Evidence-Based Cybersecurity: Foundations, Research, and Practice

✍ Scribed by Pierre-Luc Pomerleau, David Maimon

Publisher: CRC Press
Year: 2022
Tongue: English
Leaves: 251
Series: Security, Audit and Leadership Series
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

The prevalence of cyber-dependent crimes and illegal activities that can only be performed using a computer, computer networks, or other forms of information communication technology has significantly increased during the last two decades in the USA and worldwide. As a result, cybersecurity scholars and practitioners have developed various tools and policies to reduce individuals' and organizations' risk of experiencing cyber-dependent crimes. However, although cybersecurity research and tools production efforts have increased substantially, very little attention has been devoted to identifying potential comprehensive interventions that consider both human and technical aspects of the local ecology within which these crimes emerge and persist. Moreover, it appears that rigorous scientific assessments of these technologies and policies "in the wild" have been dismissed in the process of encouraging innovation and marketing. Consequently, governmental organizations, public, and private companies allocate a considerable portion of their operations budgets to protecting their computer and internet infrastructures without understanding the effectiveness of various tools and policies in reducing the myriad of risks they face. Unfortunately, this practice may complicate organizational workflows and increase costs for government entities, businesses, and consumers.

The success of the evidence-based approach in improving performance in a wide range of professions (for example, medicine, policing, and education) leads us to believe that an evidence-based cybersecurity approach is critical for improving cybersecurity efforts. This book seeks to explain the foundation of the evidence-based cybersecurity approach, review its relevance in the context of existing security tools and policies, and provide concrete examples of how adopting this approach could improve cybersecurity operations and guide policymakers' decision-making process. The evidence-based cybersecurity approach explained aims to support security professionals', policymakers', and individual computer users' decision-making regarding the deployment of security policies and tools by calling for rigorous scientific investigations of the effectiveness of these policies and mechanisms in achieving their goals to protect critical assets. This book illustrates how this approach provides an ideal framework for conceptualizing an interdisciplinary problem like cybersecurity because it stresses moving beyond decision-makers' political, financial, social, and personal experience backgrounds when adopting cybersecurity tools and policies. This approach is also a model in which policy decisions are made based on scientific research findings.

✦ Table of Contents

Cover
Endorsements_I
Endorsements_II
Half Title
Series Page
Title Page
Copyright Page
Dedication
Contents
Foreword
About the authors
Acknowledgment
1. The case for an evidence-based approach to cybersecurity
The evidence-based approach
Evidence-based medicine
Evidence-based policing
Evidence-based learning
The case for evidence-based cybersecurity
References
2. Computers, computer networks, the Internet, and cybersecurity
Introduction: computers and computer networks
The Open System Interconnection (OSI) model and the communication process
The importance of cybersecurity
The cybersecurity ecosystem
Cybersecurity doctrines, practices, and policies
Current practices, tools, and policies to secure cyber infrastructures
References
3. Human behavior in cyberspace
Introduction: cybercrime and cyberspace
Four key actors within the cybercrime ecosystem
The offenders
The enablers
The victims
The guardians
Human behaviors as a central element of cybercrime
The human factor in the literature on cybercrime
A look inside the organization
Conclusion
References
4. Criminological, sociological, psychological, ethical, and biological models relevant to cybercrime and cybercriminals
Introduction
Criminological and sociological models relevant to cybercrime
The routine activity approach and the problem analysis triangle
Environmental criminology
Situational crime prevention
Anthropological criminology and ethnographic studies
Biosocial criminology
Psychology and cyberpsychology in the management of cybercrime
Cyberpsychology
Philosophical and ethical models
Hard determinism and crime
Compatibilism and crime
References
5. Science and cybersecurity
Introduction
The importance of quantitative, qualitative, and mixed research
Quantitative, qualitative, or mixed methods?
Science, theories, and facts
Science in cybersecurity
Case reports
The problems with surveys, benchmarks, and validation testing in cybersecurity
Surveys
Benchmarks
Validation testing
Research designs in cybersecurity
Fundamental observational and controlled research
Case-control
Simulations
Longitudinal research
The difference-in-differences research method
Time-series design
Field research
Conclusion
References
6. Network security and intrusion detection systems
Introduction
Network security and intrusion detection systems in cybersecurity
Intrusion detection system categories
Endpoint Detection Systems (EDSs)
Security Information and Event Management (SIEM) systems
Data Loss Prevention (DLP)
Challenges in evaluating security tools
Surveys and think tanks reports
Intrusion-detection assessment metrics
The way forward in protecting the network from intrusions
Data science: data analytics, machine learning, and artificial intelligence
From a rule-based approach to data analytics
Machine learning and artificial intelligence
The use of honeypots in intrusion detection and network security
An evidence-based approach
Conclusion
Note
References
7. The Internet of Things (IoT), data security, and website security
Introduction
The IoT
What risks are associated with the IoT?
Online attacks against IoT
IoT architecture and protocol stack
IoT risk frameworks
IoT security tools and defense techniques for data security
Network Intrusion Detection Systems (NIDSs) in an IoT environment
Metrics to measure effectiveness
Examples of IoT security empirical research designs
Website security
Web defacement
An example of evidence-based research design
Threat hunting: a proactive approach to mitigating risks to IoT, data security, and website security
Conclusion
References
8. Data privacy, training, and awareness and cybersecurityframeworks
Introduction
Data privacy
Digital risks
Data breaches
Cybersecurity governance
Information security control frameworks
ISO 27001 and 27002
National Institute of Standards and Technology (NIST)
Laws, regulations, and industry standards
The General Data Protection Regulation (GDPR)
Payment Card Industry Data Security Standard (PCI DSS)
Health Insurance Portability and Accountability Act (HIPAA) – health-related information
New York Department of Financial Services (NYDFS) cybersecurity regulations
Cybersecurity training and awareness
Games and gamification
Assessment tools
The Federal Financial Institution Examination Council (FFIEC) cybersecurity assessment tool
Research methods to evaluate cybersecurity awareness tools
Additional practical tools
Targeted audit and penetration testing
Surveys and executive workshops
Risk assessment
Impact and probability levels to assess risks
Relevant conceptual and research designs
Other examples of related work
Conclusion
Notes
References
9. Risk and threat intelligence: The effectiveness of online threat intelligence in guiding financial institutions’ incident response to online banking account takeovers
Introduction
Background
Bank ATO and financial institutions response
Situational crime prevention
Denying benefits as a proactive incident response to ATO incidents
Threat intelligence and responding to ATO incidents
The current study
Data and methods
Results
How prevalent is information on breached bank accounts on text message applications?
How much of the information posted on the dark web or online encrypted applications is valid?
How much of this intelligence is actionable and could be used to support financial institutions’ incident response?
How much money could an effective intelligence-based incident response to ATO save for the victim?
Discussion
Limitations
Conclusion
Notes
References
10. The future of evidence-based cybersecurity
Introduction
The advancement of technology and the intertwining of our digital and physical lives
Future cybersecurity threats to consider
Common specific threats to consider in the future
Email security and social engineering
Ransomware attacks
Single-factor authentication
Future sophisticated threats
Quantum computing
Blockchain threats
Machine Learning (ML) and Artificial Intelligence (AI)
Deepfakes
State-level hackers and nation-state attacks
List of suggestions and recommendations
Rethink investment in cybersecurity
Law enforcement
Academics
Governments and private organizations
Education
Multidisciplinary cybersecurity teams
Threat hunting tools and techniques
Learning from mistakes
Homomorphic encryption and privacy
The Zero Trust approach
Public and private partnerships
An evidence-based cybersecurity approach to developing new and innovative detection and mitigation approaches
Conclusion
References
Index

