1 Explorations in Cyber International Relations (ECIR) Multidisciplinary Team Leads: Stuart Madnick (IT Group, School of Management & Engineering Systems.

Slides:

Advertisements

Similar presentations

Philippine Cybercrime Efforts

Advertisements

J. David Tàbara Institute of Environmental Science and Technology Autonomous University of Barcelona Integrated Climate Governance.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference.

Police Leadership Review Horizon Scanning and Interpretation January 2015 Professor Harry Scarbrough.

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

EInfrastructures (Internet and Grids) US Resource Centers Perspective: implementation and execution challenges Alan Blatecky Executive Director SDSC.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Cyber Metrics in the DoD or How Do We Know What We Don’t Know? John S. Bay, Ph.D. Executive Director.

DHS, National Cyber Security Division Overview

MIT-Harvard Conference Cyber International Relations (ECIR)

1 MIT-Harvard Conference Explorations in Cyber International Relations (ECIR) Closing Remarks – Next Steps Nazli Choucri Professor of Political Science.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

Innovation and IS Kieran Mathieson. What is Innovation?  Long definition Successful innovation is the creation and implementation of new processes, products,

1 MIT-Harvard Conference Explorations in Cyber International Relations (ECIR) Introduction to the ECIR Initiative Nazli Choucri Professor of Political.

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Effective dissemination and evaluation

Emergency Management & Homeland Security Interface Samuel Musa National Defense University.

Internal Auditing and Outsourcing

T OWARDS S TANDARDS IN D IGITAL F ORENSICS E DUCATION.

LÊ QU Ố C HUY ID: QLU OUTLINE  What is data mining ?  Major issues in data mining 2.

Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

V. Chandrasekar (CSU), Mike Daniels (NCAR), Sara Graves (UAH), Branko Kerkez (Michigan), Frank Vernon (USCD) Integrating Real-time Data into the EarthCube.

Use of OCAN in Crisis Intervention Webinar October, 2014.

Maureen B. Higgins Assistant Director, Agency Support & Technical Assistance Office of Personnel Management December 8, 2010.

Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.

Designing and implementing of the NQF Tempus Project N° TEMPUS-2008-SE-SMHES ( )

Dimiter Gantchev, Deputy Director, Culture an Creative Industries Sector, WIPO An Intellectual property Based Approach to Surveying the Economic Contribution.

WORKSHOP PERSPECTIVES: NORTH / SOUTH RESEARCH PARTNERSHIPS ICT IN EDUCATION GeSCI’s thematic focus areas and meta-review of ICT in education research Patti.

International Cooperation for Higher Education (ICE) Higher Education Division Education Sector.

Dependability in FP 6 Brian Randell Pisa Workshop, November 2002.

INTERACTIVE ANALYSIS OF COMPUTER CRIMES PRESENTED FOR CS-689 ON 10/12/2000 BY NAGAKALYANA ESKALA.

Daniel Kull Senior Disaster Risk Management Specialist Global Facility for Disaster Reduction and Recovery (GFDRR) World Bank Geneva, 19 November, 2012.

NSF Programs and Possibilities Research Linkages EU-US 23 September 2004 Sylvia Spengler US National Science Foundation.

Internationalisation of Finnish Public Research Organisations Dr. Antti Pelkonen Senior Scientist, VTT Technical Research Centre of Finland

Theme 1: Understanding Science and Innovation Summary December 4, 2008.

Cyber-security policy to encourage CSIRTs activities Yasuhiro KITAURA Ministry of Economy, Trade and Industry, JAPAN.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

CSCE 201 Open Source Information Privacy. CSCE Farkas2 Reading List Recommended reading: – Open Source Intelligence: Private Sector Capabilities.

The Challenging Landscape of Critical Information Infrastructure: Are We Ready? Leonard Bailey Senior Counsel Computer Crime & Intellectual Property Section.

Page 1 Strategic Foresight Initiative Summary Briefing Emergency Management Higher Education Conference June 6, :30 – 11:30 am.

WYE CITY GROUP on Statistics on Rural Development and Agricultural Household Income Naman Keita FAO, Statistics Division Way forward for the Wye City Group:

Marv Adams Chief Information Officer November 29, 2001.

OECD Water Programme Pillar 1, Output 1 “Pricing Water Resources and Water & Sanitation Services” World Water Week Stockholm, August 2008.

David A. Olive General Manager, Fujitsu Limited WITSA Public Policy Chairman WITSA Public Policy Meeting Athens, Greece May 15, 2005 Global Public Policy.

