This week I’m attending the CERIAS symposium at Purdue University in West Lafayette Indiana. I’ve had some really great conversations with several leaders in the industry, and found some great contacts within government that may or may not lead anywhere. It has been interesting to see some of the presentations. The variability in the panelists they’ve had is extremely interesting to me. I think you’ll find the posters at least mildly interesting.
I’m presenting two posters at the symposium. Usually poster presentations are kind of a ho-hum affair but at Purdue you usually get some pretty senior people quizzing you about the research, and I’ve had a blast playing stump the chump with some of the other presenters. The depth and breadth of the research at an organization like CERIAS is one of my favorite things about being involved with an R1 research institution.
The first poster is a snapshot of my doctoral dissertation. Would a risk management model, a technical model, or no model (as a control) inform or influence conceptual understanding of cyber conflict. The answer? Well none. In fact across the board the results suggest that nobody really understands the domain of cyber warfare (within my sample).
ETA: this poster won first place at the symposium. Considering how excellent the competition was it was a sincere surprise and great honor to earn such n award.
Cyberwarfare as a form of conflict: Evaluation of models of cyber conflict as a prototype to conceptual analysis (click to make larger)
Poster two is a work in progress that I wanted to socialize a bit for comments. My former students will recognize this as something I’ve been working on for quite some time. This research looks at the risk management paradigm, and then looks to see if we are doing what the principles of risk management actually suggest. The analysis framework uses a taxonomical model that is only partly defined at this point. It also builds upon the work of several excellent scholars. There are lots of caveats to go with this research so don’t get all crazy about the results. Poster presentations are great places to do this kind of analysis and discuss it. Of course this same research is also a targeting mechanism but that is a topic for another day.
Risk assessment in an information centric world: Threats, vulnerabilities, countermeasures and impacts (a work in progress) (click to make larger)