An adaptive wideband delphi method to study state

An Adaptive Wideband Delphi Method to
Study state Cyber- Defence Requirements.

CONTENTS
 Abstract,
 Terms,
 Introduction,
 Work carried out,
 Related work,
 Design,
 Analytical framework,
 Results,
 Conclusion,
 Future Enhancement,
 References.

What is “CYBERNATICS”?
“Cybernetics” is a domain relevant to the study of systems .
It provides protection and security to the systems and eradicate the
threats and attacks effecting the systems.
Cyber security is the body of technologies, processes and
practices designed to protect networks, computers, programs and data
from attack, damage or unauthorized access. n a computing context,
the term security implies cyber security.

ABSTRACT
This paper deals with the key requirements for
protecting data against the foreign surveillance . A
wideband Delphi method has been introduced to
study the state’s (Indonesia’s ) requirements for
cyber- defence. And also a group of 25 mitigation
controls are availed to safeguard and protect the
sate’s national interests. Delphi method was
developed by the RAND Corporation.

KEYWORDS
• Defence,
• Adaptive wideband Delphi,
• Foreign surveillance,
• Security requirements.

INTRODUCTION
 The research has tended to focus on anticipatory self-
defence in cyberspace against active cyber attacks.
 A number of researchers have suggested that local data
clouds, data protection and security.
 It highlights the need for a state self-defence framework to
deal with threats and attacks in cyberspace .
 Several recent attempts have been need to protect and
safeguard classified information against NSA surveillance
programs such as PRISM, Tempora, Upstream, and etc.
 The requirements were investigated by using an Adaptive
Wideband Delphi Method to gather information from key
national stakeholders.

MITIGATIONS
PEOPLE
 Awareness, Training and Education.
 Information security commitments.
 Non-disclosure agreements.
 Proof of security clearance.
 Local Experts Requirements.

OPERATIONS
Trustworthy systems certifications.
 Registration of Authorized Software.
Registration of Authorized Hardware.
Incident Response Management.
 Security Continuous Monitoring.

TECHNOLOGY
 System and Communications Protection
National Cryptographic Standards
Local Applications Platform
National Infrastructures Platform
Control of International Traffic.

GOVERNANCE
 Independent Review Agency
 Risk Management Process
 Information Security Baseline
 Impact of potential threats

LEGAL REMEDIES
 Information Security Agreement
Regulation of Data Protection
Data Centre Localization
Lawful Interception Capability
Code of Ethics and Conduct in Bilateral
Cooperation Treaties.

WORK CARRIED OUT…
Delphi Approach to develop strategy.
 Delphi is an method for
structuring a group
communication process so
that the process is an
effective in allowing a
group of individuals as a
whole to deal with complex
problem.
 Was developed at RAND
Corporation in the 1950’s
as a part of military defence
project.

An adaptive Delphi method is based on the Delphi
technique and the wideband Delphi approach.
The method is one of the most practical ways of
eliciting requirements for state self- defence.
Traditional Delphi studies avoid face-to-face
meetings in order to elicit genuine opinions and
anonymous.
PROBLEM :
– Less control over the period from securing work
schedules.
– As every country has it’s own culture and work
behaviour.

AVOIDANCE
Researchers need to give potential
participants a clear understanding of
the problem description and Delphi
steps before the study begins .

RELATED WORK
• The issue deals with how to protect a state
from cyber attacks.
• State self-defence refers to continuous efforts
to safeguard and protect state sovereignty, &
national territory.
SELF DEFENCE AGAINST ACTIVE
ATTACKS :
 Proposed a legal framework that would
allow use of active self-defence in cyberspace
in order to reduce and mitigate risks from
threats which would occur.

SELF DEFENCE AGAINST
PASSIVE ATTACKS
 Focuses on the global communications
surveillance as a passive attack.
 NSA considers passive attack of as a
class which includes monitoring of
communications ,decrypting and
encrypting the information.
 The proposed work is the development
of global internet services such as cloud
services based on opensource platforms
and decentralized services.

