Posted: April 13th, 2023

Create Power Points Slide With Speaker Notes essay

Cybersecurity Concerns within Army Corps of Engineers: Perceptions of Civilian and Military Personnel

Table of Contents
ABSTRACT 3
INTRODUCTION 4
LITERATURE REVIEW 7
METHODOLOGY 8
REFERENCES 10
APPENDIX 11
GANTT CHART – RESEARCH SCHEDULE PROPOSAL 13

ABSTRACT
The internet started with the aim of providing interconnectivity of networks for data exchange; it is now the global mainstream infrastructure for commerce, politics, military activities, espionage and nearly all human lives revolves around the internet through interactions via social media. In today’s society, new battle grounds have emerged as information confrontation, electronic warfare and cyber-attacks have been on the rise (Long et al., 2019). Cybersecurity has become a key element of personal, national and international concerns (Office & America, 2002). Several steps have been taken by different countries to protect the integrity of its citizens’ private data and the military (Collier, Linkov, & Lambert, 2013). The countries’ cybersecurity programs are two-fold defensive and offensive with regards to the need and situational analysis.
Security of information is an important aspect in the cyber landscape and a major concern for governments and companies; who are investing a lot of resources to prevent cybercrime. The ability to receive and send data at the click of a button raises alarm over the integrity data being transmitted. Many nations are modernizing critical infrastructure as internet use has now become a backbone of government service delivery and developments. It is in this regard that the governments are imposing tough measures to curb cybercrime. This paper focuses on cyber-crimes, ethics and cyber security of key facilities under the United States Army Corps of Engineers.
CHAPTER 1: INTRODUCTION
BACKGROUND
The United States Army Corps of Engineers (USACE) is a joint formation of engineers within the United States Army mandated to undertake all engineering design, construction and demolitions for the Army. With the high degree of internet connectivity and spending within the Army, USACE is tasked with the responsibility of ensuring that new projects and facilities with control systems owned by USACE are secured and authorization is done according to the Department of Defense and the Army regulations (Yusta, Correa, & Lacal-Arántegui, 2011). The
On January 2014, USACE recognized the critical nature of the control system cybersecurity and a national information assurance manager was appointed (Gisladottir, Ganin, Keisler, Kepner, & Linkov, 2017).
PURPOSE OF THE STUDY
This paper aims to discuss the concerns, perception and impact of cybersecurity for USACE with regards to the challenges of information technology integrated control systems (Colbert & Kott, 2016) both by civilians and the military personnel. The integrity of data is critical as leakages would compromise the security of our country. The military designs for assault systems, military operations data and intercommunication held secretly and any data would compromise the security status of the nation (Linkov, Anklam, Collier, DiMase, & Renn, 2014). This study aims at pointing out the emerging trends in the cybersecurity landscape, its implications to safety and the ways in which they can be combated.
SIGNIFICANCE OF THE STUDY
By pointing out the vulnerabilities of the existing cyber infrastructure of USACE, areas of improvement becomes known. This will help in mobilization of resources and human intellect to help mitigate the problems. It will help USACE with a better view of data safely and would incorporate data integrity features into the current and future designs for military installations, facilities, and military gear. The study aims to create awareness on cybersecurity and the methods that both the military and civilians can employ, explore systems vulnerability and corrective measures. Also, ensure that USACE’s developed facilities are cybersecure and promote collaboration between the organization and cybersecurity experts.
MAIN RESEARCH QUESTION AND SUB QUESTIONS
The main research question of this paper is: what are the major systemic issues that makes USACE facilities vulnerable to cyberattacks. This research aims to answer the following sub-questions: What are the cybersecurity policy and military doctrine of the Army? What is the cybersecurity organizational command of the Army? What is the public perception of cybersecurity? Is there any law enacted to govern information confrontation and electronic warfare? Does synergy exist between cybersecurity experts and the USACE?
THEORY OF CHANGE AND ASSUMPTIONS
IF the Army Corps of Engineers utilized a risk-based approach for assessing the security of a water dam system, THEN the control systems’ threat and vulnerability will be mitigated, THEN cyber threat detection and monitoring will be improved, THEN technology budget savings would increase.
Assumptions
1. IF the Army Corps of Engineers utilized a risk-based approach for assessing the security of a water dam system, THEN the control systems’ threat vulnerability will be mitigated.
