Diagnosing Misfits, Inducing Requirements, and Delineating Transformations within Computer Network Operations Organizations

Diagnosing Misfits, Inducing Requirements, and Delineating Transformations within Computer Network Operations Organizations

Nikolaos Bekatoros HN (Naval Postgraduate School, USA), Jack L. Koons III (Naval Postgraduate School, USA) and Mark E. Nissen (Naval Postgraduate School, USA)
DOI: 10.4018/978-1-60566-326-5.ch010
OnDemand PDF Download:
$37.50

Abstract

The US Government is moving apace to develop doctrines and capabilities that will allow the Department of Defense (DoD) to exploit Cyberspace for military advantage, and the role of computer networked operations (CNO) has taken on greater importance with the rise of network-centric warfare. Unfortunately, extant CNO organizations are slow to anticipate and react, and as such do not operate well within their highly dynamic environments. Contingency Theory research provides considerable knowledge to guide designing organizational structures that fit well with various mission-environmental contexts, and as such it offers excellent potential to inform leaders and policy makers regarding how to bring their CNO organizations and approaches into better fit, and hence to improve performance. In this chapter, we identify a candidate set of organizational structures that offer potential to fit DoD better as it strives, and struggles, to address the technological advances and risks associated with CNO. Using the Organizational Consultant (OrgCon) expert system to model and diagnose key problems and misfits associated with extant CNO organizations in the DoD, we propose a superior organizational structure for CNO that can also be applied to organizations in the international environment. Results elucidate important insights into CNO organization and management, suitable for immediate policy and operational implementation, and expand the growing empirical basis to guide continued research.
Chapter Preview
Top

Introduction

The Internet has become the new frontier where nation states and stateless actors can communicate on a global scale and with a rate of speed and security as never seen before. The Internet has been operational since 1969 in one form or fashion, and over one billion people are said to use the Internet today (estimated at 1,407,724,920 as of March 2008, Internet Usage Statistics, 2008). Nation states in particular are becoming increasingly reliant on the Internet and Cyberspace for infrastructure to support economic and security interests.

In addition to nation states, the rise of terrorist groups such as Al Qaeda, and other nefarious groups such as mafia crime families, would have been unable to reach current epic proportions without such modern means of global communications. To counter threats from both nation states and nefarious groups, the US maintains numerous organizations (e.g., National Security Agency, military service network commands) charged with the protection and defense of the communications and network infrastructure enabled by the Internet. Indeed, one can argue that a plethora of different, often non-cooperating organizations (e.g., Federal Bureau of Investigation, Central Intelligence Agency) seek simultaneously and with minimal coordination to accomplish efficiently and effectively computer network operations. This confusion and uncoordination between them serves to slow responses to network attacks and intrusions, particularly where more than one organization strives simultaneously to provide critical infrastructure, expertise and technology.

To reverse this trend in part, the US Government is moving apace to develop doctrines and capabilities that will allow the Department of Defense (DoD) to exploit Cyberspace for military advantage. Within the broad rubric of Information Operations (IO), there is increasing effort devoted to shaping the organizational structures of Computer Network Operations (CNO) at the joint, combatant command, and service levels, and the role of CNO has taken on greater importance with the rise of network-centric warfare. Comprised primarily of defense, attack and exploitation, the technological capabilities are growing exponentially, as is the rate of data exchange, yet the organizational structures supporting CNO are slow to anticipate and react. This presents a serious issue in terms of mission-environmental fit, as such organizations do not operate well within their highly dynamic environments, nor are they suited well to the missions and expectations placed upon them.

A half century of Contingency Theory research (e.g., Burns & Stalker, 1961; Harvey, 1968; Galbraith, 1973) provides considerable knowledge to guide designing organizational structures that fit well with various mission-environmental contexts, and as such it offers excellent potential to inform leaders and policy makers regarding how to bring their CNO organizations and approaches into better fit, and hence to improve performance. The key research question is, which organizational configurations provide the best CNO performance within the network-centric environment?

The purpose of this chapter is to identify a candidate set of organizational structures that offer potential to fit DoD like agencies, and international organizations as they strive, and struggle, to address the technological advances and risks associated with CNO. Using the Organizational Consultant (OrgCon) expert system to model and diagnose key problems and misfits associated with extant CNO organizations in the DoD, we propose a superior organizational structure for CNO, and we outline a three-step transformation plan to guide movement toward such structure.

In the balance of this chapter, we first review key background literature on CNO and the OrgCon expert system. We then describe a grounded CNO organization model specified via OrgCon, and depict such model in two, contrasting, network-centric environments. Results follow to elucidate important insights into CNO organization and management, suitable for immediate policy and operational implementation, and expand the growing empirical basis to guide continued research along these lines. Hence, the potential contribution of this research has both theoretical and real-world implications, and should appeal to both the academic and practitioner communities.