DESIGN/ METHODOLOGY
 The design about to discuss about is the
Adaptive wideband Delphi framework.
Wideband Delphi enable the survey
through face-face to qualitive stages such
as panel discussions to clarify the major
issues of global communications
surveillance.
 Based on the wideband Delphi, face-to-
face meetings has been followed .
Kick-off meeting during first round.
Panel discussion during 2nd round.
o Panel 1,(Government officials and
Military officers).
o Panel 2 ,(Academics)
o Panel 3,(Industries)
o Panel 4(Practitioners)
 Final meetings.
 This design also allows making the
comparison of different frames of mind
from panelists.

DATA
COLLECTION METHOD
 Panel selections,
 Kick-off meeting,
 First individual feedback,
 Panel discussions,
 Convergence results,
 Second individual feedback,
 Consolidated meeting.

 In the first step, we selected a
moderator and formed four panel
of experts.
 In second step was the kick-off
meeting where presentations are
presented.
 In 3rd step ,panelist to review and
revise the requirements based on
results.
 In 4th step, each panel discussed a
general list of requirements for
state self defence.

ANALYTICAL FRAMEWORK
Legal remedies
Technology
GovernanceOperations
People
 The study defined 5
fundamental requirements as
mitigation controls for each five
defence in depth elements based
on state’s national interests.
The adopted method is
OCTAVE Allegro Method.
It concludes with saying that
protection against threat requires
5 primary elements people
,operations ,technology
,governance and legal remedies.

RESULTS
 The outcome of the state cyber-defence
requirements study may be helpful to identify
the security risk assessment .
• It helped to classify certain requirements
such : Security Awareness, & Regulation
on lawful interception.

CONCLUSION
• The paper concludes about the description and usage of Delphi
estimation and traditional Delphi study and it has also adapted to
understand policymaker’s requirements for state cyber–defence
against foreign intelligence surveillance.

FUTURE ENHANCEMENT
 It might be possible to further develop a variant Delphi
approach to investigate to what extent governments can
protect national security and privacy in cyberspace, and
to examine the fundamental and essential elements of
sovereignty in cyberspace.

REFERENCES
o Defense in Depth, National Security Agency, Fort Meade, MD, USA.
o Information Assurance Technical Framework, National Security Agency, Fort Meade,
MD, USA, 2000.
o E. Amoroso, Cyber Attacks: Protecting National Infrastructure. Amsterdam, The
Netherlands: Elsevier, 2012.
o E. Amoroso, Cyber Attacks: Protecting National Infrastructure. Amsterdam, The
Netherlands: Elsevier, 2012. .
o B. D. Caulking, ‘‘Proactive self defense in cyberspace,’’ DTIC, U.S. Army War College,
PA, USA, Tech. Rep. No. 0704-0188, 2009.
o J. Landeta, ‘‘Current validity of the Delphi method in social sciences,’’ Technol.
Forecasting Soc. Change, vol. 73, no. 5, pp. 467–482, 2006.
o Defence in Depth, Trusted Information Sharing Network, ACT, Australia, 2008.
o Security and Privacy Controls for Federal Information Systems and Organizations,
National Institute of Standards and Technology, Gaithersburg, MD, USA, 2013.
o C.OkoliandS.D.Pawlowski,‘‘TheDelphimethodasaresearchtool:An example, design
considerations and applications,’’ Inf. Manage., vol. 42, no. 1, pp. 15–29, 2004.
o Critical Security Controls for Effective Cyber Defense, Council on CyberSecurity,
Arlington, VA, USA, 2009.

An adaptive wideband delphi method to study state

More Related Content

What's hot (20)

Similar to An adaptive wideband delphi method to study state (20)

Recently uploaded (20)

An adaptive wideband delphi method to study state