Cybersecurity and Privacy in Government
Permanent URI for this collectionhttps://hdl.handle.net/10125/112458
Browse
Recent Submissions
Item type: Item , Bridging the Gap: A Systematic Review of Cyber Conflict Forecasting Models and the Case for AI-Driven Dynamic Frameworks(2026-01-06) Arfaoui, Salim; Harrath, Youssef; El-Gayar, OmarCyber conflict forecasting remains constrained by static models that overlook the integration of geopolitical context with technical indicators. This systematic literature review examines 58 studies (2010–2025) using PRISMA guidelines and an Input-Process-Output framework to classify approaches and identify key gaps. Quantitative methods dominate (67%), yet only 14% incorporate geopolitical variables, despite the political nature of cyber conflict. Major limitations include adversarial adaptation blindness (85% assume static behavior), coarse temporal granularity (72% use daily+ intervals), lack of uncertainty quantification (75%), and minimal modeling of cross-domain escalation (92% cyber-only focus). Strategic forecasting is rare, with just 14% providing long-term insights and 16% offering decision support. In response, we propose eight design principles for AI-driven frameworks, emphasizing multimodal integration, adaptive threat modeling, fine-grained temporal analysis, and human-AI collaboration. This work lays the groundwork for dynamic forecasting systems that better support proactive cyber defense strategy and national security planning.Item type: Item , IT Attacks, OT Panic: Mischaracterizations of Cyberattacks on Critical Infrastructure in Public Discourse(2026-01-06) Ramezan, Christopher; Frist, Ian; Schaupp, Ludwig; Lemons, JaredRecent high-profile cyberattacks have raised concerns about the security of operational technology (OT) in critical infrastructure. However, many incidents attributed to compromised OT were actually attacks on traditional information technology (IT) systems. This mischaracterization distorts public perception of cyber threats and can lead to uninformed policy responses. Through case studies on Colonial Pipeline, Saudi Aramco, and Norsk Hydro, this paper examines how incidents that primarily affected IT systems can be easily mischaracterized as attacks on OT environments, exaggerating the threat to physical infrastructure. Our analysis found substantial mischaracterization of all three cases in public discourse, despite forensic evidence showing that disruptions stemmed from IT compromises rather than direct OT breaches. These misattributions have practical consequences for digital government, influencing how agencies allocate funds, coordinate responses, and build resilience. This work advocates for clearer distinctions between IT and OT, improved reporting standards, and stronger collaboration among experts, media, and government institutions.Item type: Item , When Information Systems Fail: Financial Consequences of the Global CrowdStrike IT Crash for Users and Software Providers(2026-01-06) Grebe, Leonard; Martin, Pascal; Schiereck, DirkThe accelerating digitalization of industries has increased systemic exposure to IT disruptions. This study analyzes the financial effects of the CrowdStrike software outage, which caused widespread operational failures, particularly in the aviation industry. Using an event study approach, we examine abnormal returns for affected firms and the software provider, indicating who has to carry the financial consequences. The results show significant short-term losses for aviation firms and a persistent decline of over 18 percent in the provider's market value. Despite no malicious intent, markets reassigned responsibility toward the software provider. These findings suggest a shift in investor expectations regarding digital resilience. The study introduces the concept of a digital black swan to describe high-impact, non-malicious IT failures. Our findings extend information systems research with corporate risk management for digital infrastructure. As digital technology becomes more system relevant in business models, understanding and managing such risks becomes increasingly vital.Item type: Item , Insiders Take Longer, Retail Hits Harder: Organizational Predictors of Data Breach Outcomes(2026-01-06) Jia, Shizhen Jasper; Pan, Tianyu Bell; Shan, GuohouThis study examines the factors that influence the scale and timeliness of data breaches in an era of escalating digital threats, where the average breach cost reached $4.88 million in 2024. Analyzing 19,255 incidents from the Privacy Rights Clearinghouse using regression models, the findings reveal that insider-led breaches result in a reporting lag of approximately 79 days longer than external breaches, although affecting fewer records. Additionally, organizations in the healthcare, government, and education sectors experience breaches that are over 100% larger in scale than those in other sectors. The analysis also demonstrates that data sensitivity has a significant impact on breach severity and disclosure dynamics. These insights offer valuable contributions to crisis communication theories, inform policymakers in developing nuanced data breach laws, and equip organizational leaders to tailor incident response strategies effectively.Item type: Item , Ponderarium, a Place for Cyber Physical System Conformity Assessment(2026-01-06) Nguyen, Guillaume; Sacré, Antoine; Simonofski, Anthony; Devroey, XavierNowadays, complex Cyber-Physical Systems (CPSs) are commonly exchanged (found or available) on the market. However, this complexity does not allow citizens or consumers to properly understand the quality, security, and safety of these products. When considering CPS, such as Advanced Driver Assistance Systems (ADAS), autopilots on aircraft, or in vitro medical devices, consumers rely on local regulations, international standards, or even simply their presence on the market to buy, use, and trust these products. Still, when examining regulations and directives provided by the European Union (EU) and other governments, only the documentation, not the product, needs to be assessed for compliance. Of course, manufacturers are also interested in knowing if their products satisfy their own set of requirements before putting them on the market. In this paper, we discuss the need for a Conformity Assessment tool, Ponderarium, that enables interested parties to assess the quality, security, and safety of CPSs based on static resources. Then, we devise a methodology, we create a first version of Ponderarium supporting the methodology and we validate it using open-source software for a medical device. The purpose of Ponderarium is to enable interested parties to assess the conformity of a CPS from related static resources (such as computer code or network frames) with respect to a specific set of requirements extracted from natural language legal texts. This paper provides a foundation for future research to automatically assess the legal conformity of CPSs.Item type: Item , Cybersecurity for Essential Services: Towards a Value-Based Approach(2026-01-06) Nasi, Greta; Cucciniello, Maria; Christensen, Robert; Abbatemarco, Nico; Burston, BenedettaThis paper argues that current cybersecurity theories are inadequate for protecting essential services. Existing approaches emphasize asset protection and infrastructure resilience, often overlooking the societal value of services and the complex, interdependent systems that sustain them. Rooted in computer security traditions, these models rarely account for the broader political, economic, and social consequences of service disruptions. We propose a value-informed theory of cybersecurity that centers on the services delivered, the users affected, and the dynamic relationships among actors. Based on interdisciplinary insights and real-world cases, we identify critical limitations in prevailing frameworks. We outline three key propositions: (1) cybersecurity should reflect the interests of all stakeholders in service provision; (2) it must assess value loss across societal, organizational, and individual levels; and (3) it should capture the interdependencies that shape service delivery ecosystems. This approach shifts the focus from protecting assets to sustaining essential services and the public value they create.Item type: Item , Introduction to the Minitrack on Cybersecurity and Privacy in Government(2026-01-06) Harrison, Keith; Menard, Philip; Nasi, Greta