Information Security and Critical Infrastructure Protection
Publications
-
Unleashing Innovation: Making the FCC User-Friendly
Stephen Lukasik; INFO, Volume 11, Issue 5, pp. 76-85; August 2009
Introduction
There is a large literature on the issue of regulation and technological innovation from the varied perspectives of history, politics, economics, law, finance, and engineering. To attempt to add something meaningful to this rich body of writings is challenging. My only qualification is that of a participant for a short but critical period.
When I found myself, on May 1, 1979, the Chief Scientist of the Federal Communications Commission, twenty-three years after receiving my doctorate from MIT, my training said to decide what the most important problems were that needed fixing and to proceed by whatever promising means suggested themselves to fix them. My technical background was eclectic, the result of broad interests and perhaps a bit of impatience, but quite devoid of experience with the theory or practice of regulation. To understand what happened next on the technology and communication policy side of the FCC, it may be useful to look further into my improbable presence.
My doctoral thesis was a quantum mechanical calculation of what happens when diatomic molecules collide, and while a graduate student I worked as an acoustical engineer for Bolt, Beranek and Newman (since renamed BBN). I worked for a time at Westinghouse validating criticality codes needed for the design of reactors for submarine propulsion. At Stevens Institute of Technology I taught and undertook research in range of fluid dynamics issues: sweeping pressure mines, energy loss mechanisms in ocean waves, orbit stability in a plasma betatron, and the production of high pressures and high magnetic fields using chemical explosives. But central for this discussion is my time in the Defense Department’s Advanced Research Projects Agency (ARPA, now DARPA).
-
Reducing Threats to Users of the Global Commons
A Paper by Stephen Lukasik - Distinguished Senior Research Fellow; 31 December 2008.
Introduction
The Center for International Strategy, Technology, and Policy was asked, "What might a Cyber Threat Reduction Agency look like?" Implied by this are matters of mission, organization, relationships to other federal agencies and authorities.
While one can approach the question directly, this would leave unaddressed whether a U.S. federal agency can protect the global cyber commons. The U.S. government currently has a number of agencies involved in various protective activities. Granted that, the question asked might better be transformed into, "In the light of what is already going on in the federal government, is another cyber protection activity needed, and if so, what might it do?"
-
Information Security: Policy, Processes, and Practices
Detmar W. Straub, Seymour Goodman, Richard L. Baskerville , M. E. Sharpe, Inc., April 2008.
-
Identify and Mitigate the Risks of Global IT Outsourcing
S. E. Goodman, Robert Ramer, Editorial Preface, The Journal of Global Information Technology Management (JGITM), Vol. 10, No. 4, October 2007.
-
Toward a Safer and More Secure Cyberspace
Seymour E. Goodman (Committee Chair), and Herbert S. Lin, Alfred Z. Spector, Peter G. Neuman; The National Academy Press - 26 June 2007.
Description: Today, there is an inadequate understanding of what makes IT systems vulnerable to attack, how best to reduce these vulnerabilities, and how to transfer cybersecurity knowledge to actual practice. For these reasons, and in response to both legislative and executive branch interest, the National Research Council established the Committee on Improving Cybersecurity Research in the United States. The committee was charged with developing a strategy for cybersecurity research in the 21st century.
Preface to Report: A large fraction of the American population now spends a great deal of time in cyberspace. We work and shop there. We are educated and entertained there. We socialize with family, friends, and strangers in cyberspace. We are paid and we pay others through this medium. Millions of commercial enterprises, and local, state, and federal government agencies do their business there. It has become a critical infrastructure in its own right, and it is embedded in all other critical infrastructures. We rely on cyberspace to help keep electricity flowing, public transportation running, and many other basic services working at levels that we have come to regard as essential elements of our society. These functions, expectations, and resulting dependencies are with us now, have been growing rapidly, and are expected to continue to grow well into the future.
-
Globalization and Offshoring of Software (2006)
Description: The Association for Computing Machinery's Job Migration Task Force undertook an in-depth study of software off-shoring: its extent and magnitude, perspectives of key countries and companies, globalization of research activities, risks and exposures involved, and counter-balancing steps underway or contemplated in key countries.
-
Protecting Critical Infrastructures Against Cyber-Attack (2003)
Description: Advances in information technologies and their adoption in all sectors of modern life are not problem-free. This study examines the negative impact of those technologies on the central infrastructure systems on which societies depend for the delivery of essential services such as communication, electric power, transportation, and on the information systems that enable governments to function and economic enterprise to flourish. The underlying technologies of networked computer hardware and software are susceptible to massive failure. But unlike physical networks that can be engineered to be robust against natural events, random failures and even local sabotage, information systems are particularly susceptible to malicious acts. Attacks can exploit the connections that are a major virtue and failures in one part can propagate widely. This global character of information system vulnerabilities constitutes severe challenges to both national governments and the private owners of such critical systems. This Adelphi Paper examines the national strategies designed to cope with the emerging societal vulnerabilities and offers appropriate roles for both public and private sectors.
-
Cyber Security: Turning National Solutions into International Cooperation (2003)
Description: This volume looks at the challenges of cyberspace in an interdependent world and at the need for new, cooperative modes of governance to build cyber security. Making networks and critical infrastructure secure requires competent domestic strategies. But it also requires a willingness among governments to take the lead in supporting one another through effective legal structures and agreements such as the Council of Europe Convention on Cybercrime. The authors explore informal and formal bilateral and multilateral approaches to transnational cooperation on cyber security and examine the elements needed for success.
-
Preventing and Responding to Cyber Crime and Terrorism: Some International Dimensions in High Impact Terrorism (2002)
Description: In June 2001 the National Academies and the Russian Academy of Sciences held a bilateral workshop in Moscow on terrorism in a high-technology society and modern methods to prevent and respond to it. The purpose of the workshop was to begin a dialogue on high-impact terrorism that could lead to further U.S.-Russian collaboration. This volume includes papers presented at the workshop by 31 Russian and American experts on various types of high-impact terrorism, including biological and agricultural terrorism, nuclear and electromagnetic terrorism, explosives, chemical, and technological terrorism, and cyber terrorism. The papers also address legal issues, Russian internal affairs, and the future of international cooperation in this area.
-
The Transnational Dimension of Cyber Crime and Terrorism
Judge Abraham Sofaer and Dr. Sy Goodman co-editors (2001)
Description: In December of 1999, more than forty members of government, industry, and academia assembled at the Hoover Institution to discuss attacks by criminals and terrorists on the worldwide information infrastructure, and to explore possible countermeasures. The Transnational Dimension of Cyber Crime and Terrorism summarizes the conference papers and exchanges, addressing pertinent issues in chapters that include a review of the legal initiatives undertaken around the world to combat cyber crime, an exploration of the threat to civil aviation, analysis of the constitutional, legal, economic, and ethical constraints on the use of technology to control cyber crime, a discussion of the ways we can achieve security objectives through international cooperation, and more.
