Cybersecurity and Privacy in Government

Permanent URI for this collection


Recent Submissions

Now showing 1 - 5 of 5
  • Item
    The Dark Blue CyberPatriot Training Tool
    ( 2022-01-04) Semian, Scott ; Harrison, Keith
    The Dark Blue CyberPatriot Training Tool was developed to help better prepare teams for the CyberPatriot competition, which aims to introduce middle school and high school students to the field of cybersecurity. Dark Blue allows coaches to create a configuration file for a practice image, with a generator component that will take the file and attempt to create as much of the configuration as possible automatically on a blank virtual machine image. To simulate the competition round, Dark Blue also includes a custom built scoring engine that is configured by the generator. We believe Dark Blue improves ease of use significantly over other training tools, and could help teams create better practice images with less effort and knowledge required. It also allows teams to create and share practice images freely with other teams, which we believe could have a lasting positive impact on the competition as a whole. Dark Blue is to be released as free and open-source software in the near future.
  • Item
    Out with the Old, In with the New: Examining National Cybersecurity Strategy Changes over Time
    ( 2022-01-04) Cram, W. Alec ; Yuan, Jonathan
    The development and implementation of a national cybersecurity strategy (NCS) is becoming increasingly common for countries around the world that seek to define an approach for addressing their cybersecurity risks. Although past research has sought to classify the individual characteristics contained within an NCS, it remains unclear how the core content within a strategy evolves over time in the face of new cyber threats and fluctuating priorities. By better understanding such changes (and their underlying drivers), policy makers can be increasingly attuned to essential NCS updates and citizens can more readily evaluate the adequacy of their country’s plans. This study examines multiple NCS versions in Canada, the United Kingdom, and Australia using a qualitative, content analysis approach. Our results point to four core themes that characterize NCS stability and change over time. Based on our observations, we articulate several theoretical propositions and outline a plan for future research.
  • Item
    Method to Identify High Value Assets for Small Government Agencies and Small to Mid-sized Organizations
    ( 2022-01-04) Sjelin, Natalie ; Dietrich, Glenn
    In today’s increasingly connected world, it is more important than ever to ensure an organization’s information and information systems are protected from cyber threats. Every organization has critical information and technology assets that are essential to their business operations and require enhanced security. Organizational resources that can be dedicated to cybersecurity are finite; therefore, those resources should be applied deliberately and strategically focusing on the most important assets. While large cities, states and corporations, with robust IT capabilities, may be able to align their processes with federally mandated directives to identify those critical assets also deemed high value assets, the smaller government agencies and small to mid-sized organizations require a scalable and flexible process based on their individual requirements. This paper will describe a method for identifying high value assets that can be integrated into an organization’s or agency’s cybersecurity program.
  • Item
    Is a Significant Demographic Left Out of the Equation? An Overview of Possible Inequitable Access to Cybersecurity Educational Programs in the United States
    ( 2022-01-04) Jacob, Johanna ; White, Greg
    Cybersecurity skills shortage has reached widespread proportions. The common consensus in the community is there is a lack of an established pathway early on in K-12 education that would help students gain an interest in Cybersecurity and related careers. Recent studies and national surveys indicate that most students are not well-informed about the educational and career requirements in the field. Though some cybersecurity education is offered in K-12 across the United States through various means such as camps, clubs, competitions and as standalone coursework, there is an uneven access for students to engage in these activities. Middle and high school student populations include teachers and educators who are part of smaller and lower income school districts which are often less exposed to initiatives related to Cybersecurity. We present a preliminary analysis of the possible inequitable access to Cybersecurity education and propose a survey-based methodology to further this project.
  • Item
    Introduction to the Minitrack on Cybersecurity and Privacy in Government
    ( 2022-01-04) White, Greg ; Harrison, Keith ; Conklin, Wm. Arthur