RSS

Cybersecurity Data Science (Springer)

October 6, 2021

Management

Cybersecurity Data Science: Best Practices in an Emerging Profession

https://www.springer.com/gp/book/9783030748951

 

This book encompasses a systematic exploration of Cybersecurity Data Science (CSDS) as an emerging profession, focusing on current versus idealized practice.  This book also analyzes challenges facing the emerging CSDS profession, diagnoses key gaps, and prescribes treatments to facilitate advancement.  Grounded in the management of information systems (MIS) discipline, insights derive from literature analysis and interviews with 50 global CSDS practitioners.  CSDS as a diagnostic process grounded in the scientific method is emphasized throughout.

Cybersecurity Data Science (CSDS) is a rapidly evolving discipline which applies data science methods to cybersecurity challenges.  CSDS reflects the rising interest in applying data-focused statistical, analytical, and machine learning-driven methods to address growing security gaps.  This book offers a systematic assessment of the developing domain.  Advocacy is provided to strengthen professional rigor and best practices in the emerging CSDS profession. 

This book will be of interest to a range of professionals associated with cybersecurity and data science, spanning practitioner, commercial, public sector, and academic domains.  Best practices framed will be of interest to CSDS practitioners, security professionals, risk management stewards, and institutional stakeholders.  Organizational and industry perspectives will be of interest to cybersecurity analysts, managers, planners, strategists, and regulators.  Research professionals and academics are presented with a systematic analysis of the CSDS field, including an overview of the state of the art, a structured evaluation of key challenges, recommended best practices, and an extensive bibliography.