2. IF the Army Corps of Engineers operated a risk-based approach for assessing the security of a water dam system, THEN cyber threat detection and monitoring will be improved.
2. IF the Army Corps of Engineers utilized a risk-based approach for assessing the security of a water dam system, THEN technology budget savings would increase.
LIMITATIONS
Most of the information regarding cybersecurity is top secret and not easily accessible to the public. The techniques used for cybersecurity are classified and cannot be shared with the public or in this research paper.
DEFINITION OF TERMS
Cybersecurity is the protection of digital assets, data, computers from unauthorized access. Cyber Warfare is the use of computer technology to destabilize different countries. Information confrontation is misleading information from fake sources. Cybersecurity doctrine is cybersecurity standards and electronic warfare is the use of electromagnetic spectrum signals in warfare.
EXPECTED IMPACT OF RESEARCH
This study having exposed weak links in data integrity and security, there would be a positive and conscious behavioral change by both the military and civilian employees. The human aspect would cease to be the weakest link in cyberattacks, and electronic warfare (Jacobs, 2011). The research would raise the awareness of cyber security, as there has been an increase in inter-connectivity given by the rise of Internet of Things (IOT).
CHAPTER 2: LITERATURE REVIEW
INTRODUCTION
Cybersecurity is the protection and safeguarding the use of data and information without leakage to unauthorized persons (Lee, Churinske, Wolf, Turbat, & Linhares). The privacy and security of personnel and governmental data has always been the main security measures undertaken at the personnel level, organizational level ant the governmental level (Kelly, 2014).
LITERATURE REVIEW
With every technological advancement, there will always be people who will exploit it. The introductions of social media, internet and IOT, autonomous systems means a lot of data are being shared from one person to another. The data integrity and security are a major concern to individuals, organizations and the government. The establishment of cybersecurity dates back to the 1990s for the United States. The task is jointly executed by the Federal Bureau of Investigation, Department of Homeland Security, the Defense Ministry and U.S. Cyber Command. These agencies work to ensure that the United States cyberspace is free from threats, as cyberwarfare is the first line of defense and offence in recent times. The cyberspace review policy of 2011 states the roles of each agency. This is after the memorandum of agreement was signed by different agencies in October 2010.
Personal data has become more valuable as it is sold for various reasons, most being for consumer buying pattern predictions which is a factor that influences production ( No, 2006). The automation and control systems developed by the USACE have a security layer as the internet connectivity to such systems allows for remote access and control but also increases the risk level of the systems making them prone to cyber-attacks.
USACE cybersecurity regulations is concerned with:
1) National critical infrastructure control system that includes but not limited to the following control systems:
I. Hydropower control
II. Water management
III. Navigation control (Stich, Webb, Centola, & Waggener, 2014)
IV. Flood risk
V. Dam safety
VI. Water supply
VII. Environmental stewardship
VIII. Marine traffic
2) Other control systems including but not limited to the following control systems:
I. Building control
II. Electronic security
III. Fire and life safety
IV. Traffic
V. Energy monitoring systems
VI. Utility monitoring
VII. Utility control (Ganin et al., 2020)
The automation and control systems developed by the USACE have a security layer as the internet connectivity to such systems allows for remote access and control but also increases the risk level of the systems making them prone to cyber-attacks.
CONCLUSION
The U.S. Army Corps of Engineers is involved in the protection assets and control systems from unauthorized access. It is important that USACE receives skill upgrade and capacity building in cybernetics as they design mission critical systems for the Army e.g. navigation systems for drones , weapons systems, communication systems etc. which if accessed by unauthorized person could be detrimental to the safety of the Army and the country (Stinson, 2020)
CHAPTER 3: METHODOLOGY
INTRODUCTION
Both the military and civilians who work with the Army are asked to indulge the research so the final conclusion of the research is comprehensive and non-partisan. A case study was employed, the survey and interview were conducted on voluntary basis. There were 100 surveys and multiple interviews requested.
MAIN RESEARCH QUESTION AND SUB QUESTIONS
The main research question of this paper is: what are the major systemic issues that makes USACE facilities vulnerable to cyberattacks. This research aims to answer the following sub-questions: What are the cybersecurity policy and military doctrine of the Army? What is the cybersecurity organizational command of the Army? What is the public perception of cybersecurity? Is there any law enacted to govern information confrontation and electronic warfare? Does synergy exist between cybersecurity experts and the USACE?
