THESIS STATEMENT AND ANNOTATED BIBLIOGRAPHY
docx
keyboard_arrow_up
School
Liberty University *
*We aren’t endorsed by this school
Course
540
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
8
Uploaded by steezlebot
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
1
R
ESEARCH
P
APER
: T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
Heaven Whiteside
School of Helms School of Government, Liberty University Online
Author Note
Heaven Whiteside
I have no known conflict of interest to disclose. Correspondence concerning this article should be addressed to Heaven Whiteside. Email: hlwhiteside@liberty.edu
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
2
R
ESEARCH
P
APER
: T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
Proposed Topic: Cybersecurity protection and defense should (or should not) be federalized and
monitored by the Department of Homeland Security in order to protect vital privately held national infrastructures such as airlines, electric power hubs, etc.
Proposed Thesis Statement: With the world at an individual’s mere fingertips, and the age of technology, the digital world has made cybersecurity a high necessity. Hacking, online extortion,
data breaches, and more are threatening some of the most vital infrastructures with a simple keystroke. The Department of Homeland Security is needed more than ever to protect these critical infrastructures (airlines, electric power hubs, etc.).
Preliminary Bibliography Boutwell, M. (2019). Exploring Industry Cybersecurity Strategy in Protecting Critical Infrastructure [Dissertation]. https://scholarworks.waldenu.edu/cgi/viewcontent. cgi?
article=9237&context=dissertations
Desolda, G., Ferro, L. S., Marrella, A., Catarci, T., & Costabile, M. F. (2021). Human factors in phishing attacks: a systematic literature review.
ACM Computing Surveys (CSUR)
,
54
(8), 1-35.
Humphreys, B. E. (2019
). Critical infrastructure: emerging trends and policy considerations for congress.
R45809. Congressional Research Service, Washington, DC
.
Mcquaid, P., Britton, B., Minnich, M., Borrelli, D., Baker, J., & Burton, B. (2019). University and Government Unite to Address Homeland Cybersecurity Issues.
Software Quality Professional,
21
(3), 26-32. https://go.openathens.net/redirector/liberty.edu?url= https://www.proquest.com/scholarly-journals/university-government-unite-address-
homeland/docview/2246857272/se-2
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
3
Rehak, D., Senovsky, P., Hromada, M., & Lovecek, T. (2019). Complex approach to assessing resilience of critical infrastructure elements.
International Journal of Critical Infrastructure Protection
,
25
, 125–138. https://doi.org/10.1016/j.ijcip.2019.03.003
U.S. Department of Energy. (2020). U.S. Department of Energy, U.S. Department of Homeland Security, and U.S. Department of Defense Announce Pathfinder Initiative to Protect U.S. Energy Critical Infrastructure.
https://www.energy.gov/articles/us-department-energy-
us-department-homeland-security-and-us-department-defense-announce
Annotated Bibliography
Boutwell, M. (2019)
Boutwell (2019) discusses a study that examined cybersecurity tactics that compliance officers and IT managers employ to lessen cyber threats to vital infrastructure. IT managers and compliance officers from four case organizations in the Pacific Northwest of the United States made up the population. The routine activity theory was used in the study, and data was collected through interviews with IT managers, compliance officers, and paperwork on policy management and cybersecurity. Four main themes emerged from the data triangulation process: the need for an extensive worker training program, the significance of infrastructure resiliency being prioritized, the value of security knowledge, and the backing and investment of organizational leadership. The study identified important tactics that might enhance the cybersecurity procedures employed by IT and compliance specialists, which can lessen the likelihood of successful assaults on vital infrastructure. Positive social change was the result of an investigation and contextual analysis of cybersecurity strategy with situational awareness of IT practices to improve cyber threat mitigation and inform business operations. These
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
4
results bolster effective cybersecurity tactics for safeguarding vital infrastructure. Boutwell (2019) points out that in 2014, a report from the U.S. House Permanent Select Committee on Intelligence stated that advanced threats are capable and motivated to attack critical infrastructure with the objective of creating a significant impact like impairing or preventing the ability to provide essential resources and services such as fuel, water, and electricity.
Desolda, G., Ferro, L. S., Marrella, A., Catarci, T., & Costabile, M. F. (2021)
In digital communication, phishing refers to a fraudulent attempt to obtain sensitive information by masquerading as a reliable entity. This type of cyberattack succeeds largely because users are unaware of their vulnerabilities. Desolda et al. (2021) use this article to paint a bigger picture of significant findings on phishing and the human factors surrounding it. An understanding of how human factors should be considered to defend against phishing attacks is influenced by the analysis of the retrieved publications,
along with the research questions addressed in the systematic literature review. Desolda et al. (2021) also provide several directions research could go for improvements in the future.
Humphreys, B. E. (2019)
In the late 1990s, it became clear that the nation's critical infrastructure (CI) needed to be protected against distorted threats. The need became that much more imperative after the terrorist attacks on September 11, 2001. During the early part of the 20th century, the U.S. Congress established the Department of Homeland Security (DHS)
as a way of identifying, prioritizing, and protecting critical systems and assets that contributed to national security, the economy, and public health. Trying to identify CI
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
5
assets continues to be a highly intricate and resource-intensive task. Many stakeholders advocate for a fundamentally different approach to CI security, arguing that criticality must be understood as a way to ensure that American society, economy, and government are resilient against natural and manmade threats. With the passing of the Cybersecurity and Infrastructure Security Agency (CISA) Act of 2018, resilience has been elevated to the top of the political agenda. Furthermore, Congress might modify existing asset identification and reporting requirements, narrow the scope of federal CI policy, assess the advantages and disadvantages of new risk management methods, transfer infrastructure security functions to or from DHS, enforce compliance with security standards, and evaluate the effectiveness of existing public-private partnerships.
