Barbara Endicott-popovsky - Academia.edu (original) (raw)

Papers by Barbara Endicott-popovsky

a faculty member in the School of Business at the British Columbia Institute of Technology in Van... more a faculty member in the School of Business at the British Columbia Institute of Technology in Vancouver, B.C., Canada. BCIT has over 50,000 full and part time students and is the second largest post-secondary institute in the province of British Columbia Kevin has his Ph.D. in economics from Simon Fraser University where his fields of specialization were mathematical economics, industrial organization, law and economics, and environmental economics. He is co-author of the book, Fundamental Methods in Mathematical Economics, the most widely adopted text in North American universities in the field of mathematical economics. Kevin is the BCIT Program Head for the Bachelor of Business Administration program and the director of the SITE Centre of Excellence, the research branch of the BCIT School of Business. He is the faculty sponsor for both the Reservist Re-Entry Program and SIFE BCIT From 2000 to 2005 he served as president of the BCIT Faculty and Staff Association. In May of 2010 Kevin was appointed to the Board of Governors for BCIT Kevin's professional and academic focus has been in Environmental Economics and the Economics of Education. Recent work includes: the economic impact of BCIT on the provincial economy, an analysis of intellectual property policies in Canadian universities and colleges, and forecasting models predicting student success in business schools, and a study of the impact of carbon taxes on regional airports and airlines. He has extensive teaching experience at BCIT and at other universities and colleges. Kevin has taught at the diploma level within the Institute's business, broadcast and engineering programs, and at the bachelor's degree level both at BCIT and at Simon Fraser University. At SFU Kevin supervises both master's and PhD thesis students, and taught economic theory and policy in the Masters of Public Policy program.

Software Assurance (SwA) is about achieving a level of confidence that the software in question i... more Software Assurance (SwA) is about achieving a level of confidence that the software in question is free from vulnerabilities and that it functions as intended. SwA requires software developers to have competency in both the software assurance life cycle and threat risk management that they acquire the requisite knowledge (K), practitioner skills (S), and abilities (A), i.e. KSA; however, beginning-level programmers typically learn fundamental object-orientation concepts and programming skills without understanding SwA throughout their introductory programming courses. For this purpose, we have infused a threat modeling methodology, Microsoft Threat Modeling, into beginning level programming courses that answer the following questions: 1) can we infuse the threat modeling into existing laboratory teaching modules without having to make any significant changes to those modules? 2) If we need to change existing laboratory teaching modules, what changes should we make? 3) What approaches can we propose to the existing curriculum in order for the students equip with the KSAs for SwA? We first assessed whether threat modeling could be infused into existing programming assignment modules without needing any significant changes to those modules. Based upon this analysis, we reengineered a programming assignment for an introductory programming course to demonstrate how threat modeling can be infused into these modules in order to convey to students knowledge of threat modeling, equip them with the skills specific to the threat modeling methodology, and develop their abilities to mitigate software vulnerabilities by using a threat modeling toolkit. Based upon empirical results, we provide suggestions for others who are interested in infusing one KSA for SwA, threat modeling, into their beginning level programming courses.

17th Conference on Software Engineering Education and Training, 2004. Proceedings., 2004

Disciplines such as Software Engineering are expanding rapidly, and both the new knowledge gained... more Disciplines such as Software Engineering are expanding rapidly, and both the new knowledge gained as the discipline matures and the need to prepare students for changing environments make it important for departments to find a balance between evolving curriculum to match ...

In this paper, the authors propose a modification of CERT's 3 R model to include a 4 th R, th... more In this paper, the authors propose a modification of CERT's 3 R model to include a 4 th R, the discipline of Redress, identified as a necessary step to end the hacker arms race. Redress will require implementation of computer forensic investigation methods, tools and techniques that will permit evidence gathered to be admissible in a court of law, a standard not often understood or followed by many who are responsible for securing networks today. This leads the authors to conclude that there is a need for future work that will involve re-examination of the mechanisms and procedures used to collect evidence of network intrusions in order to ensure that the Rules of Evidence requirements are considered.

2011 IEEE Conference on Visual Analytics Science and Technology (VAST), 2011

Abstract The researchers explore the intersections between Information Assurance and Risk using v... more Abstract The researchers explore the intersections between Information Assurance and Risk using visual analysis of text mining operations. The methodological approach involves searching for and extracting for analysis those abstracts and keywords groupings that ...

Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibli... more Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografie; detailed bibliographic data are available in the Internet at http://dnb.d-nb.de. License This work is licensed under a Creative Commons Attribution 3.0 Unported license: CC-BY. In brief, this license authorizes each and everybody to share (to copy, distribute and transmit) the work under the following conditions, without impairing or restricting the authors' moral rights: Attribution: The work must be attributed to its authors. The copyright is retained by the corresponding authors. Digital Object Identifier: 10.4230/DagRep.4.2.i Aims and Scope The periodical Dagstuhl Reports documents the program and the results of Dagstuhl Seminars and Dagstuhl Perspectives Workshops. In principal, for each Dagstuhl Seminar or Dagstuhl Perspectives Workshop a report is published that contains the following: an executive summary of the seminar program and the fundamental results, an overview of the talks given during the seminar (summarized as talk abstracts), and summaries from working groups (if applicable). This basic framework can be extended by suitable contributions that are related to the program of the seminar, e.g. summaries from panel discussions or open problem sessions.

The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary d... more The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic readiness. A large gap exists between the state-of-the-art in IT security and best-practice procedures for digital evidence. Experts from IT and law used this seminar to develop a common view on what exactly can be considered secure and admissible digital evidence. In addition to sessions with all participants, a separation of participants for discussing was arranged. The outcome of these working sessions was used in the general discussion to work on a common understanding of the topic. The results of the seminar will lead to new technological developments as well as to new legal views to this points and to a change of organizational measures using ICT. Finally, various open issues and research topics have been identified. In addition to this report, ope...

The demand for cybersecurity professionals continues to significantly outpace the supply with a p... more The demand for cybersecurity professionals continues to significantly outpace the supply with a projected worldwide shortage of two million by 2017. At the same time, there are large numbers of transitioning military personnel that have important technical skills that could be coalesced into addressing this demand. This paper examines the development and proposed deployment of a project to do just this: Cybersecurity Rapid Education Apprenticeship Training to Employment System (CREATES). Challenges and benefits are discussed.

UW CIAC’s inter-collegiate research team has extended the World of Work Inventory (WOWI) to four ... more UW CIAC’s inter-collegiate research team has extended the World of Work Inventory (WOWI) to four specific job roles that incorporate penetration testing: Cybersecurity Defense Analyst, Cybersecurity Defense Infrastructure Responder, Cybersecurity Incident Responder, and Vulnerability Assessment Analyst. Identification of these statistically validated profiles can support methodologically based recruitment of high prospective candidates from diverse backgrounds and can inform career guidance protocols for these roles. The WOWI is a statistically validated multi-dimensional career assessment tool. Training data is gathered from a sample of people currently working in the roles, and the instrument identifies profiles for predicting successful candidates across aptitude, personality types, and interests. For this research, we selected the four roles that utilize the task of penetration testing within the category Protect and Defend, in the NIST NICE 800-818 Cybersecurity Workforce Frame...

ABS TRACT The same vulnerabilities continue to appear in code, over and over again, yet many educ... more ABS TRACT The same vulnerabilities continue to appear in code, over and over again, yet many educational institutions continue to teach programming as they always have. Some high-tech companies have found it necessary to establish ongoing security training for their developers to make up for the absence of college-level, secure coding curriculum. Recently, the thread model, which integrates security concepts into existing Computer and Information Science curricula, has been recognized as effective, while not impacting resourcelimited institutions with a complete curriculum change. Using the thread approach, we developed curricula inserts that include a programming assignment using a threat modeling tool, a design assignment applying a secure software development life cycle, a study comparing nonsecure with secure code, and a re-documentation technique that produces secure code from non-secure programs. We introduced these curriculum assets during a secure coding workshop for instruc...

The lack of talent in the field of cybersecurity is keenly felt across all sectors of the economy... more The lack of talent in the field of cybersecurity is keenly felt across all sectors of the economy - industry, government, military, academia [1]. While cybersecurity education has been a national priority, there still are thousands of cybersecurity jobs going unfilled and the gap will take a long time to close [1]. Of further concern, the authors have gathered anecdotal evidence that employers in both government and industry consider many recent cybersecurity graduates woefully unprepared for the realities of the workplace, taking too long to become effective. This paper describes one university's approach to address both the supply and preparedness problems, beginning with the application of the theory of pedagogical systems and methodology from sport and physical culture science and pedagogy to introducing the first iteration of a cooperative learning model - inspired by this theoretical base and experience with its application - designed specifically to develop and graduate ‘...

