Evidence Based Cybersecurity

Evidence-Based Cybersecurity

Author : Pierre-Luc Pomerleau

Publisher : CRC Press

Page : 251 pages

File Size : 17,25 MB

Release : 2022-06-23

Category : Computers

ISBN : 1000600874

Get eBook

Book Description

The prevalence of cyber-dependent crimes and illegal activities that can only be performed using a computer, computer networks, or other forms of information communication technology has significantly increased during the last two decades in the USA and worldwide. As a result, cybersecurity scholars and practitioners have developed various tools and policies to reduce individuals' and organizations' risk of experiencing cyber-dependent crimes. However, although cybersecurity research and tools production efforts have increased substantially, very little attention has been devoted to identifying potential comprehensive interventions that consider both human and technical aspects of the local ecology within which these crimes emerge and persist. Moreover, it appears that rigorous scientific assessments of these technologies and policies "in the wild" have been dismissed in the process of encouraging innovation and marketing. Consequently, governmental organizations, public, and private companies allocate a considerable portion of their operations budgets to protecting their computer and internet infrastructures without understanding the effectiveness of various tools and policies in reducing the myriad of risks they face. Unfortunately, this practice may complicate organizational workflows and increase costs for government entities, businesses, and consumers. The success of the evidence-based approach in improving performance in a wide range of professions (for example, medicine, policing, and education) leads us to believe that an evidence-based cybersecurity approach is critical for improving cybersecurity efforts. This book seeks to explain the foundation of the evidence-based cybersecurity approach, review its relevance in the context of existing security tools and policies, and provide concrete examples of how adopting this approach could improve cybersecurity operations and guide policymakers' decision-making process. The evidence-based cybersecurity approach explained aims to support security professionals', policymakers', and individual computer users' decision-making regarding the deployment of security policies and tools by calling for rigorous scientific investigations of the effectiveness of these policies and mechanisms in achieving their goals to protect critical assets. This book illustrates how this approach provides an ideal framework for conceptualizing an interdisciplinary problem like cybersecurity because it stresses moving beyond decision-makers' political, financial, social, and personal experience backgrounds when adopting cybersecurity tools and policies. This approach is also a model in which policy decisions are made based on scientific research findings.



At the Nexus of Cybersecurity and Public Policy

Author : National Research Council

Publisher : National Academies Press

Page : 170 pages

File Size : 29,89 MB

Release : 2014-06-16

Category : Computers

ISBN : 0309303214

Get eBook

Book Description

We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. Modern military forces use weapons that are increasingly coordinated through computer-based networks. Cybersecurity is vital to protecting all of these functions. Cyberspace is vulnerable to a broad spectrum of hackers, criminals, terrorists, and state actors. Working in cyberspace, these malevolent actors can steal money, intellectual property, or classified information; impersonate law-abiding parties for their own purposes; damage important data; or deny the availability of normally accessible services. Cybersecurity issues arise because of three factors taken together - the presence of malevolent actors in cyberspace, societal reliance on IT for many important functions, and the presence of vulnerabilities in IT systems. What steps can policy makers take to protect our government, businesses, and the public from those would take advantage of system vulnerabilities? At the Nexus of Cybersecurity and Public Policy offers a wealth of information on practical measures, technical and nontechnical challenges, and potential policy responses. According to this report, cybersecurity is a never-ending battle; threats will evolve as adversaries adopt new tools and techniques to compromise security. Cybersecurity is therefore an ongoing process that needs to evolve as new threats are identified. At the Nexus of Cybersecurity and Public Policy is a call for action to make cybersecurity a public safety priority. For a number of years, the cybersecurity issue has received increasing public attention; however, most policy focus has been on the short-term costs of improving systems. In its explanation of the fundamentals of cybersecurity and the discussion of potential policy responses, this book will be a resource for policy makers, cybersecurity and IT professionals, and anyone who wants to understand threats to cyberspace.



