MIT Interdisciplinary Consortium for Improving Critical Infrastrucutre Cybersecurity
  • (IC)3 is headquartered at the MIT Sloan School of Managment (IC)3 is headquartered at the MIT Sloan School of Managment
  • (IC)3 is addressing the Cybersecurity needs of all Critical Infrastructure Sectors (IC)3 is addressing the Cybersecurity needs of all Critical Infrastructure Sectors
  • From the production and delivery of electricity, oil and natural gas, chemicals, manufacturing, ... From the production and delivery of electricity, oil and natural gas, chemicals, manufacturing, ...
  • to healthcare, financial services, emergency services, telecommuications military defense sector, and transportation to healthcare, financial services, emergency services, telecommuications military defense sector, and transportation

     

*    (IC)3 Mission

The Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity, (IC)3, is headquartered in the MIT Sloan School of Management.

In collaboration with other parts of MIT, (IC)3 is addressing the important need to improve the cybersecurity of critical infrastructure through an interdisciplinary research approach focused on the strategic, managerial, and operational issues related to cybersecurity.

(IC)3 brings together thought leaders from industry and government with MIT faculty, researchers and students, conducting research in multiple relevant areas.

(IC)3 conducts a variety of, meetings, workshops, conferences, and educational activities, and produces research reports which can be used by its members to improve critical infrastructurecybersecurity.

Download an (IC)3 Propsectus Now:

*  2 - page Summary Prospectus

*  Full Prospectus - PDF Version

*  Full Prospectus - PowerPoint Version (Download)

*   Sample Research Projects

*  Develop metrics which organizations can use to Quantify and Qualify their Cyber Security capabilities, and the organizations ability to withstand cyber attacks and carry out their missions.

*  Develop metrics for determining the ROI of Cybersecurity expenditures.

*  Determining the Barriers to, and Incentives for, adoption of Cybersecurity initiatives such as: the Cybersecurity Framework, ISA-62443, NERC-CIP, and emerging international Cybersecurity frameworks.

*  Developing strategies to increase adoption by the C-Suite, in each Critical Infrastructure sector.

*  Models linking Cyber-Risk to: delivering goods and services, & financial & reputational costs.

*  Atomic Models & Network Architectures for interconnected Control Systems’ survivability, and Supply Chain resiliency.

*  Determining the Barriers to, and strategies for creating a Cybersecurity Culture.

*  Applying “accident” and safety research to “cyber security” failures.

*  Analyze complex cybercrime ecosystem.

*  Improve CERTs (Computer Emergency Response Teams).

*  Improving Vulnerability Discovery and Detection

*  Patch distribution and management is complex in general and even more so for critical infrastructure situations.

*  System Dynamics models and simulations applied to complex critical infrastructure cyber systems (eg: smart grid, refinery, emergency services, telecom, financial systems, etc.) to determine the “tipping points” that would render such a system unstable.

*  Simulation of system performance and resilience under different conditions.

*  Holistic Risk Analysis Models to address: Multi-vendor environments, multi-purpose use of equipment/systems, multi-national & multi-cultural considerations, cross-sector validity and usability, multi-level system dependencies and vulnerabilities, people, process and accident/safety considerations.