Skip to main content



Find us on

facebook youtube flickr twitter itunes u logo

Upcoming Events

Sal Stolfo

Salvatore J. Stolfo Columbia University
A Brief History of Symbiote DefenseTuesday, October 31st
Rockefeller 003
5:00 PM

 Fright Night Imge

Wanna See Something REALLY Scary?
ISTS Looks at the Dark Web on Halloween Night
Tuesday, October 31st
Sudikoff  045 Trust Lab (dungeon)
7:30 PM - RSVP
Space is Limited 


Recent Talks

Dan Wallach

STAR-Vote: A Secure, Transparent, Auditable and Reliable Voting System

Professor Dan Wallach
Rice University
Thursday April 27, 2017
Carson L01, 5:00 PM

Ben Miller Dragos

Pandora's Power Grid - What Can State Attacks Do and What Would be the Impact?

Ben Miller
Chief Threat Officer, Dragos, Inc.
Tuesday May 2, 2017
Kemeny 007, 4:30 PM
Brendan Nyhan




Factual Echo Chambers? Fact-checking and Fake News in Election 2016.

Professor Brendan Nyhan
Dartmouth College
Thursday May 4, 2017
Rocky 001, 5:00 PM

Dickie George


Espionage and Intelligence

Professor Dickie George
Johns Hopkins University
Thursday May 11, 2017
Rocky 001, 5:00 PM

Dan Wallach

A Nation Under Attack: Advanced Cyber-Attacks in Ukraine

Ukrainian Cybersecurity Researchers
Thursday April 6, 2017
Oopik Auditorium 5:30 PM

ISTS Information Pamphlet



Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA

Business Education for the Security Professional (BESP)

Project Summary

An important part of ensuring our national security is the security of the nation's critical infrastructures, including the business organizations that compose them and are so important to our way of life. These organizations and infrastructures consist mainly of private or publicly-held firms, and the security of them depends centrally on the approaches that value chains/extended enterprises (groups of companies), individual firms, and decision-makers take with respect to information security and continuity planning.

There is a prevailing view at many levels in corporate America that "information security today is much like quality was twenty years ago: bolted-on, not built-in, viewed as an inhibitor of operations, and residing in a 'special' department" (Dynes 2004). This has to change and, while it is certainly a leadership issue, to a large extent it is up to the information security professionals in any enterprise to help guide corporate leadership to this change.

Information security professionals in many firms find their security initiatives hindered because of their inability to communicate effectively within the business. Simply understanding the technology and the technical risks is often not enough to generate action. Typically, this communication failure stems from an underlying lack of business education, a lack of understanding of how to change the corporate culture around security, and an inability to communicate the business case for information security.

Last Updated: 9/11/12