Incentivizing Cyber Security Investment in the Power Sector Using An Extended Cyber Insurance Framework

By Jack Rosson, Mason Rice, Juan Lopez, and David Fass Abstract Collaboration between the DHS Cybersecurity and Infrastructure Security Agency (CISA) and public- sector partners has revealed that a dearth of cyber- incident data combined with the unpredictability of cyber attacks have contributed to a shortfall in first-party cyber insurance protection in the critical infrastructure

Implementation of Active Cyber Defense Measures by Private Entities: The Need for an International Body to Address Disputes

Ike Barnes EXECUTIVE SUMMARY News reports about cyber-attacks against corporations are commonplace. A search of Google News on July 31, 2017, for cyber-attacks yielded eight articles from the same day on the first page of the search return. To address this problem, organizations such as George Washington University’s Center for Cyber and Homeland Security and

Cyber Federalism: Defining Cyber’s Jurisdictional Boundaries

Eric Rosner EXECUTIVE SUMMARY As technology matures and produces new opportunities for human advancement, it also creates new threats and vulnerabilities. Today’s interconnected and interdependent systems heighten these risks because they increase the likelihood of a cyber-attack having cascading consequences across the country. The federal government plays a large role in cyber preparedness and cyber

Hacking your ride: Is Web 2.0 creating vulnerabilities to surface transportation?

Cedric Novenario EXECUTIVE SUMMARY Traffic congestion during commuting hours (7:00 A.M. to 9:00 A.M. and 4:00 P.M. to 6:00 P.M.) is as much a guarantee as death and taxes. Sitting in traffic gridlock consumes valuable free time, adds pollutants to the air, and reduces overall quality of life.[1] Developers from the mobile application (app) world

Protecting Networks via Automated Defense of Cyber Systems

Matthew Morin EXECUTIVE SUMMARY This thesis examined if automated cyber defense promises to be more effective than current models to cope with the results of vulnerabilities introduced by the projected increase in Internet-enabled devices. The question was scoped to foresee cyberspace landscape evolution over the next 10 to 15 years. In particular, the author claims

Shadows of Stuxnet: Recommendaions for U.S. Policy on Critical Infrastructure Cyber Defense Derived from The Stuxnet Attack

Ronald Lendvay EXECUTIVE SUMMARY Cyber security for critical infrastructures (Cis) ranks among the highest United States (U.S.) national security priorities. The national well-being and the fabric of American’s daily lives rely upon the security and resiliency of CIs. The Department of Homeland Security (DHS) refers to (CI) as the, “backbone of our nation’s economy, security

The Homeland Security Enterprise and Public Works: Improving the Relationship

Jason Lappin Executive Summary The homeland security enterprise (HSE) is a comparatively new term added to the government’s list of acronyms following the attacks on 9/11. In broad terms, the HSE is comprised of many institutions and agencies that attempt to support the United States through numerous national mission spaces. These mission spaces are found

The Millennial Generation as an Insider Threat: High Risk or Over Hyped?

David Fisher EXECUTIVE SUMMARY   This thesis asks if a specific generation, Millennials, is collectively more likely to possess the characteristics and traits of an insider threat than the Baby Boomers or Generation X (Gen X) generations. For the purposes of this study, insider threat it is defined as “people who maliciously and deliberately used

The Role of North American Aerospace Defense Command (NORAD) in Military Cyber Attack Warning

Randall DeGering EXECUTIVE SUMMARY Since 1958, North American Aerospace Defense Command (NORAD) has a proven history of adapting and evolving to meet changing military defense challenges using new technology—from its early years providing ground-based radar warning of approaching Soviet bombers, to ground-based radar warning of in-bound Soviet ICBMS, to satellite-based warning of any missile launch

Building Automation System Cyber Networks: An Unmitigated Risk to Federal Facilities

Shawn Tupper EXECUTIVE SUMMARY   In 2007, Congress passed the Energy Independence and Security Act, directing all government agencies to reduce their buildings’ energy levels by 30 percent by 2015.[1] Accordingly, the General Services Administration (GSA), responsible for managing federal facilities, began taking the necessary steps to accomplish this goal.[2] In 2012, to reduce energy