How Cybersecurity Standards Can Better Support the Development of Secure and Resilient Systems
Dr. Jason Jaskolka
Dr. Jason Jaskolka’s research examines how cybersecurity standards can better support the development of secure and resilient systems. His work focuses on three central challenges: how standards are selected, how they are applied in practice, and how organizations demonstrate compliance. Across projects involving IoT systems, safety-critical applications, and low-Earth orbit satellite systems, his research explores how standards can move from high-level guidance into practical, traceable security decisions.
A key finding of Dr. Jaskolka’s work is that applying cybersecurity standards is far more complex than simply following a checklist. Security controls often overlap, depend on one another, and must be balanced against evolving threats, organizational constraints, and limited resources. His research highlights the importance of supporting the people who interpret and apply standards, including engineers, system architects, organizations, policymakers, and standards bodies, so that security decisions are more consistent, meaningful, and aligned with real-world needs.
To address these challenges, Dr. Jaskolka’s work develops systematic, model-based, and tool-supported approaches for selecting security controls, guiding collaborative decision-making, and demonstrating compliance. These methods help organizations trace requirements from standards into system designs, explain how and why they comply, and move beyond manual, fragmented compliance processes. Ultimately, his research aims to make cybersecurity standards more actionable, interpretable, and useful in building systems that are not only compliant, but genuinely more secure and resilient.