Global Geospatial Information Management (GGIM) A UN-DESA Initiative in collaboration with Cartographic Section, DFS Stefan Schweinfest UNSD.

Social Analysis Workshop on Country Analytical Work June 19, 2001 Anis Ahmad Dani World Bank, Social Development Department.

Government of Nepal Ministry of Education National Center for Educational Development.

1 Far West Teacher Center Network - NYS Teaching Standards: Your Path to Highly Effective Teaching 2013 Far West Teacher Center Network Teaching is the.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.

1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

Developing National Capability for Integrated Border Management (IBM) in Lebanon Project Funded by the European Union Implemented by the International.

1 Office of ASG/CITO Crisis Information Management Strategy UNGIWG-11, Geneva 15 March 2011 A written consent by the UN is required to use the information.

12 th Meeting of the GBIF Participant Nodes Committee 6-7 October 2013, Berlin, Germany Towards a generic work programme for a Node Olaf Bánki Senior Programme.

National Cybersecurity Strategies: Global Trends in Cyberspace Online Paper Presentation 2016 AU Graduate Student Conference September 17 Regner Sabillon,

The vulnerability of economic markets to crime in 2015

Cybersecurity in the ECOWAS region

Gerald Farthing PhD Chair, United Nations Economic Commission for Europe Steering Committee on Education for Sustainable Development.

California Cybersecurity Integration Center (Cal-CSIC)

Narrative Writing Grades 6-12

Veto Players Brintnall- “one enabling factor for the climate of seeming failure was the academic environment of critical evaluation that had focused.

8 Building Blocks of National Cyber Strategies

Threat Trends and Protection Strategies Barbara Laswell, Ph. D

Institutional Developments, CERTS & CyberData, and ECIR Data Dashboard

Promoting Global Cybersecurity

Road Infrastructure for Road Vehicles Automation

Deborah Housen-Couriel, ADV.

Presentation transcript:

1 Explorations in Cyber International Relations (ECIR) Multidisciplinary Team Leads: Stuart Madnick (IT Group, School of Management & Engineering Systems Division, School of Engineering) Nazli Choucri (Political Science) Students: Steven Camiña* (EECS) Jeremy Ferwerda (Political Science) Erik Fogg* (Political Science) Xitong Li (School of Management) Hamid Salim (Systems Design & Management) Fan Wei* (Mathematics) Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT Institutional Developments, CERTS & CyberData, and ECIR Data Dashboard Conference on Cyber International Relations: Emergent Realities of Conflict and Cooperation | October 14, 2010 * Graduated or left project

Empirical Data – Theory Relationship 2 Empirical Data Theory Data suggests: ideas, identifies ‘deviance’, new explorations Data needed: to confirm, explore further, develop, reframe or extend theory especially across domains (“real” and cyber) Does Korea have a lower rate of piracy per computer than the US?.. and Why What countries have increases in Total CERT Reported Incidents per Capita while others are decreasing? … and Why? How are USA Cyber Crime Dollar Loss & Total Cases changing over time? … and Why?

Agenda & Accomplishments Identified Relevant International Institutions and Data Sources, e.g., Computer Emergency Response Teams (CERTs) “Institutional Foundations for Cyber Security: Current Responses and New Challenges” under review by Journal of Information Technology & Politics Developed ECIR Data Dashboard Prototype & Gather Initial Data Sets “Explorations in Cyber International Relations (ECIR) - Data Dashboard Report #1: CERT Data Sources and Prototype Dashboard System”, working paper “Experiences and Challenges with using CERT Data to Analyze International Cyber Security,” Proceedings of the AIS SIGSEC Workshop on Information Security & Privacy (WISP 2009), Phoenix, Arizona, December 2009, pp Identified Illustrative Observations & Discoveries “Security Metrics in Comparative Perspective: Preliminary Observations,” Working Paper Other: “Exploring Terms and Taxonomies Relating to the ‘Cyber Relations’ Research Field,” draft being completed 3

Identified Relevant International Institutions and Data Sources Summary of findings regarding institutional responses: Not-for-Profit institutions designed to focus on cyber threats (CERT/CC, FIRST, and private CERTs). Some have transitioned to private-public partnerships International institutions established to manage interactions among advanced states (OECD) International conferences designed to communicate the potential for information technology to facilitate transitions towards sustainable development (WSIS) Functional international organizations with core missions and competencies that have added additional responsibilities (ITU) National agencies tasked with responding to cyber crime (FBI) Development of binding international legislation (Convention on Cybercrime) Organizations and strategies focused on the defense of military and intelligence networks (CCDOE, CNCI) 4

