240 likes | 266 Views
Delve into how technology intersects with cybersecurity from diverse disciplines encompassing cultural, legal, and ethical aspects. Understand disciplinary versus interdisciplinary approaches and unlock the complexities of cybersecurity through varied perspectives. Gain insights into the impact of interdisciplinary research, benefits for students and faculties, and the evolving nature of cybersecurity definitions. This comprehensive interdisciplinary guide navigates through Information Technology, Engineering, Sociology, Psychology, and more.
E N D
Cybersecurity, Society, and Technology: An Interdisciplinary Perspective Brian K. Payne, PhD Vice Provost Department of Sociology and Criminal Justice Old Dominion Univeristy
Cybersecurity, Technology, and Society • Students will explore how technology is related to cybersecurity from an interdisciplinary orientation. Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains. • Unpacking this requires attention given to the concepts of “disciplinary” and “interdisciplinary”
What does disciplinary mean? Disciplines have: • “a particular object of research” • “a body of accumulated specialist knowledge” • “theories and concepts that can organize the accumulated specialized knowledge” • “specific terminologies or a specific technical language” • “specific research methods” • “some institutional manifestation in the form of subjects taught at universities or colleges” (Krishnan, 2009)
What does interdisciplinary mean? Source: Repko et al., 2014
Assumptions of Interdisciplinarity • Complex reality beyond the university makes interdisciplinarity necessary • Disciplines are foundational to interdisciplinarity • Disciplines are inadequate to address complexity comprehensively • Interdisciplinarity is able to integrate insights from relevant disciplines • Disciplines and the institutional policies that reinforce them often present major barriers to interdisciplinarity Source: Repko et al., 2014, pp. 121-125.
What is driving interdisciplinary research? Source: National Academies Press, 2005
Characteristics of Interdisciplinarity • Flexibility • Innovative thinking • Development of new strategies to deal with complex ideas Source: (McFadden et al., 2011)
More on Benefits For Students ForFaculty Connected to the University Less isolation More confident Identify common concerns across programs (See Frost and Jean, 2003) Learning outcomes • Disciplinary grounding • Integration • Teamwork • Communication • Critical awareness (Borrego and Newslander, 2010, p. 80).
What does cybersecurity mean? Many different definitions cited by Craigen et al (2014), pp. 14-15. • “Cybersecurity consists largely of defensive methods used to detect and thwart would-be intruders.” (Kemmerer, 2003) • “Cybersecurity entails the safeguarding of computer networks and the information they contain from penetration and from malicious damage or disruption.” (Lewis, 2006) • “Cyber Security involves reducing the risk of malicious attack to software, computers and networks. This includes tools used to detect break-ins, stop viruses, block malicious access, enforce authentication, enable encrypted communications, and on and on.” (Amoroso, 2006) • “Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets.” (ITU, 2009) • “The art of ensuring the existence and continuity of the information society of a nation, guaranteeing and protecting, in Cyberspace, its information, assets and critical infrastructure.” (Canongia & Mandarino, 2012) • “A science of cybersecurity offers many opportunities for advances based on a multidisciplinary approach, because, after all, cybersecurity is fundamentally about an adversarial engagement. Humans must defend machines that are attacked by other humans using ma- chines. So, in addition to the critical traditional fields of computer science, electrical engineering, and mathematics, perspectives from other fields are needed.” (Chang, 2012, former research director at NSA).
Cybersecurity: An Interdisciplinary Approach • Information Technology • Engineering • Computer Science • Criminal Justice/Criminology • Sociology • Philosophy • Psychology • Victimology • Leadership • Law
Cybersecurity: An Interdisciplinary Approach • Information Science • “Information science includes any professional who works with, researches about, or learns about the management of information in any form…storing, retrieving, describing, organizing, representing, or providing information to others” • Association for Information Science and Technology • How is information stored? • How can it be protected? • What policies are needed to protect information? • What technological strategies can be used to protect information?
