Article 1 Review

Donovan Bigby

Cybersecurity in UK Universities: mapping (or managing) threat intelligence sharing within the higher education sector

The study discussed in this text delves into the cyber security ecosystem within the UK Higher Education (HE) sector. It employs a combination of Social Network Analysis (SNA) and qualitative analytical methods to explore collaborative relationships among organizations in this sector, uncover existing impediments, and identify opportunities for improvement. The research reveals low levels of collaboration and highlights the importance of coordinated efforts by various stakeholders, including university management, to enhance institutional resilience through more effective threat intelligence sharing. This study not only provides valuable insights for the UK HE sector but also presents a methodology that can be applied to other sectors or countries. In this introduction, we will set the stage for understanding the significance of this research.

The topic of cybersecurity in the UK higher education sector, as described in the provided text, relates to several principles of the social sciences, including sociology and psychology. The text discusses the willingness of individuals in the higher education sector to collaborate on cybersecurity issues. This relates to sociological concepts of cooperation and collaboration within social networks. It explores the motivations and barriers that influence individuals’ decisions to work together in addressing cybersecurity challenges. The text mentions concerns about individual and institutional reputational damage as a factor inhibiting collaboration. This ties into both sociology and psychology by highlighting the significance of reputation in the context of collective actions and the psychological impact of risks on decision-making. 

The article to me had a couple research questions and hypothesis so I will state them all. What is the collaboration network of organizations within the UK HE ecosystem? What are the factors that facilitate or impede collaboration within the collaboration network in the UK HE sector? How do Chief Information Security Officers (CISOs) and individuals responsible for organizational cyber resilience perceive collaboration within the sector? What are the recommendations for changes that might improve collaboration in the UK HE sector?.

The research in the text employs a mixed methodology that combines qualitative and quantitative research methods. The first one was interviews. Semi-structured interviews were conducted with Chief Information Security Officers (CISOs) from different UK universities and individuals responsible for organizational cyber resilience. These interviews were used to gain background insights, refine research questions, and collect qualitative data on cyber challenges, perceptions of collaboration, barriers to collaboration, and recommendations for improvement. Another one was a questionnaire. A questionnaire was designed based on the insights gained from the interviews. The questionnaire focused on three main themes: collaboration networks, perceptions about collaboration, and demographic information. It was administered to 113 participants responsible for cybersecurity during an online roundtable. The questionnaire included Likert-type scale questions to measure respondents’ collaboration experiences and perceptions of obstacles to collaboration. 

There was quantitative Data and qualitative data done in this research: The quantitative data were collected through the questionnaire administered during the online roundtable. The questionnaire included questions related to collaboration networks, collaboration experiences, and demographic information. The data collected through the questionnaire were analyzed using quantitative methods, including network analysis to map interorganizational collaboration relations and calculate centrality measures within the collaboration network. Likert-type scale responses were used to measure perceptions of collaboration and obstacles to collaboration. The research uses a mixed-methods approach to investigate collaboration networks within the UK HE ecosystem, understand the perceptions and experiences of cybersecurity professionals, and identify factors affecting collaboration. The combination of interviews and questionnaire responses allows for a comprehensive analysis of the research questions and hypotheses.

This study’s significance in the realm of social science within cyber security cannot be overstated. It highlights the interplay between organizational relationships, trust, and collaboration within the context of cyber threat intelligence sharing. The research not only delves into the technical aspects of cyber security but also explores the social dynamics that influence the effectiveness of security measures. Understanding how organizations interact, share information, and build trust networks is crucial in a rapidly evolving cyber threat landscape. This study provides a model for future social science research in cyber security, emphasizing the importance of human factors, relationships, and collaborative networks in enhancing overall cyber resilience. As universities increasingly become targets for cyberattacks, the insights derived from this research have broader implications for strengthening cyber security practices across various sectors, ultimately contributing to a safer digital environment.

In conclusion, this study sheds light on the state of cyber security collaboration within the UK Higher Education sector, emphasizing the urgent need for increased cooperation and information sharing among institutions. It underscores the potential for enhancing cyber resilience and the critical role of university management in facilitating such collaboration. Moreover, the findings offer a broader perspective on the application of Social Network Analysis and qualitative methods to understand collaborative relationships in various domains. The research underscores the importance of cybersecurity collaboration not only for the protection of individual institutions but also for the broader advancement of the UK’s scientific and technological aspirations.

Piazza, Anna, and Srinidhi Vasudevan. “Cybersecurity in UK Universities: Mapping (or Managing) Threat Intelligence Sharing within the Higher Education Sector.” Academic.Oup.Com, 23 Sept. 2023, academic.oup.com/cybersecurity/article/9/1/tyad019/7281495?searchresult=1.

Fear appeals and the patterns of cyber-enabled influence operations

Donovan Bigby

The national security and political integrity of Western democracies face a grave and 

unsettling threat in the form of state-sponsored campaigns to undermine civil society discourse 

through the manipulation of social media and information systems. In today’s interconnected 

world, these platforms have become fertile ground for malicious actors to disrupt the flow of 

information, crafting deceptions so convincing that they deceive even the most discerning of 

audiences. The resurgence of this practice in the 21st century is a direct consequence of the 

global Internet’s ubiquity, with terminology like “fake news,” “democracy hacking,” “election 

hacking,” and the broader term “influence campaigns” or “operations” permeating discussions. 

While this phenomenon garners significant attention, it is beset with political polarization and an 

oversimplified perception of political warfare through social media.

