Using systems thinking to model cyber defence strategies within the UK ecosystem
Lead Research Organisation:
Royal Holloway University of London
Department Name: Information Security
Abstract
The PhD journey started from trying to understand the strategic approach which is used in order to engage with the complexity of the cyber domain. This journey led to deterrence theory within international relations literatures, however, subsequently the deterrence approach was found to be highly dependent on domains which did not possess the same crucial components, specifically: the large part played by the private sector; highly networked interaction; and low threshold interactions.
This PhD aims to address some of these issues in order to better frame the area which is more aligned to the specificities of the cyber domain as opposed to frameworks taken from other areas. This will allow decision makers to be better informed when dealing with the cyber domain and discussing this area. This approach within cyber strategic studies research is at an early stage within the literatures which makes the potential of pushing forward in this area highly interesting.
The PhD comprises a three-step process:
1. Model Fundamentals: The first step is to create a model in order to represent the dynamics of the cyber domain. Through literatures and discussions, and using systems thinking, it is determined which drivers should be used in the modelling process and how this should be represented. After the model has been developed the drivers and assumptions used are validated though the use of experts.
2. Scenario development phase: At the next step, the outputs of the model are translated into a format suitable for dissemination and discussion within semi structured interviews. This is the process where it is decided what is the optimum format to allow information to be accessible whilst also providing participants to interact and influence decisions on the inputs (and thus outputs) of the model.
3. Semi-structured interview process: Using the scenarios created within the modelling process and the visualisations created from this, these are tested across different sectors in order to see how various stakeholders engage. This will be done in two parts:
Case study exploration: Engagement will first be with stakeholders who know and understand either the cyber domain and/or modelling with iterations of this process, along with integrating learnings.
Validation of learning: Using potentially updated modelling and visualisations engagement the second part of the interview process will be with decision makers. These participants are likely to have less knowledge of the cyber and/or modelling fields. The aim here is to get feedback on the usefulness of the approach and what learnings they may have taken away from.
This PhD aims to address some of these issues in order to better frame the area which is more aligned to the specificities of the cyber domain as opposed to frameworks taken from other areas. This will allow decision makers to be better informed when dealing with the cyber domain and discussing this area. This approach within cyber strategic studies research is at an early stage within the literatures which makes the potential of pushing forward in this area highly interesting.
The PhD comprises a three-step process:
1. Model Fundamentals: The first step is to create a model in order to represent the dynamics of the cyber domain. Through literatures and discussions, and using systems thinking, it is determined which drivers should be used in the modelling process and how this should be represented. After the model has been developed the drivers and assumptions used are validated though the use of experts.
2. Scenario development phase: At the next step, the outputs of the model are translated into a format suitable for dissemination and discussion within semi structured interviews. This is the process where it is decided what is the optimum format to allow information to be accessible whilst also providing participants to interact and influence decisions on the inputs (and thus outputs) of the model.
3. Semi-structured interview process: Using the scenarios created within the modelling process and the visualisations created from this, these are tested across different sectors in order to see how various stakeholders engage. This will be done in two parts:
Case study exploration: Engagement will first be with stakeholders who know and understand either the cyber domain and/or modelling with iterations of this process, along with integrating learnings.
Validation of learning: Using potentially updated modelling and visualisations engagement the second part of the interview process will be with decision makers. These participants are likely to have less knowledge of the cyber and/or modelling fields. The aim here is to get feedback on the usefulness of the approach and what learnings they may have taken away from.
Planned Impact
People. The most obvious impact of RHUL's cyber security CDT will be its production of 50 PhD-level graduates during its lifetime. CDT graduates will be "industry-ready": through industry placements, they will have exposure to real-world cyber security problems and working environments; because of the breadth of our training programme, they will gain exposure to cyber security in all its forms; through involvement of our external partners at all stages of the CDT, the students will be exposed to the language and culture of industry, government and other sectors. At the same time, they will benefit from generic skills training, equipping them with a broad set of skills that will be of use in their subsequent workplaces. They will also engage in PhD-level research projects that will lead to them developing deep topic-specific knowledge as well as general analytical skills. There is a growing demand for graduates with these skill-sets. While RHUL already has demonstrably close relationships with key external players, our CDT represents an opportunity for us to enhance our existing links and develop new ones. Moreover, our own research will be strengthened by working with the best external researchers.
