Search results

We describe a holistic approach to promoting school safety that merges an emphasis on student voice with staff training in restorative practices. We first describe current approaches to keeping schools safe based on the existing research literature. Given that most of these approaches rely on access to credible information about potential threats to school safety, we then discuss student voices as one critical source of information, especially at the middle and high school level. We report on a recently developed tool designed to encourage students to share threats to school safety they are aware of with adults. Initial testing identified potential barriers and facilitators to students' willingness to share information. We discuss teacher training in restorative practices as one approach that might address some of these barriers, including anti-snitching cultures in schools, students' lack of trust in adult responses to student-identified concerns, and punitive school climates. Based on recent work, we identify barriers and facilitators to implementing restorative practices in schools. We provide recommendations about potential strategies to merge student voice with school personnel's training in restorative practices to minimize peer victimization that can escalate into violent behavior.

In response to a critical need for uniform school crisis preparedness and response efforts across districts, the National Association of School Psychologists developed PREPaRE, a model and training curriculum aimed to equip school-based professionals to engage in comprehensive school crisis prevention and intervention practices. The PREPaRE acronym stands for: Prevent/Prepare for psychological trauma; Reaffirm physical health, security, and safety; Evaluate psychological trauma; Provide interventions (and) Respond to psychological needs; and Examine the effectiveness of prevention and intervention efforts. The model spans four crisis preparedness phases: Prevention, Mitigation, Response, and Recovery. This chapter provides a detailed overview of the development and structure of the PREPaRE model's core components and the organizational framework of the Incident Command System. It delineates elements of the basic school crisis response plan, assessment of mental health risk following a crisis event, and the provision of crisis interventions within a multitiered system of support framework. Additionally, it summarizes ongoing effectiveness and implementation research used to evaluate and improve the model based on immediate training outcomes assessed through pre and postmeasures and training transfer to applied school contexts. Implications for research and public policy regarding school safety and crisis prevention and intervention, as well as the future of PREPaRE curriculum development, are discussed.

In the mid-2000s, the operator of New York City’s mass transit network committed more than a half-billion dollars to military contractor Lockheed Martin for a security technology capable, in part, of inferring threats based on analysis of data streams, of developing response strategies, and taking automated action toward alerts and calamities in light of evolving circumstances. The project was a failure. This chapter explores the conceptualization and development of this technology – rooted in cybernetics – and compares its conceptual underpinnings with some situated problems of awareness, communication, coordination, and action in emergencies as they unfold in one of the busiest transport systems in the world, the New York subway. The author shows how the technology, with all the theatrical trappings of a “legitimate” security solution, was apparently conceived without a grounded understanding of actual use-cases, and the degree to which the complex interactions which give rise to subway emergency can be anticipated in – and therefore managed through – a technological system. As a case-study, the chapter illustrates the pitfalls of deploying technology against problems which are not well-defined in the first place, to the neglect of investments against much more fundamental problems – such as inadequate communication systems, and unstable relationships with emergency response agencies – which might offer guaranteed benefits, and indeed lay a firm groundwork for future deployment of more ambitious technology.

To assess which partnerships were most critical during the recovery planning process following Hurricanes Maria and Irma. We discuss the roles and impact of different types of partners, barriers and facilitators to partnerships and lessons in collaboration during the development of the economic and disaster recovery plan for Puerto Rico.

The Homeland Security Operational Analysis Center (HSOAC) was tasked with assisting the Puerto Rican government with an assessment of damages from Hurricanes Maria and Irma and the development of the Recovery Plan. During the process, a small team compiled and coded a database of meetings with non-HSOAC partners. The team was divided into sector teams that mirrored FEMA’s Recovery Support Functions. Each sector completed two surveys identifying high impact partners and their roles and contributions, as well as barriers and facilitators to partnerships.

A total of 1,382 engagements were recorded across all sectors over seven months. The most frequently identified high impact partners were federal and Puerto Rican governmental organizations partners. NGOs and nonprofits were noted as key partners in obtaining community perspective. Sector teams cited a lack of trust and difficulty identifying partners as barriers to partner engagement. Given the expedited nature of disaster response, establishing partnerships before disasters occur may help facilitate community input. Early networking, increased transparency and defining roles and responsibilities may increase trust and effectiveness among partnerships.

To our knowledge, this is one of the few studies that quantifies and illustrates the partnerships formed and their contributions during recovery planning, and lessons learned.

Granting ‘sanctuary’ in the United States to those fleeing poverty and violence is rooted in a deep history of hospitality and compassion. As we are witnessing a rise in xenophobia accompanied by policies of exclusion, we also see a rising number of ‘sanctuary jurisdictions’ limiting their cooperation with immigration authorities that many communities consider are using extremely harsh and punitive measures to detain and deport irregular migrants. As this chapter will demonstrate, there has been a dramatic increase through ‘immigration federalism’ of the number of these jurisdictions in cities, states and municipalities since the first practices of ‘sanctuary’ in the 1980s as result of the waves of forced migration due to the civil wars in Central America. The author also proposes that those entities granting ‘sanctuary’ to irregular migrants should also apply practices of ‘compassionate migration’ as described in the chapter to expand their protections further and include them in their communities.

The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.

This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence?

In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel.

This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn.

Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations.

Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats.

Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.

The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is little research that examines the public’s objective knowledge of secure information security practices. The purpose of this study is to examine how objective cyber awareness is distributed throughout society.

This study draws on a large national survey of adults to examine the relationship between individual factors – such as demographic attributes and socioeconomic resources – and information security awareness. The study estimates several statistical models using weighted logistic regression to model objective information security awareness.

The results indicate that socioeconomic resources such as income and education have a significant effect on individuals’ information security awareness with richer and more highly educated individuals exhibiting greater awareness of important security practices and tools. Additionally, age and gender represent consistent and clear informational gaps in society as older individuals and females are significantly less knowledgeable about an array of information security practices than younger individuals and males, respectively.

The findings have important implications for our understanding of information security behavior and user vulnerability in an increasingly digital and connected society. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks. While digital technology will continue to permeate many aspects of daily life – from financial transactions to health services to social interactions – the findings here indicate that some users may be far more exposed and vulnerable to attack than others.

This study contributes to our understanding of general user information security awareness using a large survey and statistical models to generalize about the public’s information security awareness across multiple domains and stimulates future research on public knowledge of information security. The findings indicate that some users may be far more exposed and vulnerable to attack than others. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks.

The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.

The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.

The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.

Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.

The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

A research line has emerged that is concerned with investigating human factors in information systems and cyber-security in organizations using various behavioural and socio-cognitive theories. This study aims to explore human and contextual factors influencing cyber security behaviour in organizations while drawing implications for cyber-security in higher education institutions.

A systematic literature review has been implemented. The reviewed studies have revealed various human and contextual factors that influence cyber-security behaviour in organizations, notably higher education institutions.

This review study offers practical implications for constructing and keeping a robust cyber-security organizational culture in higher education institutions for the sustainable development goals of cyber-security training and education.

The value of the current review arises in that it presents a comprehensive account of human factors affecting cyber-security in organizations, a topic that is rarely investigated in previous related literature. Furthermore, the current review sheds light on cyber-security in higher education from the weakest link perspective. Simultaneously, the study contributes to relevant literature by gaining insight into human factors and socio-technological controls related to cyber-security in higher education institutions.