In our continuing series of Brumley Spotlights, we now explore our Brumley Fellows’ year-long research projects as they come to a close. Caroline Burks, whose concentration in cybersecurity took a strange turn when her original research topic was ruined by the SolarWinds cyber-attack, shared some of her reflections on the process.

Tell us about the “journey” that your project went through. Did you change the focus, topic, or deliverable as you went through your research? How did your project develop?

I started by evaluating the psychology behind attribution and how cultural differences should alter how we attribute and react to an attack. However, Russia’s SolarWinds attack kind of destroyed my thesis statement, so I had to scrap that paper. In the end, I ended up focusing on if and how we should respond to SolarWinds based on traditional theories of armed conflict and deterrence theory (and why Biden’s response isn’t strong enough).

I also wrote on why diversity is important in the cybersecurity field and why there is so little diversity right now. I coached a cyber 9/12 team of minority and first-generation students and it was a great learning experience for both me and my team! I hope to continue coaching Cyber 9/12 teams.

How exactly did the SolarWinds attack destroy your thesis, and what was the tipping point of you accepting that your thesis needed to change?

A lot of my thesis was based upon the idea that none of the major cyber powers wanted to flirt with an armed conflict at least in regards to each other. They may have something to prove, but they don’t want a war. SolarWinds brought up a lot of questions about what is an armed conflict in cyber because, arguably, this was a sovereignty interference. I know of a few articles published in 2015-2018 that truly believed that an intelligence operation that broad would constitute a use of force. But no one is calling it that now. Is it to prevent war? Or is it because now that we see it in action we no longer believe it’s a use of force?

Why do you think there’s not enough diversity in the cybersecurity field? What in your opinion would improve things?

In terms of diversity in cybersecurity, it’s a problem in two ways: (1) diversity of thought is always better when looking at results, and (2) it’s a huge field that is becoming “elite.” Previously, if you had a computer, you could learn to be a cybersecurity entry-level specialist without a college degree. However, you need to (1) have a computer and (2) have basic computer skills. Students from low-income neighborhoods still may not have a computer or access to a computer at a public library and their exposure to computers in school is very low. We really need to start at the ground floor, with education equity, if we want to prepare a diverse cybersecurity workforce and have a chance by deterrence by denial.

What do you hope to do with your project or what you learned after the Brumley program?

I hope to continue researching and writing about cybersecurity topics! I have one paper in the process of being published and another I hope to submit for publication soon.

What was the most important thing you learned doing this project?

How fast you need to crank out research in cybersecurity! Things change so fast that one day’s research can be complete garbage the next day.

Do you have any research/Brumley related advice for the new cohort of Fellows?

Don’t be afraid to evolve. I held onto my very dead thesis for a long time trying to make it work when a much better research opportunity was right in front of me.

What was the most eye-opening thing you learned through this process?

I think the most eye-opening fact I learned was actually during another colloquium about the border wall! Having lived by the border wall, I thought I knew what it was like there, but I had no idea how many people were injured or killed in the process and the legality behind providing aide to border crossers.