Economy. The nature of our cyber security research and the planned industrial involvement in influencing the selection of research topics means that there will be significant commercialisation opportunities arising from the research produced by this CDT. RHUL cyber security researchers have more than 80 years of experience working in industry, either in research, development or customer-facing environments, and are named inventors on more than 30 patents. We are closely supported by the Royal Holloway Enterprise Centre, who have expertise in business development, securing venture capital funding, and IPR protection. RHUL's Institute for Cyber Security Innovation provides business research and training support. We also have an on-campus incubation centre which has hosted a number of spin-out companies. We are thus thoroughly prepared to identify and exploit commercialisation opportunities arising from the CDT.
Knowledge. The CDT will make substantial and original contributions to knowledge in cyber security. Following institutional policy, all research is made available to the public for free in some form, either through open access publishing,the institution's research repository or via subject-specific on-line archives. The research will also published in conference venues which, by their nature, are regularly attended by large numbers of delegates from outside of academia. Other impact routes for our knowledge include Industry Fora (RHUL is an active academic member of the I4 and ISF organisations, which are influential industry fora), Business Events (RHUL researchers regularly speak at events such as InfoSec London, RSA Conference), Standards Bodies (several staff are active in international standards bodies), Consulting (staff have consulted for more than 100 organisations in the last 30 years), Industry-focused Events (RHUL hosts several external facing events each year, including the annual CDT Showcase, HP Colloquium, and ISG Open Day).
Society. One of the longer-term impacts of our research is to provide mechanisms that help to enhance confidence and trust in the on-line society for ordinary citizens, leading in turn to quality of life enhancement. Our work on the socio-technical dimensions of security and privacy gives us a means to influence government policy to the betterment of society at large. We work closely with government departments such as the Cabinet Office to provide advice on privacy, security and design issues. We also communicate research findings through more widely accessible media, press engagement, speaking at public events, and working with schools (CDT students will take part in the annual Smallpeice Trust Cyber Security residential for Year 9 students).
Economy. The nature of our cyber security research and the planned industrial involvement in influencing the selection of research topics means that there will be significant commercialisation opportunities arising from the research produced by this CDT. RHUL cyber security researchers have more than 80 years of experience working in industry, either in research, development or customer-facing environments, and are named inventors on more than 30 patents. We are closely supported by the Royal Holloway Enterprise Centre, who have expertise in business development, securing venture capital funding, and IPR protection. RHUL's Institute for Cyber Security Innovation provides business research and training support. We also have an on-campus incubation centre which has hosted a number of spin-out companies. We are thus thoroughly prepared to identify and exploit commercialisation opportunities arising from the CDT.
Knowledge. The CDT will make substantial and original contributions to knowledge in cyber security. Following institutional policy, all research is made available to the public for free in some form, either through open access publishing,the institution's research repository or via subject-specific on-line archives. The research will also published in conference venues which, by their nature, are regularly attended by large numbers of delegates from outside of academia. Other impact routes for our knowledge include Industry Fora (RHUL is an active academic member of the I4 and ISF organisations, which are influential industry fora), Business Events (RHUL researchers regularly speak at events such as InfoSec London, RSA Conference), Standards Bodies (several staff are active in international standards bodies), Consulting (staff have consulted for more than 100 organisations in the last 30 years), Industry-focused Events (RHUL hosts several external facing events each year, including the annual CDT Showcase, HP Colloquium, and ISG Open Day).
Society. One of the longer-term impacts of our research is to provide mechanisms that help to enhance confidence and trust in the on-line society for ordinary citizens, leading in turn to quality of life enhancement. Our work on the socio-technical dimensions of security and privacy gives us a means to influence government policy to the betterment of society at large. We work closely with government departments such as the Cabinet Office to provide advice on privacy, security and design issues. We also communicate research findings through more widely accessible media, press engagement, speaking at public events, and working with schools (CDT students will take part in the annual Smallpeice Trust Cyber Security residential for Year 9 students).
Studentship Projects
| Project Reference | Relationship | Related To | Start | End | Student Name |
|---|---|---|---|---|---|
| EP/S021817/1 | 01/10/2019 | 31/03/2028 | |||
| 2742656 | Studentship | EP/S021817/1 | 01/10/2019 | 30/05/2024 | Nicola Bates |