Research

Austen D. Givens, “Strengthening Cyber Incident Response Capabilities through Education and Training in the Incident Command System,” National Cybersecurity Institute Journal, 2, no. 3 (December 2015), pp. 65-75.

Abstract: Supervisory Control and Data Acquisition (SCADA) systems control innumerable industrial processes that affect large segments of U.S. critical infrastructure, from regulating the flow of water through dams to calibrating the electrical currents in power substations located in residential neighborhoods. Historical evidence demonstrates that electronic attacks on SCADA systems can physically damage them. This can trigger consequences that must be simultane-ously addressed by Computer Security Incident Response Teams (CSIRTs) and traditional first responders. This article advances a two-part argument: first, that the Incident Command System (ICS) offers a compelling means to strengthen cyber incident responses by integrating CSIRTs and first responders involved in SCADA incidents into a cohesive organizational structure; and second, that cybersecurity curricula in academic and professional training settings should therefore incorporate ICS education in order to increase the probability of effective incident responses involving CSIRTs and first responders in the future.

Link to journal

Austen D. Givens and Nathan E. Busch, “Integrating Federal Approaches to Post-Cyber Incident Mitigation,” Journal of Homeland Security and Emergency Management 10, no. 1 (July 2013), pp. 1–28.

Abstract: This article argues that the federal government lacks a cohesive approach to post-cyber incident mitigation – that is, the closing of vulnerabilities that become apparent during and after a cyber incident. To begin addressing this gap in cybersecurity capabilities, greater legal, cultural, and technological integration among the Department of Defense, Department of Homeland Security, and US Intelligence Community would be helpful in achieving a more unified strategy in post-cyber incident mitigation.

Download as PDF

Austen D. Givens and Nathan E. Busch, “Information Sharing and Homeland Security: The Role of Public-Private Partnerships,” Homeland Security Review 7, no. 2 (Summer 2013), pp. 1–28.

Abstract: Since the terrorist attacks of September 11th, 2001 there is increasing recognition that businesses and government have important roles in sharing homeland security information. And today the public and private sectors are sharing information—lots of it. Countless daily reports, briefings, bulletins, and news items sound a steady drumbeat of threat information for homeland security analysts. But despite these positive steps, much important work remains. This article argues that efforts to correct the information sharing failures of 9/11 have not alleviated a trust deficit that exists between the public and private sector. Moreover, post-9/11 changes have also inadvertently created new information sharing problems, including information overload for homeland security analysts and a decline in information quality. The challenge for public-private partnerships in homeland security now is to build cross-sector trust, control the flow of information, and manage information quality for decision-makers in government and business.

Download as PDF

Nathan E. Busch and Austen D. Givens, “Achieving Resilience in Disaster Management: The Role of Public-Private Partnerships,” Journal of Strategic Security 6, no. 2 (June 2013), pp. 1–19.

Abstract: This article examines the current status of public-private partnerships in disaster management, as well as the emerging opportunities and challenges that need to be addressed for these partnerships to achieve their full potential. The article begins with a systematic overview of the strategic, operational, and tactical effects of public-private partnerships in disaster management today and describes how these effects can increase societal resilience. Next, the article discusses several of the emerging opportunities and challenges that these partnerships will have to work through in the coming years. The article concludes with a set of policy recommendations to enhance the efficiency and effectiveness of public-private partnerships in disaster management.

Download as PDF

Austen D. Givens and Nathan E. Busch, “Realizing the Promise of Public-Private Partnerships in US Critical Infrastructure Protection,” International Journal of Critical Infrastructure Protection 6, no. 1 (March 2013), pp. 39–50.

Abstract: To date, much attention has focused on the advantages of public-private partnerships for critical infrastructure protection in the United States. These include reducing the duplication of effort, enhancing cross-sector communication, increasing efficiency, and ultimately achieving the protection objectives better than government or business acting independently. The benefits suggest that public-private partnerships will be a significant and enduring part of critical infrastructure protection initiatives in the United States. However, we argue that a pattern is emerging that may lead to a fracture between the appearance and the reality of public-private partnerships in U.S. critical infrastructure protection. Although some research has focused on specific challenges in this domain of U.S. homeland security, comparatively little attention has been paid to thinking through the issues facing critical infrastructure protection as a whole. We maintain that unless concrete steps are taken to bolster public-private partnerships in critical infrastructure protection, they will be much less effective than hoped for by U.S. homeland security analysts.

Download as PDF

Nathan E. Busch and Austen D. Givens, “Public-Private Partnerships in Homeland Security: Opportunities and Challenges,” Homeland Security Affairs 8, Article 18 (October 2012), pp.1–23.

Abstract: Public-private partnerships are a major issue of discussion in businesses and government agencies concerned with homeland security. However, this issue has received a much less thorough treatment in scholarly literature on homeland security. This article begins to fill a gap in homeland security scholarship by identifying the essential role that public-private partnerships are now taking in homeland security and by examining opportunities and challenges for this transformative shift in the field. The article begins by contextualizing our argument within recent scholarship, and tracing the development of public-private partnerships in homeland security. The article then examines the growing role of public-private sector partnerships in homeland security. The article concludes by discussing ongoing challenges that will need to be considered and addressed for public-private partnerships to be successful over the long term.

Download as PDF

Austen Givens, “A Systems-Based Approach to Intelligence Reform,” Journal of Strategic Security 5, no. 12 (Spring 2012), pp. 63–84.

Abstract: The terrorist attacks of September 11, 2001 prompted the most comprehensive changes to the U.S. Intelligence Community (IC) since its creation via the National Security Act of 1947. Recent structural and organizational reforms, such as efforts to enhance information sharing and recruit speakers of hard-target languages, have also triggered new challenges to successful transformation. In light of the systemic problems facing the IC, this paper argues that systems engineering, a discipline increasingly useful in organizational change, offers a more efficient, holistic approach to the intelligence reform process than the status quo. Systems engineering views the IC as an integrated and interdependent system, whose value is primarily realized through the relationship among its components. The author makes the case that a systems-based approach to intelligence reform can enhance effectiveness while reducing the risk of unintended consequences.

Download as PDF