SCTR7: Data Science and Analytics

OVERVIEW For those interested in the rapidly emerging field of cybersecurity data science (CSDS), below is a corpus of 33 book-length works. The list covers publications going back to 2001, although two-thirds of the works (22 out of 33) were published in the last five years (2016 to 2020). The works cover a broad range […]

A challenging aspect of cybersecurity data science (CSDS) concerns a lack of labeled datasets which record incidents and attacks. Such data is necessary for understanding attack vectors and for training and validating predictive models. A number of cybersecurity research datasets are now available and should be of interest to researchers and practitioners: • CSE-CIC-IDS2018 on […]

Cybersecurity Data Science (CSDS) is a rapidly emerging profession focused on applying data science to prevent, detect, and remediate expanding and evolving cybersecurity threats. CSDS is increasingly formally recognized as a cybersecurity job specialty, for instance in the NIST NICE Cybersecurity Workforce Framework. A proposed CSDS definition derived from multiple sources: CSDS is the practice of […]

Among my greatly respected global colleagues and friends on LinkedIn, there seem to be persistent, circular debates concerning the nature and viability of the data science profession. Opinions seem to run the gamut from ‘data science is the best thing since sliced bread and will take over the world’ to ‘data science is a weak, […]

Future Shock: Growing Vulnerabilities and Liabilities Cybersecurity data science (CSDS) brings hope to organizations challenged by evolving cyber threats. A rapidly developing field, CSDS utilizes advanced analytics to address security gaps in an increasingly data-driven, interconnected world. The consequences of ignoring security challenges are rising. According to the Cisco 2018 Annual Cybersecurity Report, over half of cyber-attacks resulted in […]

October 20th, 2018 Dear Cybersecurity Data Scientist Colleague, For an academic research publication, I am interviewing cybersecurity data scientists concerning practitioner perceptions of trends, challenges, and best practices. I would be greatly appreciative should you be willing to contribute to the community via a 30 minute interview. LIST OF QUESTIONS TO BE COVERED (open response […]

Overview: The Cyber Big Data Conundrum Organizations are challenged with the spiraling overhead associated with storing and processing ever inflating sets of cybersecurity data. Many admit they are struggling to evidence improved security event detection and decision making. A growing realization is that big data must be turned into smart data: relevant, high-quality data which […]

An Uncomfortable Status Quo This month, barely eight weeks from the WannaCry ransomware outbreak, yet another destructive worm attack has disabled systems and compromised data globally: PetrWrap (AKA NotPetya, Nyetya, or GoldenEye). Beleaguered cybersecurity professionals have responded yet again with a flurry of patches and guidance to plug the holes. Based on trending events, there is […]

Cyber threat actors exploit increasingly interconnected networks to infiltrate infrastructure and compromise digital assets. While prolific networks and digitization drive interactivity, thereby opening new opportunities for collaboration, open channels also increase the scope and scale of potential cyber risks. Beyond compromised intellectual property and regulatory strictures, reputational damage can result in customer and partner attrition, […]

Blogging from FloCon cyber security conference in San Diego #FloCon17 Although not a morning person by nature, the early 7 am kick-off session was quite painless as I am still jet lagged on Amsterdam time (+9 hours, making this an easy 4pm session!). While I was aware of a range of Linux-based open source tools for […]