Protective security

Over the last few years, there has been a steady increase in smart home technology's pervasiveness, to the degree where consumer IoT is part of many homes. As our homes become complex cyber-physical spaces, the risk to our physical security from attacks originating in cyberspace becomes much more significant. Within the literature, there is much discussion about the technical vulnerabilities within the smart home. However, this is often not linked to a rich understanding of how an attacker could exploit them. In this paper, we focus on residential burglary and develop a rich understanding of the process by which residential burglary is committed and the effect of the smart home on this process. By combining two areas of the academic literature, residential burglary and smart-home security, this paper provides an academically grounded discussion that places the nascent vulnerabilities associated with the smart-home into the context of the process by which burglary is committed. The commission of residential burglary is a complex decision-making process, which the public often simplifies into planned or unplanned crimes; this is a dangerous oversimplification. The analysis identifies some increased risk during the target selection stage phase. However, in the short term, residential burglars are unlikely to exploit smart home technology routinely.

Hodges, Duncan. (2021). Cyber-Enabled Burglary of Smart Homes. Computers & Security. 110. 102418

The willingness of friends or family to share concerns about an ‘intimate’ preparing to perpetrate public, mass violence, such as violent extremism or targeted violence, is considered a possible part of preventative strategies. To understand what is needed to help intimate bystanders share information on potential acts of violent extremism or targeted violence, we conducted 25 semi-structured qualitative interviews with experts in intimate bystander reporting, including law enforcement, social service and mental health providers, faith-based leaders, staff in school threat assessment programs, and community practitioners in California and Illinois. Results showed reporting was impeded by multiple factors, including lack of knowledge about violent extremism and reporting processes, fear of being incorrect, difficulty distinguishing between violent extremism and mental illness, low trust in law enforcement, and lack of standardized reporting processes. Practitioners said reporting could be improved by several interventions, including increasing awareness about reporting processes, improving reporting methods and policies, training community members who can take reports, and increasing trust between community members and law enforcement. Improving bystander reporting for targeted violence and violent extremism in the U.S. requires collaboratively strengthening law enforcement and community capacities based on sound theory, best practices, and monitoring and evaluation.

(From the journal abstract)

David P. Eisenman, Stevan Weine, Nilpa D. Shah, Nicole V. Jones, Chloe Polutnik Smith, Paul Thomas & Michele Grossman (2022): Bystander reporting to prevent violent extremism and targeted violence: learning from practitioners, Behavioral Sciences of Terrorism and Political Aggression, DOI: 10.1080/19434472.2022.2130960

The way in which IT systems are usually secured is through the use of username and password pairs. However, these credentials are all too easily lost, stolen or compromised. The use of behavioural biometrics can be used to supplement these credentials to provide a greater level of assurance in the identity of an authenticated user. However, user behaviours can also be used to ascertain other identifiable information about an individual. In this paper we build upon the notion of keystroke dynamics (the analysis of typing behaviours) to infer an anonymous user’s name and predict their native language. This work found that there is a discernible difference in the ranking of bigrams (based on their timing) contained within the name of a user and those that are not. As a result we propose that individuals will reliably type information they are familiar with in a discernibly different way. In our study we found that it should be possible to identify approximately a third of the bigrams forming an anonymous users name purely from how (not what) they type.

This paper explores the role of internal communication in one under-researched form of organizational crisis, insider threat – threat to an organization, its people or resources, from those who have legitimate access. In this case study, we examine a high security organization, drawing from in-depth interviews with management and employees concerning the organizational context and a real-life incident of insider threat. We identify the importance of three communication flows (top-down, bottom-up, and lateral) in explaining, and in this case, enabling, insider threat. Derived from this analysis, we draw implications for communication and security scholars, as well as practitioners, concerning: the impact of unintentional communication, the consequences of selective silence and the divergence in levels of shared understanding of security among different groups within an organization.

(From the journal abstract)

  Rice, C., & Searle, R. H. (2022). ‘The Enabling Role of Internal Organizational Communication in Insider Threat Activity – Evidence From a High Security Organization.’ Management Communication Quarterly. 

