COGNITIVE ACTIVE CYBER DEFENSE: FINDING VALUE THROUGH HACKING HUMAN NATURE

In the cyber security battle with their adversaries it could said that the defenders are losing. Despite record investments in cyber security, the number, scale and impact of breaches continue to increase with adversaries exploiting both the technical and human elements of the defensive system. This is leading to calls for defenders to conduct active defensive measures. But not only are these measures controversial, they are likely to be focussed on the adversary as a techncal entity, not the root cause: a decsion making human. This dissertation explores the value of a legal Active Cyber Defence (ACD) strategy that exploits the human decsion making processes of cyber adversaries, synthesising technology with psychological principles and not 'hacking back' in its traditional sense. Semi-structured interviews with cyber defenders were used to understand and baseline how defenders consider the adversary as a human and then explored the value and considerations of exploiting this knowledge within the study ACD strategy. Interview findings, analysed and triangulated through framework and statistical methodologies, showed that there may be significant value in exploiting the decsion making processes of the human cyber adversary. The findings show that such a strategy not only adds value to what the defender is currently doing but expands the scope of where that value can be realised. Challenges and considerations to employing such a novel strategy were also explored, these included understanding risk perceptions and delivering Return on Investment (ROI) within the current passive cultures. Even though there are challenges, the concept appears to have value at both enterprise and potentially national level. This dissertation recommends that the concept is further developed because it adds unique value to defender capabilities.