Smart metering has emerged as the next-generation of energy distribution, consumption, and monito... more Smart metering has emerged as the next-generation of energy distribution, consumption, and monitoring systems via the convergence of power engineering and information and communication technology (ICT) integration otherwise known as smart grid systems. While the innovation is advancing the future power generation, distribution, consumption monitoring and information delivery, the success of the platform is positively correlated to the thriving integration of technologies upon which the system is built. Nonetheless, the rising trend of cybersecurity attacks on cyber infrastructure and its dependent systems coupled with the system’s inherent vulnerabilities present a source of concern not only to the vendors but also the consumers. These security concerns need to be addressed in order to increase consumer confidence so as to ensure greatest adoption and success of smart metering. In this paper, we present a functional communication architecture of the smart metering system. Following ...

The purpose of this research is to propose architecture-driven, penetration testing equipped with... more The purpose of this research is to propose architecture-driven, penetration testing equipped with a software reverse and forward engineering process. Although the importance of architectural risk analysis has been emphasized in software security, no methodology is shown to answer how to discover the architecture and abuse cases of a given insecure legacy system and how to modernize it to a secure target system. For this purpose, we propose an architecture-driven penetration testing methodology: 4+1 architectural views of the given insecure legacy system, documented to discover program paths for vulnerabilities through a reverse engineering process. Then, vulnerabilities are identified by using the discovered architecture abuse cases and countermeasures are proposed on identified vulnerabilities. As a case study, a telecommunication company's Identity Access Management (IAM) system is used for discovering its software architecture, identifying the vulnerabilities of its architect...

Augmented Cognition

Research into situated and embodied cognition and related investigations have suggested that “cog... more Research into situated and embodied cognition and related investigations have suggested that “cognition” takes place not only in the human brain, but also in externalities such as the environment (situated cognition) and the body (embodied and morphological computing). This article explores two propositions and their implications for “augmented cognition” resulting from these expanded, systemic views of cognition.

Cybersecurity is changing rapidly as strategies based on secrets are losing traction on the massi... more Cybersecurity is changing rapidly as strategies based on secrets are losing traction on the massively interconnected and distributed Internet. This article explores emerging roles for education of cybersecurity professionals and cyber citizens and other new approaches to enhancing security. The article suggests 13 sources of insecurity that prompt new security perspectives, and how each offers an invitation to improve cybersecurity education and operations.

At least weekly we hear about significant data breaches or cyberattacks that threaten the financi... more At least weekly we hear about significant data breaches or cyberattacks that threaten the financial health and privacy of millions of online users, or about attacks by nation states or terrorist groups with a political or propagandistic agenda. How did we get here? How did our online interconnectedness that has created so many benefits, resulted in so many challenges? We’re living through digital transformation that’s challenging how we think about the world. We are clinging to mental models from the physical world and the industrial age that no longer work. What we need are new mental models and a recognition that technology alone does not fix the problem. It’s the humans in the system that require rules for operating online that need to be vigorously addressed. Here is a case for new hybrid architectures that combine both the rules and tools for operating online. Some way to institute neighborhood watch with compensating controls that bridge the gap between humans and current tech...

Applications for Investigation Processes, 2013

This chapter focuses on a theoretical approach to proactive evidence collection and presents a co... more This chapter focuses on a theoretical approach to proactive evidence collection and presents a conceptual approach for the Cloud. Forensic Readiness in the Cloud (FRC) calls upon technological and organizational strategies to address the risks that threaten organizational information. The two professions of Records Management (RM) and Digital Forensics (DF) can offer insights into how this might be achieved. In this chapter, the authors seek to explore the relationship between the two disciplines and the areas where collaboration and interdisciplinary work would be most beneficial. An initial overview of RM and its relationship to the wider field of Information Assurance (IA) precedes a more in depth comparison of the two related disciplines, using a model that integrates RM and DF. This is offered as a conceptual framework for making decisions about how to identify and manage the increasing quantities of evidence collected on networks. Organizational Network Forensic Readiness (NFR) has emerged as a method for supporting collection of digital evidence from networks using suggested checklists, procedures, and tools. This chapter elaborates upon a previously documented life cycle methodology for 'operationalizing' organizational NFR and integrates this with best practice from RM in FRC. FRC provides a conceptual approach to proactive evidence collection and identifies the phases at which RM approaches and processes might be most effectively employed in the Cloud.