Countering Cyber Sabotage

Author : Andrew A. Bochman

Publisher : CRC Press

Page : 232 pages

File Size : 28,5 MB

Release : 2021-01-20

Category : Political Science

ISBN : 1000292975

Get eBook

Book Description

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable. Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.



Essential Cybersecurity Science

Author : Josiah Dykstra

Publisher : "O'Reilly Media, Inc."

Page : 190 pages

File Size : 28,36 MB

Release : 2015-12-08

Category : Computers

ISBN : 1491921072

Get eBook

Book Description

If you’re involved in cybersecurity as a software developer, forensic investigator, or network administrator, this practical guide shows you how to apply the scientific method when assessing techniques for protecting your information systems. You’ll learn how to conduct scientific experiments on everyday tools and procedures, whether you’re evaluating corporate security systems, testing your own security product, or looking for bugs in a mobile game. Once author Josiah Dykstra gets you up to speed on the scientific method, he helps you focus on standalone, domain-specific topics, such as cryptography, malware analysis, and system security engineering. The latter chapters include practical case studies that demonstrate how to use available tools to conduct domain-specific scientific experiments. Learn the steps necessary to conduct scientific experiments in cybersecurity Explore fuzzing to test how your software handles various inputs Measure the performance of the Snort intrusion detection system Locate malicious “needles in a haystack” in your network and IT environment Evaluate cryptography design and application in IoT products Conduct an experiment to identify relationships between similar malware binaries Understand system-level security requirements for enterprise networks and web services



Countering Cyber Threats to Financial Institutions

Author : Pierre-Luc Pomerleau

Publisher : Springer Nature

Page : 237 pages

File Size : 21,97 MB

Release : 2020-08-29

Category : Business & Economics

ISBN : 3030540545

Get eBook

Book Description

Exploring the negative social impact of cyber-attacks, this book takes a closer look at the challenges faced by both the public and private sectors of the financial industry. It is widely known amongst senior executives in both sectors that cybercrime poses a real threat, however effective collaboration between individual financial institutions and the public sector into detecting, monitoring and responding to cyber-attacks remains limited. Addressing this problem, the authors present the results from a series of interviews with cybersecurity professionals based in Canada in order to better understand the potential risks and threats that financial institutions are facing in the digital age. Offering policy recommendations for improving cybersecurity protection measures within financial institutions, and enhancing the sharing of information between the public and private sector, this book is a timely and invaluable read for those researching financial services, cybercrime and risk management, as well as finance professionals interested in cybersecurity.



Implications of Artificial Intelligence for Cybersecurity

Author : National Academies of Sciences, Engineering, and Medicine

Publisher : National Academies Press

Page : 99 pages

File Size : 19,71 MB

Release : 2020-01-27

Category : Computers

ISBN : 0309494508

Get eBook

Book Description

In recent years, interest and progress in the area of artificial intelligence (AI) and machine learning (ML) have boomed, with new applications vigorously pursued across many sectors. At the same time, the computing and communications technologies on which we have come to rely present serious security concerns: cyberattacks have escalated in number, frequency, and impact, drawing increased attention to the vulnerabilities of cyber systems and the need to increase their security. In the face of this changing landscape, there is significant concern and interest among policymakers, security practitioners, technologists, researchers, and the public about the potential implications of AI and ML for cybersecurity. The National Academies of Sciences, Engineering, and Medicine convened a workshop on March 12-13, 2019 to discuss and explore these concerns. This publication summarizes the presentations and discussions from the workshop.