THEORY OF CHANGE AND ASSUMPTIONS
IF the Army Corps of Engineers utilized a risk-based approach for assessing the security of a water dam system, THEN the control systems’ threat and vulnerability will be mitigated, THEN cyber threat detection and monitoring will be improved, THEN technology budget savings would increase.
Assumptions
1. IF the Army Corps of Engineers utilized a risk-based approach for assessing the security of a water dam system, THEN the control systems’ threat vulnerability will be mitigated.
2. IF the Army Corps of Engineers operated a risk-based approach for assessing the security of a water dam system, THEN cyber threat detection and monitoring will be improved.
2. IF the Army Corps of Engineers utilized a risk-based approach for assessing the security of a water dam system, THEN technology budget savings would increase.
OPERATIONAL DEFINITIONS
• Risk-based approach – For the purpose of this study, the risk-based approach is an assessment technique that represents a constant, mathematical, and easy to implement tactic for evaluating the security of water dam system.
• Water dam system – For the purpose of this study, the water dam system is use to describes all the spillways, outlet works, steering locks, appurtenant structures, water conveyance structures.
• Threat – For the purpose of this study, the threat will be any circumstances with the potential to have a negative outcome for the water dam system.
• Vulnerability – For the purpose of this study, the vulnerability is the disparities or weakness in the water dam system that make threats possible and attempt threat actors to manipulate them.
• Mitigation – For the purpose of this study, mitigation is the process used to lessen the extent of the water dam system by isolating or containing the threat until it is corrected.
• Control system – For the purpose of this study, the control system refers to USACE systems that are responsible for designing, developing, and implementing solutions that control dynamic systems. Examples are: hydropower control, water management and navigation control system.
• Control system vulnerability – For the purpose of this study, this refers USACE different control systems such as hydropower dam has become a focal point in recent years and several of them are vulnerable to internal threats.
• Mitigate threat vulnerability – For the purpose of this study, mitigate threat vulnerability is to lessen extent of an attack on USACE’s control system by isolating the threat until the problem can be remedied.
• Cyber threat detection – For the purpose of this study, cyber threat detection is the process to identify threat on USACE networks.
• Cyber threat monitoring – For the purpose of this study, cyber threat monitoring involves continually analyzing and evaluating USACE’s security data in order to identify any attacks and breaches.
• Technology budget – For the purpose of this study, the technology budget identifies the amount of money spent on the Army Corps of Engineers’ information technology system and services per fiscal year.
POPULATION SAMPLING STRATEGY AND PROCEDURE
To accurately capture the concerns of USACE on systems automation and data integrity, multiple interviews and surveys were carried conducted within the USACE workforce as a population sampling strategy. The following Subject Matter Experts (SMEs) were interviewed: Chief Information Office/G-6, Dovarius People; Information System Security Manager (ISSM) – Corps Net, Angela V. Rhodes; Cyber Threat Intelligence, Nicholas H. Lewis; Cyber Analyst, Jonathan Hortemiller; Cyber Security Program Management, (Governance/Policy/Reporting), Donna Lee; SME Cyber Network Defense, Natasha E. O’Loughlin.
In addition to interviews, around 100 surveys will be sent to both USACE and non USACE employees through emails and social media. The distribution list will be selected from our Global Address List (GAL) which includes employees from different department and location.
INTERNAL AND EXTERNAL VALIDITY OF METHODOLOGY
After data collection, the gathered data will be subjected to review process with the aim of elimination any irrelevant information. The data would then be analyzed and charts, graphs be used in data presentation.
LIMITATIONS
The survey took place during the corona virus pandemic; thus, the movement of the interview was greatly affected. Due to that same reason, the number of people who can attend in-person interview was limited because of the pandemic prevention protocol. The second limitation within the methodology used to conduct this research is not able to receive a certain amount of surveys from both USACE and non USACE employees.
SUMMARY
The research was done under the correct quality control measures and the data obtained is the true reflection of the concerns of the USACE on interconnectivity of mission critical systems which must be secured as they are a matter of national and international security (Jarmon, 2014).

