{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T16:32:28Z","timestamp":1775061148933,"version":"3.50.1"},"reference-count":27,"publisher":"IGI Global","issue":"4","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,10,1]]},"abstract":"<p>In this paper, we examine the benefits of a more quantifiable way to make decisions that enable senior leaders to better manage disruption of and attacks on the critical infrastructure. Most of the decisions have been made using intuition and in some cases unrelated experiences and have not particularly worked to the benefit of the sectors' performance and stability. Much of this is due to the history of the logic control systems and networks that were fairly isolated and much better protected. Attempts to reduce costs and secure many of the benefits of IP-based environments have unfortunately now also introduced some of the vulnerabilities indicative of IP-based systems into the logic environments. Senior leaders have not been used to these new \u2018hybrid' information technology\/operational technology (IT\/OT) environments which though creating new opportunities also introduce new challenges. The unique nature of the critical infrastructure in which it is over 80%-owned by the private sector, often regulated by the federal government, and serves the interests and demands of the public, creates a non-trivial challenge at many different levels. More trust and cooperation between the three elements of society is surely a desired interest by the key stakeholders, but there are many concerns in terms of over-regulation, costs, and loss of intellectual property that have consistently sustained a level of discomfort between the three communities in terms of the priorities and self-serving interests of each other. The challenges of the low asymmetry entry and attribution within the cyber domain have raised the profile of many actors who would not even have previously registered in the \u2018noise' on a trouble or problem scale. Now, the ability to determine those responsible, as well as, almost any actor having the ability to present a challenge to the environment have changed many of the dynamics in terms of how senior leaders must now operate and manage the appropriate systems and networks. Hence, for obvious reasons, senior leaders are much more cautious in their approach to decision making because of the potential consequences. This is especially true because cyber assets, though so valuable can be also so vulnerable. In this study, we will discuss a method that moves decision from a less arbitrary to a more data-centric, quantifiable approach that drives leadership to better and quicker decisions.<\/p>","DOI":"10.4018\/ijcwt.2017100103","type":"journal-article","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T15:54:49Z","timestamp":1507737289000},"page":"23-34","source":"Crossref","is-referenced-by-count":5,"title":["Quantifying Decision Making in the Critical Infrastructure via the Analytic Hierarchy Process (AHP)"],"prefix":"10.4018","volume":"7","author":[{"given":"John S.","family":"Hurley","sequence":"first","affiliation":[{"name":"College of Information and Cyberspace (CIC), JPME and Cyber-L Department, National Defense University, iCollege, Washington, DC, USA & Information, Communications, Technology and Acquisition Department, National Defense University, Washington, DC, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"2432","reference":[{"key":"IJCWT.2017100103-0","unstructured":"Adapt to the New Realities of Cybersecurity. (2015, November). Retrieved from PWC.com."},{"key":"IJCWT.2017100103-1","unstructured":"Biography.com. (2015, November). Edward Snowden News. Retrieved from http:\/\/www.biography.com\/people\/edward-snowden-21262897"},{"key":"IJCWT.2017100103-2","author":"E.Bonabeau","year":"2003","journal-title":"Don\u2019t Trust Your Gut"},{"key":"IJCWT.2017100103-3","unstructured":"Critical Foundations: Protecting America\u2019s Infrastructures. (1997). Washington, DC: President's Commission on Critical Infrastructure Protection."},{"key":"IJCWT.2017100103-4","author":"T.Davenport","year":"2007","journal-title":"Competing on Analytics: The New Science of Winning"},{"key":"IJCWT.2017100103-5","unstructured":"Davis, S. (2013, June 6). Congressional Leaders: Information Gathering is Routine. USA Today. Retrieved from http:\/\/www.usatoday.com\/story\/news\/politics\/2013\/06\/06\/congress-nsa-phone-records-reaction\/2396299\/"},{"key":"IJCWT.2017100103-6","unstructured":"Department of the Navy Information Assurance (IA) Workforce Management Manual. (2009). Washington, DC: Department of the Navy CIO."