📜 SIMILAR VOLUMES

Psychodynamic Psychotherapy Research: Ev

📁 Psychodynamic Psychotherapy Research: Evidence-Based Practice and Practice-Based Evidence

✍ Jeremy D. Safran, Alexandra G. Shaker (auth.), Raymond A. Levy, J. Stuart Ablon, 📂 Library 📅 2012 🏛 Humana Press 🌐 English

Psychodynamic Psychotherapy Research: Evidence-Based Practice and Practice-Based Evidence continues the important work of the first book published in 2009 by Humana Press (Handbook of Evidence-Based Psychodynamic Psychotherapy: Bridging the Gap Between Science and Practice). This la

Foundations of Clinical Research. Applic

📁 Foundations of Clinical Research. Applications to Evidence-Based Practice

✍ Leslie G. Portney 📂 Library 📅 2020 🏛 F.A. Davis Company 🌐 English

Foundations of Clinical Research: Applic

📁 Foundations of Clinical Research: Applications to Evidence-Based Practice

✍ Leslie G. Portney DPT PhD FAPTA 📂 Library 📅 2020 🏛 F.A. Davis Company 🌐 English

Conceptual descriptions of analytic procedures used in EBP as well as tables that demonstrate simple calculations Algorithm for choosing a statistical procedure based on a study’s design Diagrams that help students understand experimental and observational design variations Guidelines for c

Research Methods and Evidence-Based Prac

📁 Research Methods and Evidence-Based Practice

✍ Pranee Liamputtong 📂 Library 📅 2021 🏛 Oxford University Press 🌐 English

Learn the foundations to becoming an evidence-based health practitioner.Research Methods and Evidence-based Practice introduces students to various research techniques they can use throughout their degree and into a range of health settings. It teaches qualitative and quantitative research methods o

Art Therapy, Research and Evidence-based

📁 Art Therapy, Research and Evidence-based Practice

✍ Dr Andrea Gilroy 📂 Library 📅 2006 🏛 Sage Publications Ltd 🌐 English

`This book brings makes a major contribution to the field of art therapy by reviewing, in an accessible and informed manner, the issues around the development of research-informed practice. The author offers an overview of different traditions of inquiry that will be of value to practitioners as wel

Foundations of evidence-based social wor

📁 Foundations of evidence-based social work practice

✍ Kenneth Yeager 📂 Library 📅 2006 🏛 Oxford University Press 🌐 English

This concise introduction to evidence-based social work practice culls the most salient chapters from the interdisciplinary Evidence-Based Practice Manual to form a student-friendly overview of the issues and interventions they will encounter throughout their BSW or MSW program. Part I defines term