Eliot Rich, Ph.D.

My recent work focuses on behavioral aspects of computer and infrastructure security. Through the tools of System Dynamics my colleagues and I are looking at how feedback and knowledge transfer create unusual and interesting problems in the implementation of security regimes.

Peer-Reviewed Journals

Rich, E. and Nelson, M. (forthcoming), "Understanding the Context of Large-scale IT Project Failures", International Journal of Information Technology and the Systems Approach

Tedeschi, L, Nicholson, C. and Rich, E, (forthcoming) “Using System Dynamics modelling to develop management tools for animal production with emphasis on small ruminants”, Small Ruminant Research

Rich, E., Gonzalez, J. J., Qian, Y., Sveen, F. O., Radianti, J. and Hillen, S. (2009) "Emergent Vulnerabilities in Integrated Operations: A Proactive Simulation Study of Economic Risk", International Journal of Critical Infrastructure Protection 2(3) 110-123. Abstract.

Schryen, G. and Rich, E. (2009), “Security in Large-Scale Internet Voting Systems:  An Exploratory Multiple Case Study of Internet Voting in Estonia, the Netherlands and Switzerland”, IEEE Transactions on Information, Forensics and Security 4(4), 729-744. Abstract.

Rich, E. (2008) , "E-ZPass and the Ohio Turnpike:  Adoption and Integration of Electronic Toll Collection", Journal of Cases in Information Technology, 10(1), 32-44. Abstract.

Rich, E., (2008) "Management Fads and Information Delays: An Exploratory Simulation Study", Journal of Business Research, 61(11), 1143-1151. Abstract.

Martinez-Moyano, I., Rich, E., Conrad, S., Andersen, D., Stewart, T. (2008) “A Behavioral Theory of Insider-Threat Risks:  A System Dynamics Approach”, ACM Transactions on Modeling and Computer Simulation 18(2). Abstract.

Sveen, F. O., Sarriegi, J. M., Rich, E., Gonzalez, J. J., (2007) "Toward Viable Information Security Reporting Systems", Information Management & Computer Security 15(5), 408-419. Abstract.

Johnsen, S. O, Hansen, C. W., Line, M. B., Nordby, Y., Rich, E., and Qian Y. (2007) "CHECKIT-A Program to Measure and Improve Information Security and Safety Culture", International Journal of Performability Engineering, 3(1), 175-186. Abstract.

Sveen, F. O., Rich, E., Jager, M., (2007) “Overcoming Organizational Challenges to Secure Knowledge Management”, Information Systems Frontiers 9(5), 481-492. Abstract.

Rich, E. and Gonzalez, J. J. (XXXX) "When New Information Technology Endangers Safety: Integrated Operations, Knowledge Management, and Emergent Vulnerability” under review

Schryen, G. and Rich, E.., (XXXX) "Armed for the spam battle: a joint technological and organizational infrastructure framework," under review

Sveen, F. O., Rich, E., Sarriegi, J., and Gonzalez, J. J. “Simulation-supported knowledge elicitation for multi-national crisis management preparation” under first review

Miesing, P., Krzykowski, L. and Rich, E. “Going Green Globally with Strategic Sustainable Systems” under review.

Rich, E. and W. A. Conklin, (XXXX), "Systems Thinking and Information Security", under development

Peer-Reviewed Book Chapters

Andersen, D., Rich, E., and MacDonald, R., (2009) "System Dynamics Applications to Public Policy ," Encyclopedia of Complexity and Systems Science , Springer, .

Martinez-Moyano, I., Rich, E., Conrad, S., (2006) “Exploring the Detection Process: Integrating Judgment and Outcome Decomposition”, Lecture Notes in Computer Science, Volume 3975, Pages 701 - 703, January .

Rich, E. and Duchessi, P., "Keeping the Flame Alive: Sustaining a Successful Knowledge Management Program," in Case Studies in Knowledge Management, M. Jennix, Ed. Hershey, PA, USA: Idea Group, 2005. Reprinted in Knowledge Management: Concepts, Methodologies, Tools and Applications, edited by Dr. Murray E. Jennex, IGI Global, 2007.

