Measuring Computer Forensics Skill

Computer forensic analysts combine their technical skills with their forensic aptitude to recover information from computers and storage devices. Most technology professionals demonstrate expertise through the acquisition of different professional certifications. Certifications, however, are not always a valid judge of skill, because certifications are formatted as written and applicable tests. It is common for people to forget knowledge and skills when they are not routinely practiced. The same applies with technology certifications. One must practice the skills learned for the certification test consistently in order to convert them to long-term memory. “Cognitive processes play a prominent role in the acquisition and retention of new behavior patterns” (Bandura 1977, p. 192). As a skill is practiced, it is better retained. Due to the current inability to accurately measure an individual’s skills and understanding of computer forensics principles, this research will investigate how to measure proficiency amongst professionals and novices. Recent research utilized conceptual expertise within the context of computer security (Giboney et al. 2016). This study utilized a technique to quickly measure the difference between novices and experts. Following their guidelines, we propose to do the same for computer forensics expertise with the following research question: What knowledge, skills and abilities are needed to be demonstrated in a measure to assess computer forensics expertise? Conceptual expertise is the understanding about the theoretical concepts and their relationship in a topic area. The SEAM process (Giboney et al. 2016) aims to gauge the practical application of situations to the goal wherein experts can show their conceptual expertise. The conceptual expertise task is based on the idea that those who have surface level knowledge will group scenarios by surface features while experts will be able to group the same scenarios by deep features (Giboney et al. 2016). The assessment has been designed to measure the understanding of basic computer forensics processes. It consists of twenty-five situations created to highlight different stages of the digital forensic process. These situations focus on a gender-neutral individual, Jordan and the tasks they perform given certain parameters. Survey takers will group the situations by stage of forensics or by what crime the task is involved with. We will show that the assessment can accurately determine an individual’s understanding of computer forensics. When this is shown, this assessment could be used in a variety of ways including initial assessments of job candidates and pre- and post- tests for computer forensic classes

Producing and Evaluating Crowdsourced Computer Security Attack Trees

We describe the recent developments of an opensource project called RATCHET that can be used by groups of users to collectively construct attack trees. We present the RATCHET framework as well as a model for testing and evaluation of the produced attack trees. RATCHET has been tested in classroom settings with positive results and this paper presents the plans for expanding its outreach to the community at large and building attack trees through crowdsourcing. This paper gives an overview of RATCHET and an introduction to its use

Developing a measure of adversarial thinking in social engineering scenarios

Social engineering is a major issue for organizations. In this paper, we propose that increasing adversarial thinking can improve individual resistance to social engineering attacks. We formalize our understanding of adversarial thinking using Utility Theory. Next a measure of adversarial thinking in a text-based context. Lastly the paper reports on two studies that demonstrate the effectiveness of the newly developed measure. We show that the measure of adversarial thinking has variability, can be manipulated with training, and that it is not influenced significantly by priming. The paper also shows that social engineering training has an influence on adversarial thinking and that practicing against an adversarial conversational agent has a positive influence on adversarial thinking

Broadband Internet Access as a Localized Resource for Facilitating Information Security Knowledge

With an increasing number of threats to cybersecurity, research continues to focus on methods and behaviors by which individuals may better protect themselves. The availability of broadband infrastructure has been proposed to improve city and regional economic, educational, and health-related prospects, but its impact on facilitating security knowledge gathering has yet to be studied. This study assesses the influence of broadband availability, using data collected from 894 Internet users from across the United States, with multiple analysis techniques supported by geographical information systems (GIS). The results indicate that broadband access, in addition to age and education level, is associated with higher levels of security knowledge. Moreover, geographical weighted regression analyses suggest that the significant variables vary in influence based on their locality

INGENIERÍA SOCIAL EN INSTITUCIONES DE EDUCACIÓN SUPERIOR

La Ingeniería Social hace referencia al conjunto de actividades que tienen como objetivo la manipulación de los seres humanos por medio de engaños con el único fin de obtener un acceso privado o información confidencial de las mismas personas, empresas o para nuestro caso, Instituciones de Educación Superior. Los practicantes de la Ingeniería Social se basan, en muchos casos, en el descuido, falta de conocimiento o incluso de la propia necesidad humana de comunicarnos, para captar datos e información que les permita realizar actividades fraudulentas en beneficio propio o incluso de una “comunidad”. La Instituciones de Educación Superior, no son ajenas a estos ataques, incluso dado su grado de vulnerabilidad son propensas sin saberlo a perder toda su información y por ende poner en riesgo su continuidad. Por ello, el objetivo central de este artículo es hacer un estudio sobre la Ingeniería Social y sus antecedentes, las vulnerabilidades que poseen las Instituciones de Educación Superior y que pueden ser objeto de ataque, y en ese sentido, que estrategias se pueden proponer en favor de la protección de la información, así como recomendaciones generales y significativas para combatir la desinformación en este tema

Effective Cyber Security Strategies for Small Businesses

Disruptive technologies developed in the digital age expose individuals, businesses, and government entities to potential cyber security vulnerabilities. Through the conceptual framework of general systems theory, this multiple case study was used to explore the strategies among owners of 4 retail small- and medium-size enterprises (SMEs) in Melbourne, Florida, who successfully protected their businesses against cyber attacks. The data were collected from a review of archival company documents and semistructured interviews. Yin\u27s 5-phased cycles for analyzing case studies provided the guidelines for the data analysis process. Three themes emerged from thematic analysis across the data sets: cyber security strategy, reliance on third-party vendors for infrastructure services, and cyber security awareness. The study findings indicated that the SME owners\u27 successful cyber security strategies might serve as a foundational guide for others to assess and mitigate cyber threat vulnerabilities. The implications for positive social change include the potential to empower other SME owners, new entrepreneurs, and academic institutions with successful cyber security strategies and resources to affect changes within the community. SME owners who survive cyber attacks may spur economic growth by employing local residents, thus stimulating the socioeconomic lifecycle. Moreover, implementation of these successful strategies may catalyze consumer confidence, resulting in greater economic prosperity