Research

Click here to see (IC)3's major projects at a glance

 

Samples of Research at (IC)3

Listed below are samples of the research work being done by the (IC)3 team.  

To hear more about our Cybersecurity Research, learn how you can use this research to increase and improve the Cybersecurity of your organization, and learn how you can interact with the MIT faculty, researchers, and students -- please contact one of the (IC)3 Directors on the People page, and then join (IC)3.  

More recent presentations and reports can be found on the Materials for Members page.

Research Overview Documents 

House of Security

Building a Cybersecurity Culture

Cybersecurity Culture Maturity Model

Cybersecurity in Healthcare

Managing Risk with Cyber Insurance

The Business of the Dark Web (forthcoming)

Cybersecurity Impact on the Adoption of IoT Technology (forthcoming)

 Sample of PowerPoint/Poster Presentations

  1. Studying the Tension Betwen Digital Innovation and Cybersecurity - as presented at the AMCIS conference, August 2017, by Natasha Nelson and Stuart Madnick.

  2. PreventOTPhysDamage: Anticipating and Preventing Catastrophic OT Physical Damage Through System Thinking Analysis - as presented at the CRED-C conference, March 2017, by Matt Angle, Stuart Madnick, James L. Kirtley, and Nabil Sayfayn

  3. The Wolves of Vuln Street: The 1st System Dynamics Model of the 0day Market - as presented at the RSA Conference, April 21, 2015, Moscone Center, by (IC)3 Associate Director Michael Siegel, and Katie Moussouris, HackerOne

  4. Cyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cybersecurity Applied to TJX Case - as presented at the International Atomic Energy Agency, Vienna, June 2, 2015

  5. Advancing Cybersecurity Using System Dynamics Simulation Modeling For System Resilience, Patching, and Software Development - as presented September 3, 2014

  6. Advancing Cybersecurity Using System Dynamics Simulation Modeling For Analyzing & Disrupting Cybercrime Ecosystem & Vulnerability Markets - as presented September 3, 2014

  7. Cyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cybersecurity Applied to TJX Case

  8. MIT House of Security: Techniques to Quantify Perceptions and Other Cultural Aspects of Cyber Security

 

 A Sampling of Research Papers

Each title below is a link to the actual research paper. To maintain continued and early access to (IC)3, research, models and tools, please JOIN (IC)3 now.
 

 

  1. The Internet of Things (IoT) Promises New Benefits — And Risks: A Systematic Analysis of Adoption Dynamics of IoT Products

  2. Decision Making and Biases in Cybersecurity Capability Development: Evidence from a Simulation Game Experiment

  3. Measuring Stakeholders' Perceptions of Cybersecurity for Renewable Energy Systems

  4. A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems: Applied to Stuxnet

  5. Cyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cyber Security Risks (Condensed 37 page version)

  6. Cyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cyber Security Risks (Full 157 page version)

  7. The House of Security: Stakeholder Perceptions of Security Assessment and Importance (FSTC)

  8. Using System Dynamics to Model and Better Understand State Stability (SD)

  9. Institutional Foundations for Cyber Security: Current Responses and New Challenges (JITD)

  10. Inter-Organizational Information Sharing of Customer Data in Retail

  11. Issues in Strategic Management of Large-Scale Software Product Line Development

  12. Challenges in Implementing Enterprise Resource Planning (ERP) system in Large Organizations: Similarities and Differences Between Corporate and  University Environment

  13. Using System Dynamics to Analyze the Effect of Funding Fluctuation on Software Development (ASEM)

  14. Agile Project Dynamics: A System Dynamics Investigation of Agile Software Development Methods (SD Conference)

  15. Towards better understanding Cybersecurity:  or are "Cyberspace" and "Cyber Space" the same? (WISP)

  16. Strategic Philanthropy for Cyber Security: An extended cost-benefit analysis framework to study cybersecurity

  17. Comparative Analysis of Cybersecurity Metrics to Develop New Hypotheses (WISP)

  18. Institutional Foundations for Cyber Security: Current Responses and New Challenges (revised)

  19. Exploring Terms and Taxonomies Relating to the Cyber International Relations Research Field: or are "Cyberspace" and "Cyber Space" the same?

  20. Institutional Foundations for Cyber Security: Current Responses and New Challenges

  21. Experiences and Challenges with using CERT Data to Analyze International Cyber Security (AIS/WISP)

  22. Explorations in Cyber International Relations (ECIR) - Data Dashboard Report #1: CERT Data Sources and Prototype Dashboard System

  23. A Systems Approach to Risk Management (ASEM)

  24. An Economic Analysis of Policies for the Protection and Reuse of Non-Copyrightable Database Contents (JMIS)

  25. Preventing Accidents and Building a Culture of Safety: Insights from a Simulation Model

  26. Enhancing Vehicle Safety Management in Training Deployments: An Application of System Dynamics

  27. House of Security: Locale, Roles and Resources for Ensuring Information Security (AMCIS)

  28. Improving National and Homeland Security through Context Knowledge Representation & Reasoning Technologies (Book chapter)

  29. Understanding & Modeling State Stability: Exploiting System Dynamics (IEEE Aerospace)

  30. Understanding & Modeling State Stability: Exploiting System Dynamics (PCAS Final Report with Appendices)

  31. Policy for the Protection and Reuse of Non-Copyrightable Database Contents

  32. To Standardize Enterprise Data or Not?  An Economic Analysis of Flexibility versus Control

  33. Context Mediation Demonstration of Counter-Terrorism Intelligence (CTI) Integration

  34. Research Initiative to Understand & Model State Stability: Exploiting System Dynamics (SD)

  35. Linkage Between Pre- and Post- Conflict: Exploiting Information Integration & System Dynamics (IEEE Aerospace)

  36. Improving National and Homeland Security through a proposed Laboratory for Information Globalization and Harmonization Technologies (LIGHT)

  37. Global e-Readiness - For What?  Readiness for e-Banking (Journal of IT Development)

  38. Improving UccNet-Compliant B2B Supply-Chain Applications Using a Context Interchange Framework (BAI2004)

  39. Information Integration for Counter Terrorism Activities: The Requirement for Context Mediation (IEEE Aerospace)

  40. LIGHTS: Laboratory for Information Globalization and Harmonization Technologies and Studies

  41. Attribution Principles for Data Integration:  Technology and Policy Perspectives - Part 2: Focus on Policy

  42. Attribution Principles for Data Integration:  Technology and Policy Perspectives - Part 1: Focus on Technology

  43. Why Not One Big Database? Principles for Data Ownership (DSS)

Research Impact Overview

House of Security

Building a Culture of Cybersecurity

Managing Risk with Cyber Insurance