Cybersecurity is essential to maintaining operations, and is now a de facto cost of business. Despite this, there is little consensus on how to systematically make decisions about cyber countermeasures investments. Identifying gaps and determining the expected return on investment (ROI) of adding a new cybersecurity countermeasure is frequently a hand-waving exercise at best. Worse, cybersecurity nomenclature is murky and frequently over-loaded, which further complicates issues by inhibiting clear communication. This paper presents a series of foundational models and nomenclature for discussing cybersecurity countermeasures, and then introduces the Cyber Defense (CyDef) model, which provides a systematic and intuitive way for decision-makers to effectively communicate with operations and device experts.
As concerns with cyber security and network protection increase, there is a greater need for organizations to deploy state-of-the-art technology to keep their cyber information safe. However, foolproof cyber security and network protection are a difficult feat since a security breach can be caused simply by a single employee who unknowingly succumbs to a cyber threat. It is critical for an organization’s workforce to holistically adopt cyber technologies that enable enhanced protection, help ward off cyber threats, and are efficient at encouraging human behavior towards safer cyber practices. It is also crucial for the workforce, once they have adopted cyber technologies, to remain consistent and thoughtful in their use of these technologies to keep resistance strong against cyber threats and vulnerabilities. Adoption of cyber technology can be difficult. Many organizations struggle with their workforce adopting newly-introduced cyber technologies, even when the technologies themselves have proven to be worthy solutions. Research, especially in the domain of cognitive science and the human dimension, has sought to understand how technology adoption works and can be leveraged. This paper reviews what empirical literature has found regarding cyber technology adoption, the current research gaps, and how non-research based efforts can influence adoption. Focusing on current efforts accomplished by a government-sponsored activity entitled “ACT” (Adoption of Cybersecurity Technologies), the aim of this paper is to empirically study cyber technology adoption to better understand how to influence operational adoption across the government-sector as well as how what can be done to develop a model that enables cyber technology adoption.
Guidelines to Improve Airport Preparedness Against Chemical and Biological Terrorism is a 100-page document that makes concrete recommendations on improving security and assessing vulnerable areas and helps its readers understand the nature of chemical and biological attacks. The report has been turned over to Airports Council International (ACI) and the American Association of Airport Executives (AAAE), two organizations that together represent the interests of thousands of airport personnel and facilities in the U.S. and around the world.
A continuously operating prototype chemical weapons sensor system based on the {mu}ChemLab{trademark} technology was installed in the San Francisco International Airport in late June 2002. This prototype was assembled in a National Electric Manufacturers Association (NEMA) enclosure and controlled by a personal computer collocated with it. Data from the prototype was downloaded regularly and periodic calibration tests were performed through modem-operated control. The instrument was installed just downstream of the return air fans in the return air plenum of a high-use area of a boarding area. A CW Sentry, manufactured by Microsensor Systems, was installed alongside the {mu}ChemLab unit and results from its operation are reported elsewhere. Tests began on June 26, 2002 and concluded on October 16, 2002. This report will discuss the performance of the prototype during the continuous testing period. Over 70,000 test cycles were performed during this period. Data from this first field emplacement have indicated several areas where engineering improvements can be made for future field emplacement.