On the Change in Archivability of Websites Over Time

As web technologies evolve, web archivists work to keep up so that our digital history is preserved. Recent advances in web technologies have introduced client-side executed scripts that load data without a referential identifier or that require user interaction (e.g., content loading when the page has scrolled). These advances have made automating methods for capturing web pages more difficult. Because of the evolving schemes of publishing web pages along with the progressive capability of web preservation tools, the archivability of pages on the web has varied over time. In this paper we show that the archivability of a web page can be deduced from the type of page being archived, which aligns with that page's accessibility in respect to dynamic content. We show concrete examples of when these technologies were introduced by referencing mementos of pages that have persisted through a long evolution of available technologies. Identifying these reasons for the inability of these web pages to be archived in the past in respect to accessibility serves as a guide for ensuring that content that has longevity is published using good practice methods that make it available for preservation.Comment: 12 pages, 8 figures, Theory and Practice of Digital Libraries (TPDL) 2013, Valletta, Malt

Collaborative training and response communities-an alternative to traditional cyber defense escalation

In the United States, the State of Colorado\u27s Department of Transportation successfully defended and recovered from a recent severe malware attack. The 2018 attack at the Colorado Department of Transportation was mitigated by a rapid multi-agency incident response. This is the first case in the United States where a state\u27s National Guard responded to a governor\u27s declaration of a cyber emergency response. In anticipation of advanced threats to Colorado citizens, Regis University has hosted collaborative exercises with government, organizations, and industry as part of a larger Collaborative Training Response Community (CTRC) effort to facilitate collaborative physical exercises, governmental policy development, and relationship building. The resulting capabilities allowed for an effective response to this incident. The authors present a new incident response model, based on this case in the context of existing cybersecurity organizations extant in the U.S., that may be useful to private and public sector communities where collaborative incident response is appropriate

A Short-Cycle Framework Approach to Integrating Psychometric Feedback and Data Analytics to Rapid Cyber Defense

Following earlier research in demonstrating the significance of behavioral analysis in cyber defense, the authors developed a framework to incorporating multi-disciplinary datasets along a common timeline to increase incident response feedback for coaching. Currently this framework is being introduced in the state of Colorado, USA as a part of a joint government, industry and academic partnership. Upon project initiation, the feedback cycle had been a minimum of several months from observation to feedback. Presented here is a new framework that can shorten the cycle of psychometric feedback to multiple times in one training day. This Short-Cycle Framework, gathering psychometric and cyber data to provide direct feedback to cyber defense team leaders, was conceived when Regis University’s psychometric evaluators observed a real multi-agency cyber defense response. The authors realized the psychometric data can be used in live cyber defense incidents alongside things like network firewall traffic analysis as the cyber defenders provide relief for organizations under active cyber attack. This work presents the context in which the framework was developed, the characteristics of the framework, and suggestions for further research. The framework implements a specific set of short-term state indicators based on well-known personality trait and state models. The coaching cycle was scripted to shorten the delay between observation and feedback so that it can be more useful in both training and live incident response

A Layered Model for Building Cyber Defense Training Capacity

As technology proliferates and becomes indispensable to all functions of society, so does the need to ensure its security and resilience through cyber defense training, education, and professional development. This paper presents a layered model that supports cyber defense training progressively through the development of technology services, digital context, performance assessment, and impact analysis. The methods used were applied to college laboratories associated with cybersecurity classes, defense training exercises, cyber based competitions, and graduate research program designs. The service layer presents methods for developing the technical infrastructure and agile deployment necessary to support cyber defense training. This, then, is layered with conceptual frameworks to guide teams as they immerse into scenarios within cyberspace. To enhance team performance in this space and to enhance the value of the training process itself, psychometric feedback, Agile methods, and quantitative assessments are used to track efficacy and facilitate future development. The final layer represents active incident response and ongoing collaborative efforts between institutions and across disciplines. The work is presented as a progression and illustrates a decade of research from 2010 to 2020. The context has been updated here with the intention that it can be used as a guide for designing a broad range of collaborative cyber defense and cyber range programs. The influence of socio-behavioral factors increasingly illuminates the path forward