Volume 23, Issue 3

Volume 23, Issue 3 Editorial

Styled image of the the word Editorial

Summer 2024

The recent European Conference on Cyber Warfare and Security (ECCWS), held at the University of Jyväskylä, Finland, in late June 2024 was an outstanding success with a large and successful group of delegates from around the world. Next year, the 2025 ECCWS event will be held at the German Research Center for Artificial Intelligence - DFKI in Kaiserslautern, Germany on 26-27 June 2025, Kaiserslautern, Germany.

We are also looking forward to the next International Conference on Cyber Warfare and Security (ICCWS) to be held at the College of William & Mary (Williamsburg, VA, U.S.) in March of 2025. That series of events has a bench of universities in the US and overseas, who have already tentatively scheduled out locations in North Carolina, United Arab Emirates, California, and then back to Saudi Arabia.

Securing Zambia's Business Future: Cybersecurity Guidelines for SMEs

Abstract:

This study examines cybersecurity awareness and practices in Zambian SMEs (small and medium-sized enterprises) that are vulnerable to increasing cyberattacks with significant financial impacts. Through semi-structured interviews, cross-sectional analysis, and reviews of the CISA and ENISA guidelines and Zambian Data Protection Act, insufficient training, defective policy, and reliance on basic tools have been identified as reasons for cyber insecurity. The researchers’ tailored guidelines whetted the interest of Zambian authorities. This research introduces a Cyber Awareness Framework for Zambian SMEs—emphasizing the human element in cybersecurity. Future research should encompass more SME sectors, should address outdated demographic data, and should focus on less digitized businesses.

How to Measure Strategic Influence: A New Science for National Security

Abstract:

The United States’ national security strategy is an influence strategy—the effectiveness of which cannot be measured. The strategy’s effectiveness is unmeasurable because influence operations still have not solved the assessment problem. The Department of Defense influence doctrine relies on unreliable practices from advertising and has never taken up a program of research to apply the very advanced psychological science of influence to the national security domain. Robust methods of operational design, variable control, and measurement are absent from national security influence, and there is no organization or mechanism to coordinate and deconflict operations across the whole of government.

Terminal Veracity: How Russian Propaganda Uses Telegram to Manufacture ‘Objectivity’ on the Battlefield

Abstract:

This article investigates over 130,000 Telegram messages, 15,000 Telegram forwards, and 750 news articles from Russian-affiliated media to assess the information supply chain between Russian media and Telegram channels covering the war in Ukraine. Using machine-learning techniques, this research provides a framework for conducting argument and network analysis for disambiguating narratives, channels, and users, and mapping dissemination pathways of influence operations. The findings indicate that a central feature of Russian war reporting is actually the prevalence of neutral, non-argumentative language. Moreover, dissemination patterns between media sites and Telegram channels reveal a well-cited information laundering network with a distinct supply chain of covert, semi-covert, and overt channel types active at seed, copy, and amplification levels of operation.

Defending Smart Grid Infrastructure—A Scenario-Based Analysis of Cybersecurity and Privacy Rules in China, France, Russia, UK, and USA

Abstract:

The digitization of the electric energy grid enlarges its attack surface and makes the infrastructure increasingly vulnerable to digital warfare. Therefore, national legislation is central to defending critical energy infrastructure against terrorist and nation-state attacks in cyberspace. Still, previous studies have found shortcomings in cybersecurity legislation. To support smaller countries in their policymaking, this study describes a normative ideal in the form of a consolidated security policy framework. The framework consists of 25 policies that are based on cybersecurity and privacy rules of five countries with strong cyber defence capabilities; the framework addresses five cyberattack scenarios with a very high consequence potential. This study shows that the consolidated policies provide a holistic cyber defence framework, covering strategic, tactical, and operational levels, including obligations on both authority and industry levels.

Enhancing Global Cybersecurity Resilience: Navigating the Subconscious Fallacies within Critical Infrastructure Protection

Abstract:

Amidst the digital revolution, cyber-enabled critical infrastructures are the foundation of societal operations. However, this interconnectivity introduces risks such as cascading failures where disruptions in the power grid affect multiple systems. Global collaboration becomes inescapable in forming holistic approaches that evolve alongside continuous technological advancements to enhance infrastructure resilience. Before these approaches can truly succeed, it is imperative to understand the decision-making processes within these environments and effectively mitigate biases that may alter priorities. This study investigates subconscious biases stemming from perceived solutions, intending to anticipate their potential impact on decision-making prioritization and enhance overall cybersecurity in critical infrastructure resilience.

Digital and Technological Sovereignty of the European Union: Strategic Necessity to Survive in the Global Competition?!

Abstract:

Digital and technological sovereignty are essential building blocks of the European Union’s (EU) European ambition for a position in the new world order. However, the current dependencies and vulnerabilities along the entire value chain are a massive challenge in the realization of geopolitical claims to power. EUrope must manage the balancing act between a policy guided by values and one guided by interests in order not to lose its own credibility. Will the EU be able to cope with these challenges and project its regulatory power to create another Brussels effect?

Prompt Engineering: Tactics and Techniques in Open-Source Intelligence

Abstract:

This paper investigates the prospective application of large language models (LLMs) in Open-Source Intelligence (OSINT), with particular emphasis on integrating information acquisition processes and the growing significance of prompt engineering for analysts. The research includes a thorough literature review, a proposed information model incorporating LLMs, and underscores the functional utilization of artificial intelligence in OSINT and the associated challenges, primarily the educational needs of security forces. In this context, the study outlines prompt engineering approaches for various OSINT tasks as a crucial skill, necessitating a deep understanding of LLMs to produce validated intelligence. Relevant general prompts are demonstrated. Additionally, the paper discusses the need for updated training in critical thinking, search techniques, and prompt engineering for intelligence professionals. The findings indicate a significant evolution in OSINT methodologies, highlighting the need for ongoing research and education to fully harness AI’s potential in intelligence gathering.

Illustrative Examples of How to Measure Influence Operations: Experimental and Statistical Methods for Causal Inference

Abstract:

National security influence professionals have always struggled with influence measures of effectiveness and operational assessments. This paper includes fictional examples that illustrate how experimental methods from psychological science can address this problem. Three fictional use cases are examined. A scientific approach to national security influence is essential to accumulating knowledge in this domain. Without it, the information operations community will continue to struggle to identify what works and why.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com