Identified Relevant International Institutions and Data Sources - Some Conclusions The current institutional landscape resembles a security patchwork that covers critical areas rather than an umbrella that spans all known modes and sources of cyber threat. Each of these institutional responses has different mandates, rules and responsibilities. None have complete regulatory power. There is little evidence of overarching institutional coordination – a certain degree of disconnect, or – a dynamic and shifting response to an emerging threat. Given the multiple contexts and diverse institutional motivations, responses likely will be driven by institutional imperatives and reactions to crisis than by coordinated assessment and proactive response 5

Identified Relevant International Institutions and Data Sources (cont’d) States may not be willing to proceed until international norms are developed; rather they will likely ‘take matters in their own hands’ and develop first order responses. The potential for significant threats is far greater than institutional capabilities to contain these threats. In other words, the ‘demand’ for security far exceeds the provision of effective ‘supply.’ Cross-sector collaboration between public, private, and volunteer organizations may serve as a temporary measure to cover holes in the current network – At some point, effective institutions will be necessary; they may develop in parallel with rising public awareness The development of effective positive incentives may be the key to further developing the institutional domain 6

Identified Relevant International Institutions and Data Sources Although data is fragmented, several applications are possible, e.g., – International data on cyber crime legislation and awareness can be correlated with arrest rates in individual countries -> this method may allow researchers to determine the relative rate of progress in individual nations – Similarly, it can be determined whether the enactment of cybercrime legislation has any noticeable effect on the degree of cybercrime within a country – Private sector statistics can be paired with national CERT data to determine the degree of national vulnerabilities and traffic that each CERT is capable of handling – Many of these possibilities have been investigated as part of the Data Dashboard project. 7

Initial Range of Data Attributes and Sources for Dashboard 8 SOURCES CERTs BSA & IDC Global Software Piracy Study CIA World Factbook Polity IV SIPRI: Stockholm International Peace Research Institute World Development Indicators Database World Bank Governance Indicators Database World Telecommunication/ICT Indicators Database

ECIR Data Dashboard Prototype Web User Interface 9

Some Illustrative Demonstrations & Observations: Malaysia v Brazil 10 Linear scale Logarithmic scale

Malaysia v Brazil: Total CERT Reported Incidents per Capita 11 Some Possible explanations: Data: Initially Malaysia CERT was not capturing incidents effectively * Public Policy: Brazil addressed incidents aggressively; Malaysia was lax * Comment on “perceptions” Some Illustrative Demonstrations & Observations Brazil declining Malaysia increasing Brazil high Malaysia low Almost same How about per Internet Users?

Some Illustrative Demonstrations & Observations Some Possible explanations: Countries with less developed intellectual property laws are now beginning to accurately report losses, or These countries have less mechanisms in place to prevent software privacy. 12 Software Piracy Divergences OECD and Non-OECD Countries

13 Some Illustrative Demonstrations & Observations USA Cyber Crime Dollar Loss Outpacing Total Cases Some Possible explanations: Budget for investigating cyber crime not increased enough over this period Individual criminals increasingly more effective at inflicting monetary damage

Some Illustrative Demonstrations & Observations: Software Piracy Trends 14 Korea has a much lower rate of piracy per computer than the US Germany, initially possessing a much higher ratio, has converged to the US rate China's rate is very high, decreased, then began to increase in 2006 (as well as Malaysia) Korea USA Germany China Malaysia

Some Illustrative Demonstrations & Observations: Trends in Cyber Crime Cases 15 In Korea the number of reported cases and arrests is converging toward a 1:1 ratio. This could mean that fewer reported cases are 'false alarms‘ or That Korean police are increasingly adept at tracking down cybercriminals. or ????

Some Illustrative Demonstrations & Observations: Relative rates of cyber crime cases per internet users 16 Countries tend to have stable, though different, rates of cyber crime cases per # of users Suggesting cultural differences/lack of efficacy in reducing cyber crime through education and prevention

Summary and Future Work Summary – Important to study cyber international relations within & across countries – Data availability, consistency, and interpretability, especially of CERT data, are challenging obstacles for the exploration – But ECIR Data Dashboard and preliminary data gathered have been useful tools & can be used in teaching CyberPolitics in IR Ongoing Work – More global data sources and categories are being identified and incorporated in the Dashboard, addition of provenance information – New Illustrative findings are being explored – Development of a taxonomy of cyber terminology by analyzing the literature using bibliometric analysis techniques – Economic and/or social incentives of improving the reporting and sharing of nation-level data are to be investigated E.g., development of “business model” for the CERTS – Show that some data provides useful insights -> Imagine what more data can do! 17