During the last 18 months Agder University College (AUC) has established an interdisciplinary collaboration with highly ranked US institutions (CERT/CC at Carnegie Mellon; Rockefeller College of Public Affairs and Policy, University at Albany; Sandia Nati onal Laboratories, Critical Infrastructures Modeling and Simulation Department; and the Learning Systems Institute at Florida State University). We have jointly studied research challenges within cyber security that are far from a satisfactory solution. A major one - the insider threat to organizations - is of grave concern for homeland security. Another crucial one is advancing the quality of reporting and use of cyber security data. We have been able to establish two projects in cooperation with our Nor th American partners: 1) A pre-project to identify and suppress dynamic triggers that escalate to create organizational vulnerabilities and might provoke major insider attacks; 2) two NRC-funded projects, A Model-Based Approach to Security Culture (164384 AMBASEC) and From Incident Response to Incident Management (164372 IRMA) studying cyber security in Norwegian offshore in cooperation with the Norwegian Oil Industry Association (OLF) and others.
We aim at defining large-scale projects to improve securit y by improving the availability and quality of cyber data and its use in models. We target the application of models for better security & survivability of critical infrastructure and improved security performance and competence at all levels in security- sensitive or at-risk organizations. The proposal involves AUC, the Information Security Dept. at Gjøvik University College & SINTEF (all Norway) and our US partners. We will build upon and extend existing cooperation. The main outcome of ISECBIDAT will be large-scale project proposals to National Science Foundation's 'Cyber Trust' and 'Human and Social Dynamics' programs and - depending on availability of suitable R&D programs - to the NRC.