Miesing, P. and Rich, E., (1997), "Using Technology to Experience Ethics in the Business Class", Current Topics in Management, Volume 2, JAI Press.

Peer-Reviewed Conferences

Sveen, F. O., Rich, E., Sarriegi, J. M., Hernantes, J. and Gonzalez, J. J. (2010) “A Group Model Building approach for identifying simulation scenarios in critical infrastructure” Hawaii International Conference on System Sciences (HICSS-43), Big Island, Hawaii.

Schryen, G. and Rich, E. (2010) “Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question” Hawaii International Conference on System Sciences (HICSS-43), Big Island, Hawaii.

Radianti, J., Gonzalez, J. J., and Rich, E. (2009) “A Quest for a Framework to Improve Software Security: Vulnerability Black Markets Scenario” 27th International Conference of the System Dynamics Society, Albuquerque, NM. 35 pages.

Radianti, J., Rich, E. and Gonzalez, J. J., (2009) "Vulnerability Black Markets: Empirical Evidence and Scenario Simulation", Hawaii International Conference on System Sciences (HICSS-42), Big Island, Hawaii.

Larsen, K, Lee, J., and Rich, E., (2008) "The Development of a Shared Dataset for Predictive Analysis in the Behavioral Sciences", NSF-Sponsored Symposium on Semantic Knowledge Discovery, Organization and Use, New York University, NY.

Whitmore, A., Rich, E. and Nelson, M. (2008) "Building on Shifting Sands: The Structure of Repetitive IT Project Escalation, Crisis, and De-escalation", 26th International Conference of the System Dynamics Society, Athens.

Larsen, K., Nevo, D., and Rich, E. (2008) “Exploring the Semantic Validity of Questionnaire Scales”, Hawaii International Conference on System Sciences (HICSS-41), Big Island, Hawaii.

Radianti,. J, Rich, E. and Gonzalez, J. J.. (2007) "Using a Mixed Data Collection Strategy to Uncover Vulnerability Black Markets", 2nd Workshop on Information Security and Privacy (WISP 2007), Montreal, Canada.

Rich, E., Nelson, M., and Whitmore, A. (2007) "IT Project Management, Concept Modeling, and Blind Dates", 25th International Conference of the System Dynamics Society, Boston, MA, July 2007. Poster

Rich, E., Sveen, F. O., et al., (2007) "Emergent Vulnerability in Integrated Operations: A Proactive Simulation Study of Risk and Organizational Learning", 40th Hawaii International Conference on System Sciences (Ed, Sprague Jr., R. H.), IEEE Press, Big Island, Hawaii, 2007

Martinez-Moyano, I. J., Rich, E., Conrad, S. H. , Andersen, D. F. (2006) "Modeling the Emergence of Insider Threat Vulnerabilities", Informs Winter Simulation Conference, Monterey, CA.

Rich, E., Sveen, F. O., & Jager, M. (2006) Overcoming Organizational Challenges to Secure Knowledge Management" Second Secure Knowledge Management Workshop, Brooklyn, NY.

Martinez-Moyano, I. J., E. Rich, et al. (2006) "Integrating Judgment and Outcome Decomposition: Exploring Outcome-based Learning Dynamics", 24th International Conference of the System Dynamics Society, Nijmegen, The Netherlands

Rich, E. (2006) “Modeling Risk Dynamics in E-Operations Transitions”, ISCRAM-06, Newark, NJ

Martinez-Moyano, Rich, E., Conrad, S. Exploring the Detection Process: “Integrating Judgment and Outcome Decomposition”, Poster Session, Intelligence and Security Informatics Conference, 2006

Rich, E. and Gonzalez, J. J. (2006) "Maintaining Security and Safety in High-threat E-operations Transitions", In 39th Hawaii International Conference on System Sciences (Ed, Sprague Jr., R. H.), IEEE Press, Kauai, Hawaii.

