log in  |  register  |  feedback?  |  help  |  web accessibility
PhD Defense: Optimizing Proactive Measures for Security Operations
Rock Stevens
Friday, October 30, 2020, 1:30-3:30 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
Digital security threats may impact governments, businesses, and consumers through intellectual property theft, loss of physical assets, economic damages, and loss of confidence. Significant effort has been placed on technology solutions that can mitigate threat exposure. Additionally, hundreds of years of literature have focused on non-digital, human-centric strategies that proactively allow organizations to assess threats and implement mitigation plans.

For both human and technology-centric solutions, little to no prior research exists on the efficacy of how humans employ digital security defenses. Security professionals are armed with commonly adopted "best practices" but are generally unaware of the particular artifacts and conditions (e.g., organizational culture, procurement processes, employee training/education) that may or may not make a particular environment well-suited for employing the best practices.

In this thesis, I study proactive measures for security operations and related human factors to identify generalizable optimizations that can be applied for measurable increases in security. Through interview and survey methods, I investigate the human and organizational factors that shape the adoption and employment of defensive strategies. Case studies with partnered organizations and comprehensive evaluations of security programs reveal security gaps that many professionals were previously unaware of --- as well as opportunities for changes in security behaviors to mitigate future risk. These studies highlight that, in exemplar environments, the adoption of proactive security assessments and training programs lead to measurable improvements in organizations' security posture.

Examining Committee: 


                           Chair:              Dr. Michelle Mazurek                         
                           Dean's rep:      Dr. Jennifer Golbeck
                          Members:         Dr. Tudor Dumitras
                                                Dr. Dave Levin
                                                Dr. John Dickerson  

Rock Stevens is a computer science Ph.D. candidate at the University of Maryland researching human factors in digital security. He received a M.S. in computer science from the University of Maryland and a M.A. in national security and strategic studies from the U.S. Naval War College. Contact him at rstevens@cs.umd.edu.

This talk is organized by Tom Hurst