How can cyberspace users and/or organizations protect their ICT systems from cyber threat actors?

Problem Statement

There is a clear problem with the United States Air Force’s intention to achieve cyberspace superiority. Most academic research conducted on the cyberspace domain has revealed it to be an ungovernable virtual environment. Cyberspace is riddled with cyber threat actors in the forms of hackers, organized crime group, cyberterrorism, and nation state (Hollis & Ohlin, 2018). The Air Force, private and nonprofit organizations and typical internet users are not exempt from cyber threat actors. This problem not only threatens the Air Force workforce ability to operate in cyberspace but also hinders management of information and communications infrastructure networks (NATO HQ, 2021). Most professionals and stakeholders consider cyber security measures and strict governance for combating cybercrime. This study will investigate the Air Force strategy for cyberspace superiority, current cyberspace rules and regulations, and cyber threat actors using both qualitative and quantitative research methods to query plausible solutions.

Participants, Data, and Access

In addressing the Air Force cyberspace strategy, this research will identify the Airmen and civilians tasked with maintaining the Information and Communications Technology (ICT) systems. These individuals vary by ranks, pay grade, duty positions, and experience but they serve in both network defensive and offensive, and base help desk roles. Normally, defensive operators safeguard DOD and non-DOD systems and networks from inside and outside intrusion (Panwala, 2021). It warrants manpower and expertise to maintain network and mission operations, and develop techniques to counter the threats. The Air Force network operators and administrators receive industry-level trainings and certifications prior to getting access to both unclassified and classified networks (Nishimura, Kanoshima, & Kono, 2019). They are informed about the Air Force’s cyberspace strategy and cyber security measures.

They would be the ideal target population to participate in this research study. As a Communications Operations Officer (17D) in the Air Force, I am exposed to everything information and communications related. In addition to having access and proficiency in the Air Force cyberspace mission, I also lead some key cyber security functions for my installation. I possess firsthand experience with the Air Force’s cyber security protocols. I have also served in several positions of authority and worked alongside civilian leaders in military ranks. Locally, I can contact all 156 personnel workforce tasked with managing the installation ICT network. In addition, as a member of 17D Facebook Group, I have access to another pool of 3,000 participants. Eliminating bias from the research is foundational. The research design, data collection, and analysis process were selected to drastically reduce systemic errors and bias. My involvement as 2 researcher is restricted to collecting and analyzing the data collected. Participants will sign waivers to only provide valid and reliable data. Participants selected will be asked general cyberspace domain questions concerning the Air Force ICT networks, cyber security approach, and cyberspace governance. The participants should be able to provide insights on the Air Force’s strategy to secure cyberspace superiority and maintaining a robust cyber security posture. At my location, I will conduct interviews with participants and rely on questionnaire to capture data from non-local participants. Data collected from interviews and questionnaire will be used to fulfill the quantitative aspect of the study. The research methodology calls for both qualitative and quantitative methods. Interviews, field observations, and surveys will help with hypothesis development and supplement the mixed methodology approach. All primary and secondary data collected will be saved on my password protected computer.

Clearance and permission to vet and interview the base cyber workforce will be submitted to the current base Commander for approval. Similarly, a formal request will be sent to 17D Facebook Group Administrators prior to surveying its members. Participants’ responses will be scrutinized for misinformation and bias, and ultimately omitted from the research. Over a period of 30 days, I will conduct personal interviews with the base participants and store the data on a Voice Recorder for analysis. The Facebook respondents will take a questionnaire. Each question on the questionnaire should contribute to testing one or more hypothesis or research question established in the research design (Brown, 2006). Prior to formal release, the questionnaire will undergo 3 a pilot testing to test for clarity, bias, and design conflict. Participants for the pilot trial will be randomly selected from the study population.

Design Choice

The primary design choice for this research is grounded theory. Since the methodology will involve both qualitative and quantitative elements, the research also calls for the integration of survey-based research designs. While the grounded theory is time-consuming and labor-intensive, it limits bias and produces more diverse set of answers to research questions (Brown, 2006). Grounded theory also supports changes in research while discarding assumptions.

The researcher is granted flexibility to be creative and methodical to data analysis (Creswell, 2016). There is not much information readily available about cyberspace governance. Normally, the grounded theory research approach is used to fill in the gap in research and/or propose new theories. Data collected through interviews and survey will help in forecasting the needed rules and regulations in cyberspace. The investigation into the Air Force cyberspace strategy and cyber security posture as compared to industry standards will also instigate an understanding for cyber literacy and safety.

Purpose Statement

In most developed countries, people spend as much time in the physical world as they do in cyberspace. Cyberspace represents the ideal environment for information sharing and social connection. The United States Air Force ruminates cyberspace as a domain for war, in addition to land, sea, air, and space. However, achieving cyberspace superiority entails overcoming the security threats found in cyberspace and lack of governance.

The purpose of this systematic review is to uncover and analyze the Air Force’s strategy for cyberspace superiority and defensive measured to counter cyber threat actors. Enquiry of the rules and regulations in cyberspace should provide needed explanation for lack of governance. This study will follow a mixed-methodology approach for data collection. Cyber professionals located at my current Air Force base will be interviewed to capture personal experiences and daily job functions. Quantitative data collected through questionnaire via specialized Cyber Facebook page will complement the research premise. All primary and secondary data collected will be stored in Alfresco, which is a document and content management software.

Research Questions

This study will address the following research questions:

Research Question 1: What would the United States Air Force have to do to achieve cyberspace supremacy?

Research Question 2: How can the typical computer user protect himself/herself from vulnerabilities and cyber threat actors?

Research Question 3: What are some common sense rules and regulations that should be implemented in cyberspace?

Research Question 4: What is the importance of cyberspace and why is it so critical to the Air Force and national security?

Research Question 5: Do the current applicable rules and regulations in cyberspace are enough to deter cybercrime?

Research Question 6: What are the limitations with prosecuting international cyber threat actors?

Research Question 7: Are certain hardware and software classified as hacking tools? If yes, should the authorities account for the individuals who buy them?

Research Question 8: Is it an achievable goal for the Air Force to attain cyberspace supremacy?

Research Question 8: How can cyberspace users and/or organizations protect their ICT systems from cyber threat actors?