Cybersecurity: An Interdisciplinary Approach • Information Technology (IT) is defined by the Information Technology Association of America (ITAA) as “the study, design, development, implementation, support or management of computer-based information systems, particularly software applications and computer hardware.” • Attacks on information systems are a daily occurrence. • Primary mission of information security is to ensure systems and contents stay the way they are • Information security performs four important functions: • Protects organization’s ability to function • Enables safe operation of applications implemented on organization’s IT systems • Protects data the organization collects and uses • Safeguards the technology assets in use at the organization
Cybersecurity: An Interdisciplinary Approach • Engineering • “Engineers apply the principles of science and mathematics to develop economical solutions to technical problems. Their work is the link between scientific discoveries and the commercial applications that meet societal and consumer needs.” (Hamilton, n.d.). • Types of Engineers Interested in Cybersecurity • Computer engineers • Electrical engineers • Systems engineers • Engineering management • Modeling, simulation, and visualization engineers
Cybersecurity: An Interdisciplinary Approach • A variety of critical infrastructures are based complex engineering systems • Critical Manufacturing • Chemical Engineering • Energy • Food and Agriculture • Telecommunication • Transportation systems • Water and wastewater systems • Engineering systems are subject to increasing cyber threats • Recent high-profile attacks • More sophisticated techniques • Malware, phishing, and social engineering • Deregulate critical systems • Cause physical damage
Cybersecurity: An Interdisciplinary Approach • “Computer Science is the study of phenomena related to computers” (Newell, Perlis, and Simon, 1967). • Cybersecurity is a phenomenon related to computers.
Cybersecurity: An Interdisciplinary Approach • Criminal Justice • How do we detect these offenses? • How should the police respond? • Appropriate judicial response? • Punishment? • Prevention strategies • Criminology • Who commits these crimes? • Why are they committed? • What patterns guide behavior? • What are the consequences?
Cybercriminology • Jaishankar (2007)- coined and defined the concept as “the study of causation of crimes that occur in the cyberspace and its impact in the physical space”.
Cybersecurity: An Interdisciplinary Approach • Sociology • “the study of social life, social change, and the social causes and consequences of human behavior. Sociologists investigate the structure of groups organizations, and societies and how people interact within these contexts” • How do societal influences shape cyber offending? • How do social groups interact online? • How does technology impact cyber offending?
Cybersecurity: An Interdisciplinary Approach • Philosophy • Philosophy is the systematic analysis of the basic concepts, logic, and evidentiary structures of all other fields of knowledge. • Which data are private, and why? • How do cybersecurity professionals balance business obligations to generate profits with professional obligations to serve the public good? When is it right to become a whistleblower? • What is a just war? What is just cyberwar? What is just information warfare?
Cybersecurity: An Interdisciplinary Approach • Psychology • “the study of the mind and behavior. The discipline embraces all aspects of the human experience — from the functions of the brain to the actions of nations, from child development to care for the aged.” (APA). • Six Psychological Factors Related to Hacking • Liking people (related to trust) • Social proof (we behave how we think others behave) • Reciprocation • Commitment (we don’t turn back) • Authority (fabricating identity) • Scarcity (rarer means more valuable) • (Cialdini, cited in Poulin)
Cybersecurity: An Interdisciplinary Approach • Victimology: Study of the victim, their role in victimization, the consequences of victimization, and society’s response. • Why don’t victims report? • Shame • Don’t know the crime occurred • Not sure who to report to • Believe that the crime is not that serious • Negative publicity could harm the victim (Brown, 2015) • Victimologic Profiles • Online disinhibition effect • Naivety and thoughtlessness • Agustina, 2015
Cybersecurity: An Interdisciplinary Approach • Leadership • An interdisciplinary discipline focused on developing individuals’ abilities to lead. • Planning, • organizing, • directing, • staffing, • reporting, • budgeting • Leaders need to be familiar with cybersecurity: • How much should be devoted to cybersecurity? • What happens when a breach occurs? • How can the leader keep the business running? • What should the leader do to prevent breaches?
ODUs Interdisciplinary Cybersecurity Majors • Cybersecurity (IDS) • Cybercrime (IDS) • Cyber Operations (IDS) • Enterprise Security (IT) • The goal of these majors is to address cybersecurity in a way that responds to real-world complexities and challenges, bringing together faculty and students from multiple backgrounds to address cybersecurity using their varying perspectives.