REFERENCES
Bicak, A., Liu, X. M., & Murphy, D. (2015). Cybersecurity curriculum development: Introducing specialties in a graduate program. Information Systems Education Journal, 13(3), 99.
Colbert, E. J., & Kott, A. (2016). Cyber-security of SCADA and other industrial control systems (Vol. 66): Springer.
Collier, Z. A., Linkov, I., & Lambert, J. H. (2013). Four domains of cybersecurity: a risk-based systems approach to cyber decisions. In: Springer.
Donaldson, S., Siegel, S., Williams, C. K., & Aslam, A. (2015). Enterprise cybersecurity: how to build a successful cyberdefense program against advanced threats: Apress.
Ganin, A. A., Quach, P., Panwar, M., Collier, Z. A., Keisler, J. M., Marchese, D., & Linkov, I. (2020). Multicriteria decision framework for cybersecurity risk assessment and management. Risk Analysis, 40(1), 183-199.
Gisladottir, V., Ganin, A. A., Keisler, J. M., Kepner, J., & Linkov, I. (2017). Resilience of cyber systems with over‐and underregulation. Risk Analysis, 37(9), 1644-1651.
Jacobs, C. (2011). Terrorists and Nature: Preparedness of Municipalities to Protect against and Respond to Terrorist Activities during a Natural Disaster. Homeland Security Rev., 5, 165.
Jarmon, J. A. (2014). The new era in US national security: An introduction to emerging threats and challenges: Rowman & Littlefield.
Kelly, R. F. (2014). Automated cyber threat analysis and specified process using vector relational data modeling. Monterey, California: Naval Postgraduate School,
Lee, T., Churinske, L., Wolf, F., Turbat, S., & Linhares, N. Data Mining & Statistics (Regular session).
Linkov, I., Anklam, E., Collier, Z. A., DiMase, D., & Renn, O. (2014). Risk-based standards: integrating top–down and bottom–up approaches. Environment Systems and Decisions, 34(1), 134-137.
Long, M. C., Bush, J., Briggs, S., Patel, T., Westervelt, E., Shepard, D., . . . Schwenk, D. (2019). An Army Guide to Navigating the Cyber Security Process for Facility Related Control Systems: Cybersecurity and Risk Management Framework explanations for the Real World. Retrieved from
Mulford, N. A. (2017). Cyber Incidents Targeting Critical Infrastructure. Utica College,
New, N. USACE/NAVFAC/AFCEC/NASA UFGS 26 31 00 (May 2015).
No, D. H. (2006). Critical Infrastructure Threats and Terrorism.
Office, U. G. A., & America, U. S. o. (2002). Information Security: Corps of Engineers Making Improvements, But Weaknesses Continue.
Stich, B., Webb, P., Centola, D., & Waggener, B. (2014). PORT CITY CHALLENGES E-NAV (“ELECTRONIC NAVIGATION”).
Stinson, J. T. (2020). Cross-Entropy Approaches To Software Forensics: Source Code Authorship Identification. Mississippi State University,
Westphalen, N. (2019). Rehabilitation in the Australian Defence Force. Journal of Military and Veterans Health, 27(4), 7.
Yusta, J. M., Correa, G. J., & Lacal-Arántegui, R. (2011). Methodologies and applications for critical infrastructure protection: State-of-the-art. Energy policy, 39(10), 6100-6119.