This systematic review synthesizes evidence of how people use the internet to deploy covert strategies around escaping from, or perpetrating, intimate partner violence (IPV). Online tools and services can facilitate individuals leaving abusive relationships, yet they can also act as a barrier to departure. They may also enable abusive behaviors. A comprehensive literature search of published and unpublished studies in electronic databases was conducted. Two researchers independently screened abstracts and full texts for study eligibility and evaluated the quality of included studies. The systematic review includes 22 studies (9 qualitative and 11 cross-sectional studies, a randomized control trial [RCT] and a nonrandomized study [NRS]) published between 2004 and 2017. Four covert behaviors linked to covert online strategies around IPV were identified: presence online, granular control, use of digital support tools and services, and stalking and surveillance. The same technology that provides individuals with easy access to information and supportive services related to IPV, such as digital devices, tools, and services, also enables perpetrators to monitor or harass their partners. This review takes a rigorous interdisciplinary approach to synthesizing knowledge on the covert strategies adopted by people in relation to IPV. It has particular relevance to practitioners who support survivors in increasing awareness of the role of digital technologies in IPV, to law enforcement agencies in identifying new forms of evidence of abuse, and in enabling designers of online/social media applications to take the needs and vulnerabilities of IPV survivors into account.

(From the journal abstract)

Grimani, A., Gavine, A., & Moncur, W. (2020b). An Evidence Synthesis of Covert Online Strategies Regarding Intimate Partner Violence. Trauma, Violence, & Abuse, 152483802095798.

Extreme teams (ETs) work in challenging, high pressured contexts, where poor performance can have severe consequences. These teams must coordinate their skill sets, align their goals, and develop shared awareness, all under stressful conditions. How best to research these teams poses unique challenges as researchers seek to provide applied recommendations while conducting rigorous research to test how teamwork models work in practice. In this article, we identify immersive simulations as one solution to this, outlining their advantages over existing methodologies and suggesting how researchers can best make use of recent advances in technology and analytical techniques when designing simulation studies. We conclude that immersive simulations are key to ensuring ecological validity and empirically reliable research with ETs.

(From the journal abstract)

Brown, O., Power, N., & Conchie, S. M. (2020). Immersive simulations with extreme teams. Organizational Psychology Review, 10(3–4), 115–135.

Covert Human Intelligence Sources (CHIS) provide unique access to criminals and organised crime groups, and their collection of intelligence is vital to understanding England and Wales’ threat picture. Rapport is essential to the establishment and maintenance of effective professional relationships between source handlers and their CHIS. Thus, rapport-based interviewing is a fundamental factor to maximising intelligence yield. The present research gained unprecedented access to 105 real-life audio recorded telephone interactions between England and Wales police source handlers and CHIS. This research quantified both the rapport component behaviours (e.g., attention, positivity, and coordination) displayed by the source handler and the intelligence yielded from the CHIS, in order to investigate the frequencies of these rapport components and their relationship to intelligence yield. Overall rapport, attention and coordination significantly correlated with intelligence yield, while positivity did not. Attention was the most frequently used component of rapport, followed by positivity, and then coordination.

(From the journal abstract)

Nunan, J., Stanier, I., Milne, R., Shawyer, A., Walsh, D., & May, B. (2020). The impact of rapport on intelligence yield: Police source handler telephone interactions with covert human intelligence sources. Psychiatry, Psychology and Law, 1–19.

The collection of accurate, detailed, and timely intelligence buttresses critical law enforcement decision-making. However, the quality and quantity of the intelligence gathered relies heavily upon the interviewing techniques used to retrieve it. The perceptions of intelligence practitioners are key to developing an understanding of practices concerning intelligence collection. Yet, to date, no research has been undertaken that explores the United Kingdom’s Source Handlers’ perceptions of the interviewing processes employed with informants. The present study interviewed 24 Source Handlers from Counter Terrorism Dedicated Source Units in the United Kingdom. Five themes emerged from the interviews, (i) a comparison between interviewing and debriefing; (ii) the PEACE model in intelligence interviews; (iii) the importance of effective communication; (iv) Source Handlers’ use of cognitive retrieval techniques; and, (v) Source Handler interview training. The perceived commonalities between interviewing and debriefing provided support for the transferability of investigative interviewing research and practices into the collection of Human Intelligence (HUMINT), reiterating themes (ii), (iii), and (iv). Finally, participants highlighted a need for additional training concerning intelligence gathering techniques, as police officers who are responsible for gathering HUMINT could benefit from further professional development based on investigative interviewing research and professional practices.

(From the journal abstract)

Nunan, J., Stanier, I., Milne, R., Shawyer, A., & Walsh, D. (2020b). Source Handler perceptions of the interviewing processes employed with informants. Journal of Policing, Intelligence and Counter Terrorism, 15(3), 244–262.