ebook img

Evidence-Based Cybersecurity: Foundations, Research, and Practice PDF

251 Pages·2022·5.85 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Evidence-Based Cybersecurity: Foundations, Research, and Practice

‘Don’t expect to be motivated every day to get out there and make things happen. You won’t be. Don’t count on motivation. Count on Discipline.’ Jocko Willink, retired U.S. Navy SEAL officer ‘This is a tremendous resource for every security professional and orga- nization whose goal is to improve their cybersecurity posture. The evi- dence-based cybersecurity approach ties the criticality of understanding human behavior with the technical aspects of cyber-crime. A true data centric treasure trove of valuable knowledge.’ – Kausar Kenning, Executive Director, Cyber Security, Morgan Stanley ‘Despite its technical nature, the evidence base supporting cybersecurity as a field of practice remains flimsy, at best. Some have even compared cybersecurity to “medieval witchcraft’”. This timely and essential book provides a much needed and comprehensive overview of the available evidence and of the knowledge gaps that persist, also charting the path ahead for a more scientific approach to the design, implementation, and evaluation of cybersecurity measures.’ – Dr. Benoît Dupont, Professor of Criminology, University of Montreal, Canada, and Canada Research Chair in Cybersecurity ‘Dr. Pomerleau does a masterful job of deep diving into the realm of con- temporary Cybersecurity. Beyond recounting the historical evolution of Cybersecurity, Pomerleau astutely weaves together a traditional IT risk management system approach with a multi-faceted humanistic approach (with ethical, sociological, psychological, and criminal elements) to present a comprehensive how-to guide for evidence-based Cybersecurity analysis.’ – Dr. David L. Lowery, Full Professor of Homeland Security & Public Administration, Northcentral University Evidence-Based Cybersecurity Security, Audit and Leadership Series Series Editor: Dan Swanson, Dan Swanson and Associates, Ltd., Winnipeg, Manitoba, Canada. The Security, Audit and Leadership Series publishes leading-edge books on critical subjects facing security and audit executives as well as business leaders. Key topics addressed include Leadership, Cybersecurity, Security Leadership, Privacy, Strategic Risk Management, Auditing IT, Audit Management and Leadership Rising from the Mailroom to the Boardroom: Unique Insights for Governance, Risk, Compliance and Audit Leaders Bruce Turner Operational Auditing: Principles and Techniques for a Changing World (Second Edition) Hernan Murdock CyRMSM: Mastering the Management of Cybersecurity David X Martin The Complete Guide for CISA Examination Preparation Richard E. Cascarino Blockchain for Cybersecurity and Privacy: Architectures, Challenges, and Applications Yassine Maleh, Mohammad Shojafar, Mamoun Alazab, Imed Romdhani The Cybersecurity Body of Knowledge: The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity Daniel Shoemaker, Anne Kohnke, Ken Sigler For more information about this series, please visit: https://www.routledge. com/Internal-Audit-and-IT-Audit/book-series/CRCINTAUDITA Evidence-Based Cybersecurity Foundations, Research, and Practice Pierre-Luc Pomerleau David Maimon First edition published 2022 by CRC Press 6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742 and by CRC Press 4 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN CRC Press is an imprint of Taylor & Francis Group, LLC © 2022 Pierre-Luc Pomerleau and David Maimon Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, access www.copyright.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. For works that are not available on CCC please contact mpkbookspermissions@tandf. co.uk Trademark notice: Product or corporate names may be trademarks or registered trademarks and are used only for identification and explanation without intent to infringe. Library of Congress Cataloging‑in‑Publication Data Names: Pomerleau, Pierre-Luc, author. | Maimon, David, 1978- author. Title: Evidence-based cybersecurity : foundations, research, and practice / Pierre-Luc Pomerleau, David Maimon. Description: First edition. | Boca Raton, FL : CRC Press, 2022. | Series: Internal audit and IT audit | Includes bibliographical references and index. | Identifiers: LCCN 2021060090 (print) | LCCN 2021060091 (ebook) | ISBN 9781032062761 (hbk) | ISBN 9781032062785 (pbk) | ISBN 9781003201519 (ebk) Subjects: LCSH: Computer security. | Comptuter networks-- Security measures. | Computer crimes--Prevention. Classification: LCC QA76.9.A25 P5968 2022 (print) | LCC QA76.9.A25 (ebook) | DDC 005.8--dc23/eng/20220201 LC record available at https://lccn.loc.gov/2021060090 LC ebook record available at https://lccn.loc.gov/2021060091 ISBN: 9781032062761 (hbk) ISBN: 9781032062785 (pbk) ISBN: 9781003201519 (ebk) DOI: 10.1201/9781003201519 Typeset in Sabon by KnowledgeWorks Global Ltd. To all cybersecurity professionals and researchers working tirelessly to make the world a safer place. Contents Foreword xv About the authors xvii Acknowledgment xix 1 The case for an evidence-based approach to cybersecurity 1 The evidence-based approach 3 Evidence-based medicine 4 Evidence-based policing 5 Evidence-based learning 6 The case for evidence-based cybersecurity 7 References 8 2 Computers, computer networks, the Internet, and cybersecurity 11 Introduction: computers and computer networks 11 The Open System Interconnection (OSI) model and the communication process 13 The importance of cybersecurity 14 The cybersecurity ecosystem 16 Cybersecurity doctrines, practices, and policies 18 Current practices, tools, and policies to secure cyber infrastructures 23 References 25 3 Human behavior in cyberspace 29 Introduction: cybercrime and cyberspace 29 Four key actors within the cybercrime ecosystem 31 The offenders 31 The enablers 32 The victims 33 The guardians 33 ix

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.