Abstract
Cybersecurity is a concern for individuals and organizations alike in this digitized age. A consequence of the increased reliance on Internet of Things devices and software tools is the increased attack surface vulnerable to cyber threats and information leaks. Thus, it is important to explore risk prevention and mitigation techniques. My research addresses both a technical and sociotechnical strategy for pursuing greater security through software development and cyber insurance.
In the technical component of my research, I describe my role at CACI International, Inc., creating custom software services to aid analysts in drawing meaningful insights from big data. These programs leverage the powerful indexing and search engine of Elasticsearch to present web-scraped data to analysts, decreasing research time. The applications, coded in Python and deployed in Docker on Amazon Web Services (AWS) Elastic Cloud Compute (EC2) instances, created an isolated environment that prevents tracking. Creating custom software allowed greater flexibility and accessibility with open-source and cost-effective tools, potentially extendable to other applications. As research needs change, the software applications will need to be continually maintained and upgraded, and the need for new software applications will arise. While in-house software development can increase the security of a software service, it is important to consider the sociotechnical dimensions that affect security practices within organizations.
In the STS component of my research, I investigated the effect of cyber insurance on hospital cybersecurity. As a recently developed market, cyber insurance has unrealized potential to increase cybersecurity practices in hospitals and decrease ransomware attacks. Using Actor-Network Theory (ANT), my research investigates how cyber insurance, hospital administrators, ransomware, and the government are all actants in a system shaping cyber insurance policy and ransomware attacks. My research found that the underwriting process of cyber insurance can shape hospital cybersecurity by incentivizing baseline cybersecurity standards through premiums and claims. In addition, the practices of both insurance and hospital policies are shaped around government regulation, such as government bans on ransomware payments and the Health Insurance Portability and Accountability Act (HIPAA), which requires hospitals to protect patients’ sensitive health information. Through a balance of insurance and government policy, there can be a positive effect on cybersecurity practices in hospitals to enhance resiliency against ransomware.
Both these topics provided me with deeper insight into strategies to secure a system against cyber vulnerabilities, from a software scale to a policy scale. The technical component utilized software development to create custom applications that reduced tracking, while the STS component explored how cyber insurance policies can be used to shape a company’s cybersecurity, protecting critical infrastructure such as hospitals. Each component explores current risk prevention and mitigation strategies actively employed by organizations. As ransomware is an evolving threat, company software and cyber insurance policies must similarly evolve to keep up. Exploring current technologies and the sociotechnical implications of policies like cyber insurance enables engineers to stay informed and more effectively contribute to the development of secure systems and future policies.
