CCE Theses and Dissertations
Date of Award
2020
Document Type
Dissertation
Degree Name
Doctor of Philosophy (PhD)
Department
College of Computing and Engineering
Advisor
Gertrude W. Abramson
Committee Member
Steven R. Terrell
Committee Member
Kim Round
Keywords
cloud security, cyber key terrain, cybersecurity, mission mapping, risk management framework, terrain analysis
Abstract
Key terrain is a concept that is relevant to warfare, military strategy, and tactics. A good general maps out terrain to identify key areas to protect in support of a mission (i.e., a bridge allowing for mobility of supplies and reinforcements). Effective ways to map terrain in Cyberspace (KT-C) has been an area of interest for researchers in Cybersecurity ever since the Department of Defense designated Cyberspace as a warfighting domain. The mapping of KT-C for a mission is accomplished by putting forth efforts to understand and document a mission's dependence on Cyberspace and cyber assets. A cloud Cybersecurity Service Provider (CSSP) continuously monitors the network infrastructure of an information system in the cloud ensuring its security posture is within acceptable risk. This research is focused on mapping the key terrain that supports the continuous monitoring mission of a cloud CSSP.
Traditional methods to map KT-C have been broad. Success has been difficult to achieve due to the unique nature of the Cyberspace domain when compared to traditional warfighting domains. This work focuses on a specific objective or mission within cyberspace. It is a contextual approach to identify and map key terrain in cyberspace. Mapping is accomplished through empirical surveys conducted on Cybersecurity professionals with various years of experience working in a cloud or CSSP environment. The background of the Cybersecurity professionals participating in the survey will include United States Government personnel/contractors, and other Cybersecurity practitioners in the private sector. This process provided an approach to identify and map key terrain in a contextual manner specific to the mission of a typical cloud CSSP. Practitioners can use it as a template for their specific cloud CSSP mission.
NSUWorks Citation
Chris Bush. 2020. Protecting the Protector: Mapping the Key Terrain that Supports the Continuous Monitoring Mission of a Cloud Cybersecurity Service Provider. Doctoral dissertation. Nova Southeastern University. Retrieved from NSUWorks, College of Computing and Engineering. (1136)
https://nsuworks.nova.edu/gscis_etd/1136.