Cybersecurity and Privacy in Government

Permanent URI for this collection


Recent Submissions

Now showing 1 - 5 of 5
  • Item
    Simulating Municipal Cybersecurity Incidents: Recommendations from Expert Interviews
    ( 2021-01-05) Gedris, Kira ; Bowman, Kayla ; Neupane, Aatish ; Hughes, Amanda ; Bonsignore, Elizabeth ; West, Ryan ; Balzotti, Jon ; Hansen, Derek
    As cyberattacks on city and public infrastructures become increasingly common and harmful, it is critical that we train the professional workforce to prepare and respond appropriately. This paper supports the development of educational simulations and related experiential learning exercises that help prepare city and public infrastructure personnel to effectively respond to cybersecurity attacks. Specifically, it synthesizes the findings from 8 expert interviews including 12 cybersecurity experts from federal, state, city organizations, as well as academics with relevant expertise. We organize the findings into key learning outcomes, scenarios, roles, and issues that simulation designers should consider. The result paints a vivid picture of the complex socio-technical context of city and public infrastructure attacks and responses and the most salient skills needed to respond to them.
  • Item
    Regulatory and Security Standard Compliance Throughout the Software Development Lifecycle
    ( 2021-01-05) Kempe, Evelyn ; Massey, Aaron
    Our systematic literature review aims to survey research on regulatory and security standard requirements as addressed throughout the Software Development Lifecycle. Also, to characterize current research concerns and identify specific remaining challenges to address regulatory and security standard requirements throughout the SDLC. To this end, we conducted a systematic literature review (SLR) of conference proceedings and academic journals motivated by five areas of concern: 1. SDLC & Regulatory Requirement 2. Risk Assessment and Compliance requirements 3. Technical Debt 4. Decision Making Process throughout the SDLC 5. Metric and Measurements of found Software Vulnerability. The initial search produced 100 papers, and our review process narrowed this total to 20 articles to address our three research questions. Our findings suggest that academic software engineering research directly connecting regulatory and security standard requirements to later stages of the SDLC is rare despite the importance of compliance for ensuring societally acceptable engineering.
  • Item
    Enhancing Cybersecurity Capability in Local Governments through Competency-Based Education
    ( 2021-01-05) Pike, Ron
    Local government agencies face significant challenges related to cybersecurity. Advances in cybersecurity threats have been part of the difficulty, but government agencies, particularly communities, also face unique challenges given their broad mandates and challenges. This is particularly true in large metropolitan areas where activities cross many local and county jurisdictions yet require a coordinated and collaborative response. Local jurisdictions face differing cybersecurity challenges related to local issues such as criminal activity, population, and the mix of land use as well as external considerations such as ports, airports and international borders requiring enhanced coordination with state and federal authorities. Rapid ongoing changes in technology also provide a relentless pattern of change which must be managed. These widely differing challenges, along with resource constraints, lead neighboring communities to possess widely varying cybersecurity capabilities. This research project is an effort to speed the process of training and developing talent to meet these challenges.
  • Item
    COVID-19: Privacy and Confidentiality Issues with Contact Tracing Apps
    ( 2021-01-05) Bhattacharya, Debasis ; Ramos, Leslie
    Contact tracing has been a main topic of conversation in the COVID-19 pandemic. While implementation of app-based contact tracing can be beneficial, it raises concerns of privacy and confidentiality. To better understand how these issues were addressed, a qualitative study was conducted which analyzes the current status of contact tracing apps from Iceland, Italy, Germany, India, Singapore, Japan, and 4 states within the United States. The comparisons made amongst the contact tracing apps will be surveyed across numerous criteria. The results show contact tracing apps are able to assist in the COVID-19 caseloads by determining self-isolation periods. Future developments can change these apps into a tool for returning to normalcy that may require more user information disclosure, but limited protections of privacy and confidentiality issues have not been addressed at a worldwide level
  • Item
    Introduction to the Minitrack on Cybersecurity and Privacy in Government
    ( 2021-01-05) White, Greg ; Conklin, Wm. Arthur ; Harrison, Keith