McQuaid, P., Britton, B., Minnich, M., Borrelli, D., Baker, J., & Burton, B. (2019)
The California Cybersecurity Institute (CCI), a multi-agency project aimed at safeguarding California through improved cybercrime forensics and statewide tactical response training, was established by California Polytechnic State University (Cal Poly), in collaboration with the California National Guard and other government agencies. In order to better safeguard its inhabitants, the institution provides job opportunities for local law enforcement, military personnel, government cybersecurity technical leaders, higher education, and university students. A component of this endeavor is the California Cyber Training Complex (CCTC), a complex of three buildings totaling 120,000 square feet located at the National Guard facility in Camp San Luis Obispo, California. The CCI seeks to create an immersive research and learning environment while educating the present and next cyber workforce. The curriculum provides a framework for innovative cyber security utilizing advanced coursework and fundamental and practical
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
6
investigations into more recent problems and technological obstacles. Professionals must rethink their approaches, support colleagues in fields other than computer science, and build partnerships with businesses, universities, and governmental organizations in order to meet the difficulties posed by cybersecurity.
Rehak, D., Senovsky, P., Hromada, M., & Lovecek, T. (2019)
The reliability of critical infrastructure services and commodities depends on the resilience of its elements. Resilience is a quality that has the ability to reduce the vulnerability of a particular element. It can effectively absorb the effects of disruptive events and enhance the "element's ability to respond and recover." Additionally, it can facilitate adaptation in the event of disruptions similar to those encountered in the past. Resilience assessment plays a critical role in securing the security and dependability of these elements and the system in its entirety. The Critical Infrastructure Elements Resilience Assessment (CIERA) methodology definitively assesses the resilience of critical infrastructure elements through advanced statistical analysis. It assesses their strength, ability to recover functionality after a disruptive incident, and adaptability to past occurrences. This particular method is designed to identify any potential weak points
within a critical infrastructure system and provide recommendations for improving the system's resilience. It thoroughly assesses each individual element within the system to ensure that any vulnerabilities are identified and addressed. While it is a comprehensive evaluation, it cannot directly compare different elements within the operator's infrastructure. Nonetheless, the method is an essential tool for ensuring the robustness and reliability of critical infrastructure systems. The control room case study of a power
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
7
distribution company strongly indicates significant weaknesses in organizational resilience, risk management policies, and disruptive event scenario specifications.
U.S. Department of Energy. (2020)
The Energy Sector Pathfinder initiative has been successfully launched with the collaborative efforts of the U.S. Department of Energy (DOE), Department of Homeland Security (DHS), and the U.S. Department of Defense (DoD), reflecting their unwavering confidence in this new venture. This initiative aims to make it easier to share information,
improve training and education on risks to the system, and work together to prepare and respond to cybersecurity threats. The Pathfinder program is a comprehensive and coordinated initiative that builds upon the previous Pathfinder initiatives across the government and private sectors. It is specifically aimed at addressing the technologies, challenges, and security dangers faced by a specific critical infrastructure sector. The Pathfinder program is an essential tool to safeguard the critical infrastructure sector against emerging threats and to ensure its continuous and secure operations. Through the Energy Sector Pathfinder, the federal government will explore challenges related to energy-critical infrastructure, as well as strengthen interagency collaboration in order to prevent and respond to cyber threats as they evolve. The Department of Defense is taking
decisive action by working closely with partner agencies to guarantee the safety and security of critical energy infrastructure across the United States. In addition to encouraging collaboration on response playbooks and stress-testing exercises, the Energy
Sector Pathfinder program will also drive the development of capability. In its Cyber Strategy, the Department of Defense strives to protect U.S. critical infrastructure from malicious foreign cyber activity.
T
HESIS
S
TATEMENT
AND
A
NNOTATED
B
IBLIOGRAPHY
8
A federalized cybersecurity system should be in place and monitored by the Department of Homeland Security (DHS) to ensure the safety of critical national infrastructure held by private firms, such as airlines and power plants. The study that Boutwell (2019) examines will let
the reader better understand the importance of having a more federalized approach to cybersecurity protection and define what vital privately held national infrastructures are. In the article, the author reveals critical flaws in the current defense methods and suggests improvements to ensure standardized training and eliminate infiltration with the help of DHS monitoring. Desolda et al. (2021) will further help in expressing the dangers of cyberattacks and how easy it can be to fall victim to a cyberattack despite having a basic understanding of cybersecurity. This will help solidify the fact that protection is needed by more than just an average IT. Desolda et al. (2021) article highlights directions for future improvements in research. Humphreys (2019) discusses the establishment and tasks behind DHS and why it was created and is so important to the United States' protection. McQuaid et al. (2019) provide research on a government infrastructure that is working well and gives a glimpse of what promise could be if cybersecurity protection and defense were federalized. Rehak et al. (2019) discuss the vulnerability of critical infrastructures and how they are only as reliable as the resilience of their elements. This article discusses how to assess an infrastructure's resilience. It goes into grave detail about potential weak points and more. This article can help the reader better understand the concerns surrounding protecting these infrastructures. The U.S. Department
of Energy (2020) discusses an initiative that has been a success with the DOE, DHS, and DoD. A
key goal of this initiative is to improve information sharing, training, and education, and prepare and respond to cybersecurity threats as a team. The writer of this annotated summary will benefit
from each of these sources, along with other sources, in advancing her research.