Complete Chapter List

Search this Book:
Reset
Editorial Advisory Board
Table of Contents
Foreword
Merrill Warkentin
Preface
Kenneth J. Knapp
Acknowledgment
Kenneth J. Knapp
Chapter 1
Jaziar Radianti, Jose J. Gonzalez
This chapter discusses the possible growth of black markets (BMs) for software vulnerabilities and factors affecting their spread. It is difficult... Sample PDF
Dynamic Modeling of the Cyber Security Threat Problem: The Black Market for Vulnerabilities
$37.50
Chapter 2
Somak Bhattacharya, Samresh Malhotra, S. K. Ghosh
As networks continue to grow in size and complexity, automatic assessment of the security vulnerability becomes increasingly important. The typical... Sample PDF
An Attack Graph Based Approach for Threat Identification of an Enterprise Network
$37.50
Chapter 3
Robert F. Mills, Gilbert L. Peterson, Michael R. Grimaila
The purpose of this chapter is to introduce the insider threat and discuss methods for preventing, detecting, and responding to the threat. Trusted... Sample PDF
Insider Threat Prevention, Detection and Mitigation
$37.50
Chapter 4
Richard T. Gordon, Allison S. Gehrke
This chapter describes a methodology for assessing security infrastructure effectiveness utilizing formal mathematical models. The goal of this... Sample PDF
An Autocorrelation Methodology for the Assessment of Security Assurance
$37.50
Chapter 5
Ken Webb
This chapter results from a qualitative research study finding that a heightened risk for management has emerged from a new security environment... Sample PDF
Security Implications for Management from the Onset of Information Terrorism
$37.50
Chapter 6
Yves Barlette, Vladislav V. Fomin
This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A... Sample PDF
The Adoption of Information Security Management Standards: A Literature Review
$37.50
Chapter 7
Peter R. Marksteiner
Information overload is an increasingly familiar phenomenon, but evolving United States military doctrine provides a new analytical approach and a... Sample PDF
Data Smog, Techno Creep and the Hobbling of the Cognitive Dimension
$37.50
Chapter 8
John W. Bagby
The public expects that technologies used in electronic commerce and government will enhance security while preserving privacy. These expectations... Sample PDF
Balancing the Public Policy Drivers in the Tension between Privacy and Security
$37.50
Chapter 9
Indira R. Guzman, Kathryn Stam, Shaveta Hans, Carole Angolano
The goal of our study is to contribute to a better understanding of role conflict, skill expectations, and the value of information technology (IT)... Sample PDF
Human Factors in Security: The Role of Information Security Professionals within Organizations
$37.50
Chapter 10
Nikolaos Bekatoros HN, Jack L. Koons III, Mark E. Nissen
The US Government is moving apace to develop doctrines and capabilities that will allow the Department of Defense (DoD) to exploit Cyberspace for... Sample PDF
Diagnosing Misfits, Inducing Requirements, and Delineating Transformations within Computer Network Operations Organizations
$37.50
Chapter 11
Rodger Jamieson, Stephen Smith, Greg Stephens, Donald Winchester
This chapter outlines components of a strategy for government and a conceptual identity fraud enterprise management framework for organizations to... Sample PDF
An Approach to Managing Identity Fraud
$37.50
Chapter 12
Alanah Davis, Gert-Jan de Vreede, Leah R. Pietron
This chapter presents a repeatable collaboration process as an approach for developing a comprehensive Incident Response Plan for an organization or... Sample PDF
A Repeatable Collaboration Process for Incident Response Planning
$37.50
Chapter 13
Dean A. Jones, Linda K Nozick, Mark A. Turnquist, William J. Sawaya
A pandemic influenza outbreak could cause serious disruption to operations of several critical infrastructures as a result of worker absenteeism.... Sample PDF
Pandemic Influenza, Worker Absenteeism and Impacts on Critical Infrastructures: Freight Transportation as an Illustration
$37.50
Chapter 14
Preeti Singh, Pranav Singh, Insu Park, JinKyu Lee
We live in a digital era where the global community relies on Information Systems to conduct all kinds of operations, including averting or... Sample PDF
Information Sharing: A Study of Information Attributes and their Relative Significance During Catastrophic Events
$37.50
Chapter 15
Gregory B. White, Mark L. Huson
The protection of cyberspace is essential to ensure that the critical infrastructures a nation relies on are not corrupted or disrupted. Government... Sample PDF
An Overview of the Community Cyber Security Maturity Model
$37.50
Chapter 16
Doug White, Alan Rea
In this chapter the authors present essential server security components and develop a set of logical steps to build hardened servers. The authors... Sample PDF
Server Hardening Model Development: A Methodology-Based Approach to Increased System Security
$37.50
Chapter 17
Jeff Teo
Computer attacks of all sorts are commonplace in today’s interconnected, globalized society. A computer worm, written and released in one part of... Sample PDF
Trusted Computing: Evolution and Direction
$37.50
Chapter 18
Miguel Jose Hernandez y Lopez, Carlos Francisco Lerma Resendez
This chapter discusses the basic aspects of Honeypots, how they are implemented in modern computer networks, as well as their practical uses and... Sample PDF
Introduction, Classification and Implementation of Honeypots
$37.50
About the Contributors