TABLE OF CONTENTS

Cybersecurity Data Science:  Best Practices in an Emerging Profession

https://www.springer.com/gp/book/9783030748951

  • 1.            Summary Introduction 
    • 1.1.         Summary Overview       
    • 1.2.         Motivations and Audience          
    • 1.3.         Research Questions and Management Problems Addressed        
    • 1.4.         Research Process and Methods
    • 1.5.         Theoretical Contributions            
    • 1.6.         Contributions to Management Practice 
  • 2.            PHASE I:  CSDS as an Emerging Profession – Diagnostic Literature Analysis           
    • 2.1.         Research Objectives      
    • 2.2.         CSDS in a Management Research Context            
      • 2.2.1.     Working Definition         
      • 2.2.2.     Expanding Scope, Scale, and Risk              
      • 2.2.3.     Adversarial Advantages
      • 2.2.4.     Managerial Responses to Growing Challenges    
      • 2.2.5.     Market Responses and Distortions          
      • 2.2.6.     Management of Information Systems (MIS) Context       
      • 2.2.7.     Professional Maturity Model      
    • 2.3.         Cybersecurity as a Profession    
      • 2.3.1.     Origins and Definitions 
      • 2.3.2.     Managing and Assuring
      • 2.3.3.     Academic Programs and Research           
      • 2.3.4.     Professional Organizations and Certifications      
      • 2.3.5.     Frameworks      
      • 2.3.6.     Professional Status         
    • 2.4.         Data Science as a Profession      
      • 2.4.1.     Origins and Definitions 
      • 2.4.2.     Organizational Job Role
      • 2.4.3.     Academic Programs and Research           
      • 2.4.4.     Professional Organizations and Certifications      
      • 2.4.5.     Frameworks      
      • 2.4.6.     Professional Status         
    • 2.5.         CSDS as an Emerging Hybrid Profession
      • 2.5.1.     Origins and Definitions 
      • 2.5.2.     The Data-Driven Paradigm in Cybersecurity         
      • 2.5.3.     Academic Programs and Research
      • 2.5.4.     Professional Organizations and Certifications      
      • 2.5.5.     Frameworks      
      • 2.5.6.     Professionalization Status           
    • 2.6.         Literature Analysis Outcomes    
      • 2.6.1.     Result 1:  CSDS Comparative Professional Maturity Gaps
      • 2.6.2.     Result 2:  CSDS Functional Demand Model           
      • 2.6.3.     Result 3:  CSDS Literature Corpus             
      • 2.6.4.     Result 4:  CSDS Literature Gap Analysis  
      • 2.6.5.     Result 5:  CSDS Sensitizing Concepts       
      • 2.6.6.     Result 6:  Methodological Concepts        
    • 2.7.         Summary of Literature Analysis Results 
      • 2.7.1.     Research Relevance       
      • 2.7.2.     Metatheoretical Implications     
      • 2.7.3.     Managerial Relevance  
      • 2.7.4.     Research Questions Addressed 
  • 3.            PHASE II:  CSDS Practitioners – Diagnostic Opinion Research and Gap Analysis   
    • 3.1.         Research Objectives      
    • 3.2.         Qualitative Component:  Diagnostic Interview Research
      • 3.2.1.     Interview Research Preparation and Planning     
        • 3.2.1.1. Establishing Context      
        • 3.2.1.2. Qualitative Research Overview 
        • 3.2.1.3. Interview Research Process        
        • 3.2.1.4. Methodological Underpinnings 
        • 3.2.1.5. Sensitizing Concepts      
        • 3.2.1.6. Interview Questions and Format              
        • 3.2.1.7. Interviewee Selection   
        • 3.2.1.8. Interviewee Demographics         
        • 3.2.1.9. Logistics and Responses
      • 3.2.2.     Initial Coding and Refinement   
        • 3.2.2.1. Open Coding and Refinement Process   
        • 3.2.2.2. Open Codes and Categories        
        • 3.2.2.3. Memoing Insights           
        • 3.2.2.4. Final Ordered Codebook             
      • 3.2.3.     Structured Coding and Results   
        • 3.2.3.1. Selective Axial Coding Process   
        • 3.2.3.2. Challenge Codes and Results      
        • 3.2.3.3. Best Practice Codes and Results
        • 3.2.3.4. Adjacent Domains Codes and Results     
        • 3.2.3.5. Adversarial Trends Codes and Results    
        • 3.2.3.6. Demographic and Professional Experience Observations
        • 3.2.3.7. Thematic Insights via Text Analytics         
        • 3.2.3.8. Summary of Mixed Method Qualitative Insights
    • 3.3.         Quantitative Component:  Diagnostic Gap Analysis           
      • 3.3.1.     Overview of Analytical Methods
      • 3.3.2.     Methodological Underpinnings 
      • 3.3.3.     Logistic Fitting of Challenges with Best Practices
      • 3.3.4.     Exploratory Factor Analysis and Interpretations
      • 3.3.5.     Factor Substantiation    
      • 3.3.6.     Factor-to-Factor Fitting 
      • 3.3.7.     Gap-Prescription Extrapolation 
    • 3.4.         Summary of Extrapolated Insights           
      • 3.4.1.     Mixed Method Diagnostic Gap Analysis 
      • 3.4.2.     Research Relevance       
      • 3.4.3.     Managerial Relevance  
      • 3.4.4.     Research Questions Addressed
  • 4.            PHASE III:  CSDS Gap-Prescriptions – Design Science Problem Solving     
    • 4.1.         Research Objectives      
    • 4.2.         Framing CSDS Design Prescriptions          
      • 4.2.1.     CSDS Gaps in Context    
      • 4.2.2.     Cybersecurity Challenges Redux
      • 4.2.3.     Data Science Challenges Redux 
      • 4.2.4.     Towards Design Science Prescriptions    
    • 4.3.         Design Prescription I:  Data Management             
      • 4.3.1.     Problem-Solving Requirements
      • 4.3.2.     Data-Preparation-as-a-Process 
      • 4.3.3.     Specifying Data Structures          
      • 4.3.4.     Exploratory Data Analysis (EDA)
      • 4.3.5.     Feature Engineering      
      • 4.3.6.     Analytics Process Models            
      • 4.3.7.     Summary of Design Prescription I:  Data Management   
    • 4.4.         Design Prescription II:  Scientific Processes          
      • 4.4.1.     Problem-Solving Requirements
      • 4.4.2.     Operationalizing Scientific Discovery      
      • 4.4.3.     Extrapolating Experimental Evidence     
      • 4.4.4.     Integrating Prediction and Explanation  
      • 4.4.5.     Model Context and Validation   
      • 4.4.6.     Towards Cybersecurity Theory  
      • 4.4.7.     Summary of Design Prescription II:  Scientific Processes 
    • 4.5.         Design Prescription III:  Cross-Domain Collaboration        
      • 4.5.1.     Problem-Solving Requirements
      • 4.5.2.     Collaborative Science in the Enterprise  
      • 4.5.3.     Aligning Organizational Incentives           
      • 4.5.4.     CSDS Curricula for Cross-Training             
      • 4.5.5.     Summary of Design Prescription III:  Cross-Domain Collaboration
    • 4.6.         Summary of Design Prescriptions             
      • 4.6.1.     Overview of Prescribed Designs
      • 4.6.2.     Research Relevance       
      • 4.6.3.     Managerial Relevance  
      • 4.6.4.     Research Questions Addressed 
  • 5.            Research Conclusions and Discussion     
    • 5.1.         Summary of Research Motivations          
    • 5.2.         Summary of Research Objectives and Questions Addressed         
    • 5.3.         Summary of Research Process, Methods, and Outcomes
    • 5.4.         Academic, Theoretical, and Methodological Contributions            
    • 5.5.         Limitations of Research
    • 5.6.         Future Research Foundations    
  • 6.            Managerial Recommendations 
    • 6.1.         Management Problems
    • 6.2.         Management Problems Addressed         
    • 6.3.         Summary of Stakeholders Served            
    • 6.4.         Guidance for CSDS and Related Practitioners      
    • 6.5.         Guidance for Managers and Security Stewards   
    • 6.6.         Guidance for Firms and Service Providers             
    • 6.7.         Guidance for Nation States and Regulators          
  • REFERENCES      

About SARK7

Scott Allen Mongeau (@SARK7), an INFORMS Certified Analytics Professional (CAP), is a researcher, lecturer, and consulting Data Scientist. Scott has over 30 years of project-focused experience in data analytics across a range of industries, including IT, biotech, pharma, materials, insurance, law enforcement, financial services, and start-ups. Scott is a part-time lecturer and PhD (abd) researcher at Nyenrode Business University on the topic of data science. He holds a Global Executive MBA (OneMBA) and Masters in Financial Management from Erasmus Rotterdam School of Management (RSM). He has a Certificate in Finance from University of California at Berkeley Extension, a MA in Communication from the University of Texas at Austin, and a Graduate Degree (GD) in Applied Information Systems Management from the Royal Melbourne Institute of Technology (RMIT). He holds a BPhil from Miami University of Ohio. Having lived and worked in a number of countries, Scott is a dual American and Dutch citizen. He may be contacted at: webmaster@sark7.com LinkedIn: https://www.linkedin.com/in/smongeau/ Twitter: @sark7 Blog: sctr7.com Web: www.sark7.com All posts are copyright © 2020 SARK7 All external materials utilized imply no ownership rights and are presented purely for educational purposes.

View all posts by SARK7

Subscribe

Subscribe to our RSS feed and social profiles to receive updates.

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: