Understanding the institutional landscape of cyber security
Author(s)
Testart Pacheco, Cecilia Andrea
DownloadFull printable version (12.99Mb)
Other Contributors
Technology and Policy Program.
Advisor
David D. Clark.
Terms of use
Metadata
Show full item recordAbstract
The decentralized architecture of the Internet, which has been key to its development and worldwide deployment, is making it challenging to secure Internet user experience. Many organizations claim to be playing a role in improving Internet security. If anything, the space of security-related institutions seems on first inspection to be over-populated, yet poor security persists. This work proposes a framework to understand the role different institutions play in cyber security. The analysis gives insights into the broad institutional ecosystem of public, private and international actors, and the varied nature of these institutions, their interests, incentives, and contributions to cyber security from hardware, software, protocols, standards and regulation. Based on natural language clustering algorithms, this framework classifies institutions along five dimensions: the aspect of cyber security the institution covers (e.g. network security, cybercrime), the industry and activity sector of the institution (e.g. telecommunications, software and service providers), whether it is part of a specific jurisdiction (e.g. US, Europe), specific institution's characteristics such as its working mode (e.g. forum, information sharing) or primary focus (e.g. economic development, consumer trust), and the governance type (for-profit, not-for-profit, government or international organization). We developed a dataset of approximately 120 institutions that claim a role with respect to cyber security, and using the framework, we identify areas of competing and overlapping institutional interest, relevant areas out of scope of current institutions and dysfunctionalities that hinder overall security improvement.
Description
Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2016. Thesis: S.M. in Technology and Policy, Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society, Technology and Policy Program, 2016. Cataloged from PDF version of thesis. Includes bibliographical references (pages 145-153).
Date issued
2016Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science; Massachusetts Institute of Technology. Engineering Systems Division; Massachusetts Institute of Technology. Institute for Data, Systems, and Society; Technology and Policy ProgramPublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science., Institute for Data, Systems, and Society., Engineering Systems Division., Technology and Policy Program.