Evidence-based Cybersecurity: Foundations, Research, and Practice
- Length: 230 pages
- Edition: 1
- Language: English
- Publisher: CRC Pr I Llc
- Publication Date: 2022-06-23
- ISBN-10: 1032062762
- ISBN-13: 9781032062761
- Sales Rank: #0 (See Top 100 Books)
The prevalence of cyber-dependent crimes and illegal activities that can only be performed using a computer, computer networks, or other forms of information communication technology has significantly increased during the last two decades in the USA and worldwide. As a result, cybersecurity scholars and practitioners have developed various tools and policies to reduce individuals’ and organizations’ risk of experiencing cyber-dependent crimes. However, although cybersecurity research and tools production efforts have increased substantially, very little attention has been devoted to identifying potential comprehensive interventions that consider both human and technical aspects of the local ecology within which these crimes emerge and persist. Moreover, it appears that rigorous scientific assessments of these technologies and policies in the wild have been dismissed in the process of encouraging innovation and marketing. Consequently, governmental organizations, public, and private companies allocate a considerable portion of their operations budgets to protecting their computer and internet infrastructures without understanding the effectiveness of various tools and policies in reducing the myriad of risks they face. Unfortunately, this practice may complicate organizational workflows and increase costs for government entities, businesses, and consumers.
The success of the evidence-based approach in improving performance in a wide range of professions (for example, medicine, policing, and education) leads us to believe that an evidence-based cybersecurity approach is critical for improving cybersecurity efforts. This book seeks to explain the foundation of the evidence-based cybersecurity approach, review its relevance in the context of existing security tools and policies, and provide concrete examples of how adopting this approach could improve cybersecurity operations and guide policymakers’ decision-making process. The evidence-based cybersecurity approach explained aims to support security professionals’, policymakers’, and individual computer users’ decision-making regarding the deployment of security policies and tools by calling for rigorous scientific investigations of the effectiveness of these policies and mechanisms in achieving their goals to protect critical assets. This book illustrates how this approach provides an ideal framework for conceptualizing an interdisciplinary problem like cybersecurity because it stresses moving beyond decision-makers’ political, financial, social, and personal experience backgrounds when adopting cybersecurity tools and policies. This approach is also a model in which policy decisions are made based on scientific research findings.
Cover Endorsements_I Endorsements_II Half Title Series Page Title Page Copyright Page Dedication Contents Foreword About the authors Acknowledgment 1. The case for an evidence-based approach to cybersecurity The evidence-based approach Evidence-based medicine Evidence-based policing Evidence-based learning The case for evidence-based cybersecurity References 2. Computers, computer networks, the Internet, and cybersecurity Introduction: computers and computer networks The Open System Interconnection (OSI) model and the communication process The importance of cybersecurity The cybersecurity ecosystem Cybersecurity doctrines, practices, and policies Current practices, tools, and policies to secure cyber infrastructures References 3. Human behavior in cyberspace Introduction: cybercrime and cyberspace Four key actors within the cybercrime ecosystem The offenders The enablers The victims The guardians Human behaviors as a central element of cybercrime The human factor in the literature on cybercrime A look inside the organization Conclusion References 4. Criminological, sociological, psychological, ethical, and biological models relevant to cybercrime and cybercriminals Introduction Criminological and sociological models relevant to cybercrime The routine activity approach and the problem analysis triangle Environmental criminology Situational crime prevention Anthropological criminology and ethnographic studies Biosocial criminology Psychology and cyberpsychology in the management of cybercrime Cyberpsychology Philosophical and ethical models Hard determinism and crime Compatibilism and crime References 5. Science and cybersecurity Introduction The importance of quantitative, qualitative, and mixed research Quantitative, qualitative, or mixed methods? Science, theories, and facts Science in cybersecurity Case reports The problems with surveys, benchmarks, and validation testing in cybersecurity Surveys Benchmarks Validation testing Research designs in cybersecurity Fundamental observational and controlled research Case-control Simulations Longitudinal research The difference-in-differences research method Time-series design Field research Conclusion References 6. Network security and intrusion detection systems Introduction Network security and intrusion detection systems in cybersecurity Intrusion detection system categories Endpoint Detection Systems (EDSs) Security Information and Event Management (SIEM) systems Data Loss Prevention (DLP) Challenges in evaluating security tools Surveys and think tanks reports Intrusion-detection assessment metrics The way forward in protecting the network from intrusions Data science: data analytics, machine learning, and artificial intelligence From a rule-based approach to data analytics Machine learning and artificial intelligence The use of honeypots in intrusion detection and network security An evidence-based approach Conclusion Note References 7. The Internet of Things (IoT), data security, and website security Introduction The IoT What risks are associated with the IoT? Online attacks against IoT IoT architecture and protocol stack IoT risk frameworks IoT security tools and defense techniques for data security Network Intrusion Detection Systems (NIDSs) in an IoT environment Metrics to measure effectiveness Examples of IoT security empirical research designs Website security Web defacement An example of evidence-based research design Threat hunting: a proactive approach to mitigating risks to IoT, data security, and website security Conclusion References 8. Data privacy, training, and awareness and cybersecurityframeworks Introduction Data privacy Digital risks Data breaches Cybersecurity governance Information security control frameworks ISO 27001 and 27002 National Institute of Standards and Technology (NIST) Laws, regulations, and industry standards The General Data Protection Regulation (GDPR) Payment Card Industry Data Security Standard (PCI DSS) Health Insurance Portability and Accountability Act (HIPAA) – health-related information New York Department of Financial Services (NYDFS) cybersecurity regulations Cybersecurity training and awareness Games and gamification Assessment tools The Federal Financial Institution Examination Council (FFIEC) cybersecurity assessment tool Research methods to evaluate cybersecurity awareness tools Additional practical tools Targeted audit and penetration testing Surveys and executive workshops Risk assessment Impact and probability levels to assess risks Relevant conceptual and research designs Other examples of related work Conclusion Notes References 9. Risk and threat intelligence: The effectiveness of online threat intelligence in guiding financial institutions’ incident response to online banking account takeovers Introduction Background Bank ATO and financial institutions response Situational crime prevention Denying benefits as a proactive incident response to ATO incidents Threat intelligence and responding to ATO incidents The current study Data and methods Results How prevalent is information on breached bank accounts on text message applications? How much of the information posted on the dark web or online encrypted applications is valid? How much of this intelligence is actionable and could be used to support financial institutions’ incident response? How much money could an effective intelligence-based incident response to ATO save for the victim? Discussion Limitations Conclusion Notes References 10. The future of evidence-based cybersecurity Introduction The advancement of technology and the intertwining of our digital and physical lives Future cybersecurity threats to consider Common specific threats to consider in the future Email security and social engineering Ransomware attacks Single-factor authentication Future sophisticated threats Quantum computing Blockchain threats Machine Learning (ML) and Artificial Intelligence (AI) Deepfakes State-level hackers and nation-state attacks List of suggestions and recommendations Rethink investment in cybersecurity Law enforcement Academics Governments and private organizations Education Multidisciplinary cybersecurity teams Threat hunting tools and techniques Learning from mistakes Homomorphic encryption and privacy The Zero Trust approach Public and private partnerships An evidence-based cybersecurity approach to developing new and innovative detection and mitigation approaches Conclusion References Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.