APPENDIX
Interview questions
Proposed interview list:
• Chief Information Office/G-6, Dovarius People
• Information System Security Manager (ISSM) – Corps Net, Angela V. Rhodes
• Cyber Threat Intelligence, Nicholas H. Lewis
• Cyber Analyst, Jonathan Hortemiller
• Cyber Security Program Management, (Governance/Policy/Reporting), Donna Lee
• SME Cyber Network Defense, Natasha E. O’Loughlin
Chief Information Office/G-6, Dovarius People
1. What are the implications of cyber security to the design and construction of mission critical facilities?
2. How well can the risk factors of cyber security be eliminated from your perspective?
3. What is the top security concern the Army Corps of Engineers face today?
Information System Security Manager (ISSM) – Corps Net, Angela V. Rhodes
1. What are the emerging trends in instrumentation and control with regards to cyber security?
2. How is the system design critical for cyber security?
3. How is the engineering associated with cyber security?
4. Is all sensitive data secure (in storage and when transmitted) and backed up on a routine basis? Where is the backup kept? Is it protected?
Cyber Threat Intelligence, Nicholas H. Lewis
1. How can one develop a robust and secure system with the ever-changing cyber threats?
2. What is our plan for identifying and addressing cyber threats? Is it current?
Cyber Analyst, Jonathan Hortemiller
1. What are the intelligence reports pointing out to be the main weak links in cyber security?
2. There is so much hype about artificial intelligence, could it be employed in analyzing of intelligence reports?
3. What are some of the technological gears that have been produced with cooperation of the Corps?
Cyber Security Program Management, (Governance/Policy/Reporting), Donna Lee
1. How do we protect sensitive information handled and stored by our third-party vendors?
2. Do we have the right data to governance strategy to minimize cyber risk?
3. Do we have a tested cyber breach response plan?
SME Cyber Network Defense, Natasha E. O’Loughlin
1. What does Army Corps of Engineers need to do to ensure IT security moving forward?
2. How can we detect cyber attacks and respond to them?
Survey Questions
1. When creating passwords, I use the same one for:
A) All of my online accounts
B) Most of my online accounts
C) Some of my online accounts
D) I never use the same password for more than once
2. My passwords for different accounts contains:
A) Personal information (I.E. Date of birth, part of SSN, address, etc.)
B) Dictionary words or phrases
C) Radom sequence of numbers, special characters and symbols
3. My organization has an Incident Response Plan
A) Yes
B) No
C) I am not sure
4. My organization offers regular cyber security training to employees on reporting incidents, password security, phishing, etc.?
A) Yes
B) No
C) I am not sure
5. How carefully are you when opening an attachment in your email?
A) Always make sure the email is from someone I know are expecting the email
B) As long as I know the person or organization that sent me the attachment
C) There is nothing wrong with open any attachments regarding who it is from
6. Do you know how to identify an email scam?
A) Yes, I do
B) No, I don’t
C) I am not sure
7. Does your organization have policies on which websites you can visit?
A) No, there are no policies, I can visit what ever website I want while using government computer
B) Yes, there are policies limiting what websites I can and cannot visit while using government computer
C) I am not sure if we have policies
8. Cany you user your own personal devices, such as mobile phones to store or transfer confidential information pertaining to your job?
A) Yes
B) No
C) I am not sure
9. Do you know who to contact if you received a sextortion email? Sextortion email misleads individuals into thinking the attacker owns a recording of their computer screen and camera that recording contains images or videos of the potential victim in sexually explicit situations.
A) Yes, I do know who to contact
B) No, I do not
C) I am not sure who to contact
10. We are allow to connect personal USB devices to your government computer.
A) True
B) False

Task Week 1 Week 2 Week 3 Week 4 Week 5 Week 6 Week 7 Week 8
Ongoing Reading
Final Survey Questions
Survey Questions Sent
Survey Questions Received
Survey Analysis
Final Interview Questions
Interview
Interview Analysis
Write Survey and Interview Analysis
Edit EMPA Final 301 Paper
Add Literature Review
Draft Chapters 4-6
Completion of Initial Draft: Chapters 4-6
Editing of Initial Completed Draft
Final Submission
GANTT CHART – RESEARCH SCHEDULE PROPOSAL

GANTT CHART – RESEARCH SCHEDULE PROPOSAL FOR RESEARCH ON CYBERSECURITY FOR USACE
research paper writing service

Check Price Discount

Study Notes, Research Topics & Assignment Examples: Discussion Healthy Eating Approach Essay »MKT00720 – Marketing Assignment 2: Report