Date

12-19-2024

Department

Helms School of Government

Degree

Doctor of Philosophy in Criminal Justice (PhD)

Chair

Douglas Orr

Keywords

cybersecurity, critical infrastructure, criminology

Disciplines

Computer Sciences | Social and Behavioral Sciences

Abstract

This dissertation explores the application of the Taxonomy for Risk Assessment of Cyberattacks on Critical Infrastructure (TRACI) framework, a tool designed to systematically evaluate cybersecurity threats against critical infrastructure. TRACI integrates principles from Routine Activity and Rational Choice Theories to provide a detailed and comprehensive understanding of cybersecurity risks. This integration facilitates an in-depth analysis not only of how cyberattacks occur but also of the underlying reasons they are initiated, by categorizing and assessing risks based on factors such as attacker motivations and systemic vulnerabilities. By employing ANOVA to assess variations in risk assessment scores across TRACI's designated categories—Assets, Risk Management, and Attacker Motivation— the study investigates how these categories are effectively operationalized within the framework to enhance understanding of cyber threats. This analysis creates an understanding for developing predictive models and response strategies in critical infrastructure protection, offering insights not only into how attacks occur but also why they are initiated. The research operationalizes TRACI's risk categories using specific, measurable criteria derived from publicly available information and academic case studies, thus ensuring a comprehensive evaluation of the framework's application to real-world scenarios. This approach addresses the need for a theoretical foundation in risk assessment practices and potentially enhancing cybersecurity measures within critical infrastructures.

Download

Share

COinS