Principal Investigators Michael Siegel , Stuart Madnick
Co-investigator Keri Pearlson
Project Website https://cams.mit.edu/
Project Start Date March 2015
Cybersecurity at MIT Sloan (CAMS), formerly the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity or (IC)3, is headquartered in the MIT Sloan School of Management. In collaboration with other parts of MIT, CAMS is addressing the important need to improve the cybersecurity of critical infrastructure through an interdisciplinary research approach focused on the strategic, managerial, and operational issues related to cybersecurity.
CAMS is focusing MIT’s uniquely qualified interdisciplinary faculty and researchers on the fundamental principles of cyberspace, cybercrime, & cybersecurity applied to critical infrastructure. Cybersecurity at MIT Sloan is a confidential academic forum in which leaders and managers can benefit from the experiences of CSO/CISOs across multiple sectors.
Current CAMS Research Priorities:
(*) CYBERSECURITY BUSINESS IMPACT -- How secure are we (and how do we measure this)? How do we manage (and minimize) financial and business impact of cyber risk? What does a cybersecurity dashboard need to include? What cybersecurity risk model(s) are most appropriate for senior leaders? (*) CYBER-PHYSICAL SYSTEMS -- What is the best approach to managing cybersecurity of IoT devices, especially those running in plants and complex systems? How do we use a systems approach such as the System-Theoretic Accident Model and Processes (STAMP) to manage the complexity of systems in a structured manner to strategically focus cyber investments. (*) CYBERSECURITY GOVERNANCE -- SEC recommendations have changed governance rules for cybersecurity. What are the impacts? How do organizations mover forward? How do we harmonizing requirements from other types of regulations and rules with needs for cybersecurity? (*) CYBERSECURITY CULTURE -- How do we influence and increase positive cybersecurity employee behaviors. How do we change values attitudes, and beliefs so every employee is aligned and motivated to do the right thing? (*) BOARD AND BUSINESS RESILIENCE -- How do we make our organizations cyber resilient? What is the Board of Director’s role in cybersecurity leadership? How do we assist directors with their oversite responsibilities? What does a Board’s balanced scorecard include?