a faculty member in the School of Business at the British Columbia Institute of Technology in Van... more a faculty member in the School of Business at the British Columbia Institute of Technology in Vancouver, B.C., Canada. BCIT has over 50,000 full and part time students and is the second largest post-secondary institute in the province of British Columbia Kevin has his Ph.D. in economics from Simon Fraser University where his fields of specialization were mathematical economics, industrial organization, law and economics, and environmental economics. He is co-author of the book, Fundamental Methods in Mathematical Economics, the most widely adopted text in North American universities in the field of mathematical economics. Kevin is the BCIT Program Head for the Bachelor of Business Administration program and the director of the SITE Centre of Excellence, the research branch of the BCIT School of Business. He is the faculty sponsor for both the Reservist Re-Entry Program and SIFE BCIT From 2000 to 2005 he served as president of the BCIT Faculty and Staff Association. In May of 2010 Kevin was appointed to the Board of Governors for BCIT Kevin's professional and academic focus has been in Environmental Economics and the Economics of Education. Recent work includes: the economic impact of BCIT on the provincial economy, an analysis of intellectual property policies in Canadian universities and colleges, and forecasting models predicting student success in business schools, and a study of the impact of carbon taxes on regional airports and airlines. He has extensive teaching experience at BCIT and at other universities and colleges. Kevin has taught at the diploma level within the Institute's business, broadcast and engineering programs, and at the bachelor's degree level both at BCIT and at Simon Fraser University. At SFU Kevin supervises both master's and PhD thesis students, and taught economic theory and policy in the Masters of Public Policy program.

Software Assurance (SwA) is about achieving a level of confidence that the software in question i... more Software Assurance (SwA) is about achieving a level of confidence that the software in question is free from vulnerabilities and that it functions as intended. SwA requires software developers to have competency in both the software assurance life cycle and threat risk management that they acquire the requisite knowledge (K), practitioner skills (S), and abilities (A), i.e. KSA; however, beginning-level programmers typically learn fundamental object-orientation concepts and programming skills without understanding SwA throughout their introductory programming courses. For this purpose, we have infused a threat modeling methodology, Microsoft Threat Modeling, into beginning level programming courses that answer the following questions: 1) can we infuse the threat modeling into existing laboratory teaching modules without having to make any significant changes to those modules? 2) If we need to change existing laboratory teaching modules, what changes should we make? 3) What approaches can we propose to the existing curriculum in order for the students equip with the KSAs for SwA? We first assessed whether threat modeling could be infused into existing programming assignment modules without needing any significant changes to those modules. Based upon this analysis, we reengineered a programming assignment for an introductory programming course to demonstrate how threat modeling can be infused into these modules in order to convey to students knowledge of threat modeling, equip them with the skills specific to the threat modeling methodology, and develop their abilities to mitigate software vulnerabilities by using a threat modeling toolkit. Based upon empirical results, we provide suggestions for others who are interested in infusing one KSA for SwA, threat modeling, into their beginning level programming courses.

17th Conference on Software Engineering Education and Training, 2004. Proceedings., 2004

Disciplines such as Software Engineering are expanding rapidly, and both the new knowledge gained... more Disciplines such as Software Engineering are expanding rapidly, and both the new knowledge gained as the discipline matures and the need to prepare students for changing environments make it important for departments to find a balance between evolving curriculum to match ...

In this paper, the authors propose a modification of CERT's 3 R model to include a 4 th R, th... more In this paper, the authors propose a modification of CERT's 3 R model to include a 4 th R, the discipline of Redress, identified as a necessary step to end the hacker arms race. Redress will require implementation of computer forensic investigation methods, tools and techniques that will permit evidence gathered to be admissible in a court of law, a standard not often understood or followed by many who are responsible for securing networks today. This leads the authors to conclude that there is a need for future work that will involve re-examination of the mechanisms and procedures used to collect evidence of network intrusions in order to ensure that the Rules of Evidence requirements are considered.

2011 IEEE Conference on Visual Analytics Science and Technology (VAST), 2011

Abstract The researchers explore the intersections between Information Assurance and Risk using v... more Abstract The researchers explore the intersections between Information Assurance and Risk using visual analysis of text mining operations. The methodological approach involves searching for and extracting for analysis those abstracts and keywords groupings that ...

Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibli... more Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografie; detailed bibliographic data are available in the Internet at http://dnb.d-nb.de. License This work is licensed under a Creative Commons Attribution 3.0 Unported license: CC-BY. In brief, this license authorizes each and everybody to share (to copy, distribute and transmit) the work under the following conditions, without impairing or restricting the authors' moral rights: Attribution: The work must be attributed to its authors. The copyright is retained by the corresponding authors. Digital Object Identifier: 10.4230/DagRep.4.2.i Aims and Scope The periodical Dagstuhl Reports documents the program and the results of Dagstuhl Seminars and Dagstuhl Perspectives Workshops. In principal, for each Dagstuhl Seminar or Dagstuhl Perspectives Workshop a report is published that contains the following: an executive summary of the seminar program and the fundamental results, an overview of the talks given during the seminar (summarized as talk abstracts), and summaries from working groups (if applicable). This basic framework can be extended by suitable contributions that are related to the program of the seminar, e.g. summaries from panel discussions or open problem sessions.

The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary d... more The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic readiness. A large gap exists between the state-of-the-art in IT security and best-practice procedures for digital evidence. Experts from IT and law used this seminar to develop a common view on what exactly can be considered secure and admissible digital evidence. In addition to sessions with all participants, a separation of participants for discussing was arranged. The outcome of these working sessions was used in the general discussion to work on a common understanding of the topic. The results of the seminar will lead to new technological developments as well as to new legal views to this points and to a change of organizational measures using ICT. Finally, various open issues and research topics have been identified. In addition to this report, ope...

The demand for cybersecurity professionals continues to significantly outpace the supply with a p... more The demand for cybersecurity professionals continues to significantly outpace the supply with a projected worldwide shortage of two million by 2017. At the same time, there are large numbers of transitioning military personnel that have important technical skills that could be coalesced into addressing this demand. This paper examines the development and proposed deployment of a project to do just this: Cybersecurity Rapid Education Apprenticeship Training to Employment System (CREATES). Challenges and benefits are discussed.

UW CIAC’s inter-collegiate research team has extended the World of Work Inventory (WOWI) to four ... more UW CIAC’s inter-collegiate research team has extended the World of Work Inventory (WOWI) to four specific job roles that incorporate penetration testing: Cybersecurity Defense Analyst, Cybersecurity Defense Infrastructure Responder, Cybersecurity Incident Responder, and Vulnerability Assessment Analyst. Identification of these statistically validated profiles can support methodologically based recruitment of high prospective candidates from diverse backgrounds and can inform career guidance protocols for these roles. The WOWI is a statistically validated multi-dimensional career assessment tool. Training data is gathered from a sample of people currently working in the roles, and the instrument identifies profiles for predicting successful candidates across aptitude, personality types, and interests. For this research, we selected the four roles that utilize the task of penetration testing within the category Protect and Defend, in the NIST NICE 800-818 Cybersecurity Workforce Frame...

ABS TRACT The same vulnerabilities continue to appear in code, over and over again, yet many educ... more ABS TRACT The same vulnerabilities continue to appear in code, over and over again, yet many educational institutions continue to teach programming as they always have. Some high-tech companies have found it necessary to establish ongoing security training for their developers to make up for the absence of college-level, secure coding curriculum. Recently, the thread model, which integrates security concepts into existing Computer and Information Science curricula, has been recognized as effective, while not impacting resourcelimited institutions with a complete curriculum change. Using the thread approach, we developed curricula inserts that include a programming assignment using a threat modeling tool, a design assignment applying a secure software development life cycle, a study comparing nonsecure with secure code, and a re-documentation technique that produces secure code from non-secure programs. We introduced these curriculum assets during a secure coding workshop for instruc...

The lack of talent in the field of cybersecurity is keenly felt across all sectors of the economy... more The lack of talent in the field of cybersecurity is keenly felt across all sectors of the economy - industry, government, military, academia [1]. While cybersecurity education has been a national priority, there still are thousands of cybersecurity jobs going unfilled and the gap will take a long time to close [1]. Of further concern, the authors have gathered anecdotal evidence that employers in both government and industry consider many recent cybersecurity graduates woefully unprepared for the realities of the workplace, taking too long to become effective. This paper describes one university's approach to address both the supply and preparedness problems, beginning with the application of the theory of pedagogical systems and methodology from sport and physical culture science and pedagogy to introducing the first iteration of a cooperative learning model - inspired by this theoretical base and experience with its application - designed specifically to develop and graduate ‘...

