Operating in the Dark: Cyber Decision-Making from First Principles
Abstract:
The future of cyber conflict will present an uncertain, insecure, and rapidly changing environment. Cyber security will prove to be increasingly important for the defence community, and cyber literacy will be necessary for an increasing number of decision-makers. To continue to achieve its mission, the defence community should rally around a doctrinal set of first principles. The authors propose the Information Security Practice Principles as a foundational text to serve at the highest tier of analysis for defence cyber decision-making.
AUTHORS
Center for Applied Cybersecurity Research Indiana University
Bloomington, Indiana, USA
Scott Russell is a Senior Policy Analyst at the Indiana University Center for Applied Cybersecurity Research (CACR), where his work focuses on the improvement of federal privacy and cyber- security policy. A lawyer and researcher, he specialises in privacy, cyber security, and international law, and his past research has included principled cyber-security, cyber-security assessments, international cyber-security due diligence, cyber- security self-governance regimes, international data jurisdiction, and digital surveillance. He is a co-author of Security from first principles: A practical guide to the information security practice principles, and is a key contributor to CACR’s collaborative efforts with Naval Surface Warfare Center, Crane, where he currently serves as temporary faculty. He earned his bachelor’s degrees in Computer Science and History from the University of Virginia, and earned his J.D.
Center for Applied Cybersecurity Research Indiana University
Bloomington, Indiana, USA
Craig Jackson is Chief Policy Analyst at the Indiana University Center for Applied Cybersecurity Research (CACR), where his research interests include information security program development and governance, cyber security assessments, legal and regulatory regimes’ impact oninformation security and cyber resilience, evidence- based security, and innovative defences. He is a Co-PI of the NSF Cybersecurity Center of Excellence, and leads CACR’s collaborative efforts with Naval Surface Warfare Center, Crane, where he is presently employed as temporary faculty. He is the co-author of Security from first principles: A practical guide to the information security practice principles. He is a graduate of the IU Maurer School of Law, IU School of Education, and Washington University in St. Louis. In addition to his litigation experience, his research, design, project management, and psychology background includes work at the IU Center for Research on Learning and Technology and the School of Medicine at Washington University in St. Louis.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