},{"key":"IJCWT.2017100103-7","unstructured":"Dept. of Homeland Security, USA. (2015, October). Retrieved from What is Critical Infrastructure?: http:\/\/www.dhs.gov\/what-critical-infrastructure"},{"key":"IJCWT.2017100103-8","author":"W.Eckerson","year":"2016","journal-title":"How to Monetize Data: Strategies for Creating Data-Driven Applications"},{"key":"IJCWT.2017100103-9","author":"K.Evans","year":"2010","journal-title":"A Human Capital Crisis in Cybersecurity: Technical Proficiency Matters"},{"key":"IJCWT.2017100103-10","unstructured":"Gosler, J. (2010, July 19). Cyberwarrior Shortage Threatens U.S. Security. (M.L. Kelly, Interviewer)"},{"key":"IJCWT.2017100103-11","unstructured":"Guide to Industrial Control Systems (ICS) Security. (2011). Washington, DC: National Institute of Standards and Technology."},{"key":"IJCWT.2017100103-12","article-title":"Quantifying Decision Making in the Critical Infrastructure.","author":"J.Hurley","year":"2016","journal-title":"International Conference on Cyber Warfare and Sec."},{"key":"IJCWT.2017100103-13","unstructured":"IBM. (2015). The Awakening of Cyber Threat Analysis: An Intelligent-driven Solution to Security and Risk."},{"key":"IJCWT.2017100103-14","unstructured":"Join DHS Cybersecurity. (2015, November). Retrieved from Homeland Security: http:\/\/www.dhs.gov\/homeland-security-careers\/dhs-cybersecurity"},{"key":"IJCWT.2017100103-15","unstructured":"Microsoft.com. (n. d.). Cyberspace 2025: Today's Decisions, Tomorrow's Terrain. Retrieved November 5, 2015, from http:\/\/www.microsoft.com\/security\/cybersecurity\/cyberspace2025\/#chapter-1"},{"key":"IJCWT.2017100103-16","unstructured":"NICE. (2015, November). Retrieved from NIST: http:\/\/csrc.nist.gov\/nice\/"},{"key":"IJCWT.2017100103-17","author":"J.Oltsik","year":"2015","journal-title":"An Analytics-based Approach to Cybersecurity"},{"key":"IJCWT.2017100103-18","author":"J.Pfeffer","year":"2006","journal-title":"Evidence-based Management"},{"key":"IJCWT.2017100103-19","unstructured":"Presidential Directive NSC 63: Critical Infrastructure Protection. (1998). Washington, DC."},{"key":"IJCWT.2017100103-20","unstructured":"PwC. (2014). Managing Insider Threats."},{"key":"IJCWT.2017100103-21","unstructured":"PwC. (2015, November 11). The Global State of Information Security Survey 2016. Retrieved from http:\/\/www.pwc.com\/gx\/en\/issues\/cyber-security\/information-security-survey\/download.html"},{"key":"IJCWT.2017100103-22","unstructured":"Seals, T. (2015, April 23). RSAC: Recruiting the Next-Generation Cyberworkforce. Infosecurity. Retrieved from http:\/\/www.infosecurity-magazine.com\/news\/rsac-recruiting-the-nextgeneration\/"},{"key":"IJCWT.2017100103-23","author":"W. T.Shaw","year":"2006","journal-title":"Cybersecurity for SCADA Systems"},{"key":"IJCWT.2017100103-24","unstructured":"Tate, J. (2013, August 21). Bradley Mannning Sentenced to 35 Years in WikiLeaks Case. Washington Post. Retrieved from https:\/\/www.washingtonpost.com\/world\/national-security\/judge-to-sentence-bradley-manning-today\/2013\/08\/20\/85bee184-09d0-11e3-b87c-476db8ac34cd_story.html"},{"key":"IJCWT.2017100103-25","unstructured":"Trend Micro Incorporated (2015). Report on Cybersecurity and Critical Infrastructure in the Americas."},{"key":"IJCWT.2017100103-26","unstructured":"US Dept. of Defense. (2015). National Military Strategy."}],"container-title":["International Journal of Cyber Warfare and Terrorism"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=190589","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,7]],"date-time":"2022-05-07T00:08:34Z","timestamp":1651882114000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/IJCWT.2017100103"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2017,10,1]]},"references-count":27,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2017,10]]}},"URL":"https:\/\/doi.org\/10.4018\/ijcwt.2017100103","relation":{},"ISSN":["1947-3435","1947-3443"],"issn-type":[{"value":"1947-3435","type":"print"},{"value":"1947-3443","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,10,1]]}}}