Smart metering has emerged as the next-generation of energy distribution, consumption, and monito... more Smart metering has emerged as the next-generation of energy distribution, consumption, and monitoring systems via the convergence of power engineering and information and communication technology (ICT) integration otherwise known as smart grid systems. While the innovation is advancing the future power generation, distribution, consumption monitoring and information delivery, the success of the platform is positively correlated to the thriving integration of technologies upon which the system is built. Nonetheless, the rising trend of cybersecurity attacks on cyber infrastructure and its dependent systems coupled with the system’s inherent vulnerabilities present a source of concern not only to the vendors but also the consumers. These security concerns need to be addressed in order to increase consumer confidence so as to ensure greatest adoption and success of smart metering. In this paper, we present a functional communication architecture of the smart metering system. Following ...

The purpose of this research is to propose architecture-driven, penetration testing equipped with... more The purpose of this research is to propose architecture-driven, penetration testing equipped with a software reverse and forward engineering process. Although the importance of architectural risk analysis has been emphasized in software security, no methodology is shown to answer how to discover the architecture and abuse cases of a given insecure legacy system and how to modernize it to a secure target system. For this purpose, we propose an architecture-driven penetration testing methodology: 4+1 architectural views of the given insecure legacy system, documented to discover program paths for vulnerabilities through a reverse engineering process. Then, vulnerabilities are identified by using the discovered architecture abuse cases and countermeasures are proposed on identified vulnerabilities. As a case study, a telecommunication company's Identity Access Management (IAM) system is used for discovering its software architecture, identifying the vulnerabilities of its architect...

Augmented Cognition

Research into situated and embodied cognition and related investigations have suggested that “cog... more Research into situated and embodied cognition and related investigations have suggested that “cognition” takes place not only in the human brain, but also in externalities such as the environment (situated cognition) and the body (embodied and morphological computing). This article explores two propositions and their implications for “augmented cognition” resulting from these expanded, systemic views of cognition.

Cybersecurity is changing rapidly as strategies based on secrets are losing traction on the massi... more Cybersecurity is changing rapidly as strategies based on secrets are losing traction on the massively interconnected and distributed Internet. This article explores emerging roles for education of cybersecurity professionals and cyber citizens and other new approaches to enhancing security. The article suggests 13 sources of insecurity that prompt new security perspectives, and how each offers an invitation to improve cybersecurity education and operations.

At least weekly we hear about significant data breaches or cyberattacks that threaten the financi... more At least weekly we hear about significant data breaches or cyberattacks that threaten the financial health and privacy of millions of online users, or about attacks by nation states or terrorist groups with a political or propagandistic agenda. How did we get here? How did our online interconnectedness that has created so many benefits, resulted in so many challenges? We’re living through digital transformation that’s challenging how we think about the world. We are clinging to mental models from the physical world and the industrial age that no longer work. What we need are new mental models and a recognition that technology alone does not fix the problem. It’s the humans in the system that require rules for operating online that need to be vigorously addressed. Here is a case for new hybrid architectures that combine both the rules and tools for operating online. Some way to institute neighborhood watch with compensating controls that bridge the gap between humans and current tech...

Applications for Investigation Processes, 2013

This chapter focuses on a theoretical approach to proactive evidence collection and presents a co... more This chapter focuses on a theoretical approach to proactive evidence collection and presents a conceptual approach for the Cloud. Forensic Readiness in the Cloud (FRC) calls upon technological and organizational strategies to address the risks that threaten organizational information. The two professions of Records Management (RM) and Digital Forensics (DF) can offer insights into how this might be achieved. In this chapter, the authors seek to explore the relationship between the two disciplines and the areas where collaboration and interdisciplinary work would be most beneficial. An initial overview of RM and its relationship to the wider field of Information Assurance (IA) precedes a more in depth comparison of the two related disciplines, using a model that integrates RM and DF. This is offered as a conceptual framework for making decisions about how to identify and manage the increasing quantities of evidence collected on networks. Organizational Network Forensic Readiness (NFR) has emerged as a method for supporting collection of digital evidence from networks using suggested checklists, procedures, and tools. This chapter elaborates upon a previously documented life cycle methodology for 'operationalizing' organizational NFR and integrates this with best practice from RM in FRC. FRC provides a conceptual approach to proactive evidence collection and identifies the phases at which RM approaches and processes might be most effectively employed in the Cloud.