Rich, E., Martinez-Moyano, I. J., Conrad, S., Cappelli, D. M., Moore, A. P., Shimeall, T. J., Andersen, D. F., Gonzalez, J. J., Ellison, R. J., Lipson, H. F., Mundie, D., Sarriegui, J. M., Sawicka, A., Stewart, T. R., Torres, J. M., Weaver, E. A. and Wiik, J. (2005) "Simulating Insider Cyber-Threat Risks: A Model-Based Case and a Case-Based Model", 23rd International Conference of the System Dynamics Society (Eds, Sterman, J., Repenning, N., Langer, R. S., Rowe, J. I. and Yanni, J. M.) Boston, MA.

Andersen, D. F. , Cappelli, D. , Gonzalez, .J. J., , Mojtahedzadeh, M., Moore, A. Rich, E., Sarriegui, J. M., , Shimeall, T. J. , Stanton, J., Weaver, E. A., and Zagonel, A. A. (2004) "Preliminary System Dynamics Maps of the Insider Cyber-threat Problem", 22nd International Conference of the System Dynamics Society, Oxford, UK.

Rich, E. and Duchessi, P. (2004) "Modeling the sustainability of knowledge management programs", 37th Hawai’i International Conference on System Sciences, Big Island, Hawaii. Nominated for Best Paper award, Organizational Systems and Technology Track.

Rich, E. and Duchessi, P. (2001), "Models for understanding the dynamics of organizational knowledge in consulting firms", 34th Annual Hawaii International Conference on System Sciences, Maui, Hawaii.

Rich, E. (1998) "Limits to groupware-facilitated organizational learning in a consulting firm," Proceedings of the Sixteenth International Conference of the System Dynamics Society, July 20-23, Quebec City, Canada

Invited Journal Papers

Gonzalez, J. J., Qian, Y., Sveen, F. O. and Rich, E.(2005) "Helping Prevent Information Security Risks in the Transition to Integrated Operations", Telektronikk, 101, pp. 29-37

Invited Conference Presentations

Rich, E. and Conklin, Wm A., (2009) "Using Systems Models to Improve Information Security Management:", 2009 System Dynamics Winter Conference, College Station, TX.

Rich, E., Conrad, S. and Martinez-Moyano, I. (2005) "Insider Threats: Raising the profile and managing the risks", DHS Research and Development Partnerships in Homeland Security Conference, Boston MA

Rich, E. (2004) "An emerging perspective on the dynamics of insider cyber-threats", 4th Annual Mathematics and Security of Information Technologies Conference (МаБИТ-04), Moscow State University (МГУ), Moscow..

Rich, E., (2003) "Using Simulation to Explore the Dynamics of Organizational Knowledge", Proceedings of the 21st International Conference of the System Dynamics Society, New York, NY

Rich, E., (1998) "A simulation model of the effects of technology on organizational knowledge", Proceedings of the 1998 Americas Conference, Association for Information Systems, Baltimore, MD

Rich, E., (1998) "Limits to groupware-facilitated organizational learning in a consulting firm", Proceedings of the 16th International Conference of the System Dynamics Society, Quebec City, Quebec, CA

Project Reports and Other Publications

Rich, E., Andersen, D. F. and Richardson, G. P. (2006, May) OLF-IRMA-AMBASEC Group Modeling Report I, University at Albany, Albany, NY.

Rich, E., Andersen, D. F. and Richardson, G. P. (2006, September) OLF-IRMA-AMBASEC Group Modeling Report II, University at Albany, Albany, NY..

Martinez-Moyano, I. J. , Rich, E., Conrad, S., Andersen,, D. F., and Stewart, T. R.,(2005) "A Behavioral Theory of Insider-Threat Risks: A System Dynamics Approach ", Center for Policy Research, University at Albany

Dissertation

Rich, E. (2002) "Modeling the Dynamics of Organizational Knowledge", Ph.D. Dissertation, University at Albany.  Abstract as PDF here.  Awarded Distinguished Dissertation Award.