

Threats to Information Protection - Industry and Academic Perspectives: An annotated bibliography

Threats to information assets have always been a concern to those responsible for making information useful and defending its value. The concepts of threat, threat agent, threat events and threat sources have evolved in recent years have very precise definitions. A summary of threat classification models used in academic research is provided along with a summary of recent industry threat assessment reports. Finally, the results from a recent study, 2015 SEC/CISE Threats to Information Protection Report Including a Current Snapshot of the State of the Industry, are given

VISTA:an inclusive insider threat taxonomy, with mitigation strategies

Insiders have the potential to do a great deal of damage, given their legitimate access to organisational assets and the trust they enjoy. Organisations can only mitigate insider threats if they understand what the different kinds of insider threats are, and what tailored measures can be used to mitigate the threat posed by each of them. Here, we derive VISTA (inclusiVe InSider Threat tAxonomy) based on an extensive literature review and a survey with C-suite executives to ensure that the VISTA taxonomy is not only scientifically grounded, but also meets the needs of organisations and their executives. To this end, we map each VISTA category of insider threat to tailored mitigations that can be deployed to reduce the threat

Engineering a Traitor

CPT Jake Roberts had always wanted to serve his country. In college, he was the only student in his engineering program to be commissioned as a U.S. Army Second Lieutenant in the Corps of Engineers. But the last year has not been kind to Jake. Bit by bit, he’s become disenfranchised from his field office. Not included...secretly bullied...left behind...Jake loses trust with his Commanding Officer. Turns out, over the last year behind the scenes, he’s been nudged and directed by the invisible hand of AI. Targeted for surveillance and coercion, he’s pushed to his breaking point … until he must take action...It was just a small device hooked into the smart building maintenance system... How could it lead to the undetected missile attack on Houston? Thousands of civilians killed...a congressional investigation...Jake is convicted as a traitor to the country he swore to protect.https://digitalcommons.usmalibrary.org/aci_books/1031/thumbnail.jp

The dynamics of the contemporary military role : in search of flexibility

The article offers an overview and reflection on the dynamics of the military role taking into account different security contexts and significant others. It analyses two dominant types of military roles: warrior embedded in the realistic perspective on security and peacekeeper grounded in the liberal approach. Finally, it examines the dynamics of the modern military role in the light of the internal-external security nexus. The article shows that the contemporary military role needs not only to combine warrior and peacekeeper roles but also develop some new elements in order to meet the requirements of the contemporary security context. The article begins by setting a theoretical framework that allows for an analysis of drivers of change of the military role. It then moves towards an examination of the contextual drivers of change which influence the two traditional conceptualisations of military role: a "warrior" and a "peacekeeper". Next, the article turns towards the topic of internal-external security nexus as characteristic to the contemporary security context. Finally, it considers the contextual drivers of change within two areas of military involvement: domestic counter-terrorism operations and cyber security. The article ends with three main conclusions. Firstly, the contemporary military role requires more adaptability with regard to referent objects. Secondly, the contemporary military role requires more flexibility with regard to countering threats and the application of violence. Thirdly, the flexibility of the contemporary military role is necessitated by close collaboration with other actors who participate in provision of security

A Review of Trends and Issues of Cybersecurity in Academic Libraries

Cyber security is rapidly becoming an important aspect of ICT around the globe. In Nigeria there have been increase in the rate of cybercrime and various organizations have become targets of cyber criminals. Cybercrime can pose a high risk to the economy and security of a nation. The most common types of cybercrime committed in Nigerian academic libraries include hacking, cyber-theft, viruses and worms, spamming, financial fraud, identity theft, cyber and website cloning. This paper examines the effectiveness of electronic security systems also known as cyber security in academic libraries in Nigeria. The paper was introduced by understanding what security is all about and then the perspective of cyber security. It moved on to analyse the various types of threats cyber security are exposed to and also the consequences of inaction. The paper moved on to analyse some cybersecurity actions that can be embarked on such as turning on firewalls, protecting passwords, preventing identity theft and so on. Finally the paper revealed cyber ethics that are to be adhered to. The paper concludes that academic libraries have suffered adversely from security issues and other anti-social menace and that the installation of security devices would drastically improve the situation

Impact and key challenges of insider threats on organizations and critical businesses

The insider threat has consistently been identified as a key threat to organizations and governments. Understanding the nature of insider threats and the related threat landscape can help in forming mitigation strategies, including non-technical means. In this paper, we survey and highlight challenges associated with the identification and detection of insider threats in both public and private sector organizations, especially those part of a nation’s critical infrastructure. We explore the utility of the cyber kill chain to understand insider threats, as well as understanding the underpinning human behavior and psychological factors. The existing defense techniques are discussed and critically analyzed, and improvements are suggested, in line with the current state-of-the-art cyber security requirements. Finally, open problems related to the insider threat are identified and future research directions are discussed

Assessing the Usefulness of Visualization Tools to Investigate Hidden Patterns with Insider Attack Cases

The insider threat is a major concern for organizations. Open markets, technological advances, and the evolving definition of employee have exacerbated the insider threat. Insider threat research efforts are focusing on both prevention and detection techniques. However, recent security violation trends highlight the damage insider attacks cause organizations and illuminate why organizations and researchers must develop new approaches to this challenge. Although fruitful research is being conducted and new technologies are being applied to the insider threat problem, companies remain susceptible to the costly damage generated by insider threat actions. This research explored how visualization tools may be useful in highlighting patterns or relationships in insider attack case data and sought to determine if visualization software can assist in generating hypotheses for future insider threat research. The research analyzes cases of insider attack crimes committed during the period of 1998 to 2004 with an information visualization tool, IN-SPIRE. The results provide some evidence that visualization tools are useful in both finding patterns and generating hypotheses. By identifying new knowledge from insider threat cases, current insider threat models may be refined and other potential solutions may be discovered