Show Me the Evidence

Author : Ron Haskins

Publisher : Brookings Institution Press

Page : 337 pages

File Size : 45,48 MB

Release : 2014-12-01

Category : Political Science

ISBN : 0815725701

Get eBook

Book Description

The first comprehensive history of the Obama administration's evidence-based initiatives. From its earliest days, the Obama administration planned and enacted several initiatives to fund social programs based on rigorous evidence of success. Ron Haskins and Greg Margolis tell the story of six—spanning preschool and K-12 education, teen pregnancy, employment and training, health, and community-based programs. Readers will appreciate the fast-moving descriptions of the politics and policy debates that shaped these federal programs and the analysis of whether they will truly reshape federal social policy and greatly improve its impacts on the nation's social problems. Based on interviews with 134 individuals (including advocates, officials at the Office of Management and Budget and the Domestic Policy Council, Congressional staff, and officials in the federal agencies administering the initiatives) as well as Congressional and administration documents and news accounts, the authors examine each of the six initiatives in separate chapters. The story of each initiative includes a review of the social problem the initiative addresses; the genesis and enactment of the legislation that authorized the initiative; and the development of the procedures used by the administration to set the evidence standard and evaluation requirements—including the requirements for grant applications and awarding of grants.



Evidence-Based Nursing

Author : Sarah Brown

Publisher : Jones & Bartlett Learning

Page : 400 pages

File Size : 22,60 MB

Release : 2009

Category : Medical

ISBN : 0763751081

Get eBook

Book Description

This book is a key resource designed to teach undergraudate nursing students how to engage in evidence-based practice (EBP). This text allows students to posses a basic knowledge regarding reserach methodology and critically appraise published research. Essentials of Evidence-Based Nursing addresses learning objective using an organized, easy to read approach that stands out from other texts. Perfect for undergraduate students and practicing nurses who have not had exposure to evidence-based practice content!



Research Anthology on Advancements in Cybersecurity Education

Author : Management Association, Information Resources

Publisher : IGI Global

Page : 578 pages

File Size : 35,56 MB

Release : 2021-08-27

Category : Computers

ISBN : 1668435551

Get eBook

Book Description

Modern society has become dependent on technology, allowing personal information to be input and used across a variety of personal and professional systems. From banking to medical records to e-commerce, sensitive data has never before been at such a high risk of misuse. As such, organizations now have a greater responsibility than ever to ensure that their stakeholder data is secured, leading to the increased need for cybersecurity specialists and the development of more secure software and systems. To avoid issues such as hacking and create a safer online space, cybersecurity education is vital and not only for those seeking to make a career out of cybersecurity, but also for the general public who must become more aware of the information they are sharing and how they are using it. It is crucial people learn about cybersecurity in a comprehensive and accessible way in order to use the skills to better protect all data. The Research Anthology on Advancements in Cybersecurity Education discusses innovative concepts, theories, and developments for not only teaching cybersecurity, but also for driving awareness of efforts that can be achieved to further secure sensitive data. Providing information on a range of topics from cybersecurity education requirements, cyberspace security talents training systems, and insider threats, it is ideal for educators, IT developers, education professionals, education administrators, researchers, security analysts, systems engineers, software security engineers, security professionals, policymakers, and students.



Research Methods for Cyber Security

Author : Thomas W. Edgar

Publisher : Syngress

Page : 430 pages

File Size : 12,78 MB

Release : 2017-04-19

Category : Computers

ISBN : 0128129301

Get eBook

Book Description

Research Methods for Cyber Security teaches scientific methods for generating impactful knowledge, validating theories, and adding critical rigor to the cyber security field. This book shows how to develop a research plan, beginning by starting research with a question, then offers an introduction to the broad range of useful research methods for cyber security research: observational, mathematical, experimental, and applied. Each research method chapter concludes with recommended outlines and suggested templates for submission to peer reviewed venues. This book concludes with information on cross-cutting issues within cyber security research. Cyber security research contends with numerous unique issues, such as an extremely fast environment evolution, adversarial behavior, and the merging of natural and social science phenomena. Research Methods for Cyber Security addresses these concerns and much more by teaching readers not only the process of science in the context of cyber security research, but providing assistance in execution of research as well. - Presents research methods from a cyber security science perspective - Catalyzes the rigorous research necessary to propel the cyber security field forward - Provides a guided method selection for the type of research being conducted, presented in the context of real-world usage