The article discusses the threat posed by state-sponsored influence campaigns on the 

national security and political integrity of Western democracies. These campaigns utilize social 

media and information systems to manipulate information and disrupt civil society discourse. 

The resurgence of such practices in the 21st century is attributed to the global ubiquity of the 

Internet, with terms like “fake news” and “influence campaigns” commonly used to describe 

them. The article proposes that these campaigns are akin to conventional messaging efforts, 

driven by specific objectives and assumptions. It emphasizes the challenges foreign actors face 

due to their outsider status and how they rely on domestic events to create conditions for social 

media manipulation.

From a social sciences perspective, this topic is highly relevant. It explores the interplay 

between politics, technology, and society, offering insights into how information is manipulated 

to influence public opinion and behavior. The article delves into the dynamics of power, 

international relations, and the impact of digital communication on political discourse. It 

highlights the importance of understanding these phenomena in the context of political science, 

communication studies, and sociology to analyze the complexities of state-sponsored influence 

campaigns and their implications for Western democracies.

The study’s primary focus is to investigate coordinated influence campaigns in the 

context of specific triggering events. It seeks to answer two fundamental research questions: 

whether the emission of influence campaign appeals reacts to evolving ground truths, 

particularly macrosocial dividing events, and whether a broader, suspected hidden agenda 

impacts the messaging in these campaigns. The study formulates several hypotheses, including 

the relationship between threat fear appeals and response efficacy and self-efficacy appeals, as 

well as the timing of these appeals in response to real-world events intensifying macrosocial 

issues. Additionally, it explores how unfavorable states of the hidden agenda influence the 

prevalence of threat and efficacy fear appeals. To address these questions and test the 

hypotheses, the study employs a mixed-methods approach, combining qualitative content analysis of online trolling campaigns with quantitative data analysis to understand the dynamics 

of fear appeals and their connection to triggering events.

The study utilized various types of data and employed several analytical approaches to 

investigate the relationship between IRA-sponsored Facebook advertisements, Black Lives 

Matter (BLM) protests, police shootings of African-Americans, Google Trends data on BLM 

search popularity, and the Clinton-Trump polling spread. To overcome accessibility challenges, 

the study automated a pipeline that extracted and analyzed the text content from IRA-sponsored 

Facebook advertisements by utilizing Optical Character Recognition (OCR) technology and 

metadata fields. The BLM protest data, obtained from the elephrame.com website, was collected 

and verified using media links to the demonstrations. Data on police shootings of African-

Americans was sourced from The Washington Post’s database on fatal police encounters. 

Additionally, Google Trends API provided information on the daily weighted search popularity 

of Black Lives Matter, while FiveThirtyEight’s polling data was used to obtain the Clinton-

Trump polling spread. The study merged these datasets into an SQL database for comprehensive 

analysis. This multidimensional approach allowed the researchers to explore the interplay 

between social and political events and IRA advertising strategies in the context of the 2016 U.S. 

presidential election. 

The application of non-negative matrix factorization (NMF) for topic modeling in the 

context of identifying message types of fear appeals within IRA-sponsored Facebook content 

offers valuable insights into the social sciences related to cybersecurity. This analytical approach 

allows researchers to extract meaningful and coherent topics from a corpus of text documents, 

such as the Facebook advertisements, without introducing researcher bias. In the realm of 

cybersecurity, understanding the themes and messages used by threat actors like the IRA is 

critical. By extracting topics from the text of IRA-sponsored content, researchers gain a deeper 

understanding of the strategies employed in information operations and how they relate to social 

and political events. This insight is pivotal for addressing cybersecurity challenges and concerns, 

as it sheds light on the tactics used to manipulate public discourse, influence perceptions, and 

exploit societal divisions.

The topics identified through NMF can have direct relevance to the challenges, concerns, 

and contributions of marginalized groups in the cybersecurity landscape. By examining the fear 

appeals employed in IRA content, researchers can assess how certain message types may 

disproportionately target or impact marginalized communities. Understanding the intersection of 

cybersecurity threats with issues related to race, identity, and social justice is paramount for 

addressing the vulnerabilities and risks faced by these groups. The topic modeling approach can 

provide a lens through which to analyze the nuanced ways in which information warfare can 

exacerbate existing inequalities and challenges experienced by marginalized communities. This knowledge is essential for developing strategies to protect the digital rights, privacy, and security 

of these groups, as well as for fostering inclusivity and resilience in the cybersecurity domain.

In conclusion, this comprehensive study delves into the realm of cybersecurity, 

examining the tactics employed by threat actors, such as the IRA, in their information operations 

on social media platforms. By investigating fear appeals within IRA-sponsored Facebook 

content, this research not only provides insights into the strategies used to manipulate public 

discourse and influence societal divisions but also sheds light on their potential impact on 

marginalized communities. The non-negative matrix factorization (NMF) topic modeling 

technique serves as a valuable tool in identifying and categorizing the message types used by L these threat actors. This approach transcends the boundaries of traditional cybersecurity analysis 

by considering the nuanced intersection between cybersecurity challenges, social issues, and the 

vulnerabilities faced by marginalized groups. As we continue to grapple with evolving threats in 

the digital age, understanding these multifaceted dynamics is crucial for devising comprehensive 

cybersecurity strategies that safeguard digital rights, promote inclusivity, and ensure the security 

of all individuals and communities in an increasingly interconnected world.

Article: https://academic.oup.com/cybersecurity/article/9/1/tyad016/7250062