Evidence-Based Cybersecurity - Pierre-Luc Pomerleau, David Maimon

Evidence-Based Cybersecurity

Foundations, Research, and Practice
Buch | Softcover
230 Seiten
2024
CRC Press (Verlag)
978-1-032-06278-5 (ISBN)
56,10 inkl. MwSt
This book seeks to explain the foundation of the evidence-based cybersecurity approach, reviews its relevance in the context of existing security tools and policies, and the authors provide concrete examples of how adopting this approach could improve cybersecurity operations and guide policymakers' decision-making process.
The prevalence of cyber-dependent crimes and illegal activities that can only be performed using a computer, computer networks, or other forms of information communication technology has significantly increased during the last two decades in the USA and worldwide. As a result, cybersecurity scholars and practitioners have developed various tools and policies to reduce individuals' and organizations' risk of experiencing cyber-dependent crimes. However, although cybersecurity research and tools production efforts have increased substantially, very little attention has been devoted to identifying potential comprehensive interventions that consider both human and technical aspects of the local ecology within which these crimes emerge and persist. Moreover, it appears that rigorous scientific assessments of these technologies and policies "in the wild" have been dismissed in the process of encouraging innovation and marketing. Consequently, governmental organizations, public, and private companies allocate a considerable portion of their operations budgets to protecting their computer and internet infrastructures without understanding the effectiveness of various tools and policies in reducing the myriad of risks they face. Unfortunately, this practice may complicate organizational workflows and increase costs for government entities, businesses, and consumers.

The success of the evidence-based approach in improving performance in a wide range of professions (for example, medicine, policing, and education) leads us to believe that an evidence-based cybersecurity approach is critical for improving cybersecurity efforts. This book seeks to explain the foundation of the evidence-based cybersecurity approach, review its relevance in the context of existing security tools and policies, and provide concrete examples of how adopting this approach could improve cybersecurity operations and guide policymakers' decision-making process. The evidence-based cybersecurity approach explained aims to support security professionals', policymakers', and individual computer users' decision-making regarding the deployment of security policies and tools by calling for rigorous scientific investigations of the effectiveness of these policies and mechanisms in achieving their goals to protect critical assets. This book illustrates how this approach provides an ideal framework for conceptualizing an interdisciplinary problem like cybersecurity because it stresses moving beyond decision-makers' political, financial, social, and personal experience backgrounds when adopting cybersecurity tools and policies. This approach is also a model in which policy decisions are made based on scientific research findings.

Dr. Pierre-Luc Pomerleau is a Partner at VIDOCQ. His role consists of assisting VIDOCQ’S clients in growing their business and innovating while managing their risks and protecting their assets. He does so by bringing years of experience and deep expertise in cybercrime, investigation, fraud prevention, anti-money laundering, physical security, business administration, technology, and risk management. Before joining VIDOCQ, he was Vice President at National Bank of Canada, managing the Financial Crime and Corporate Security division, including data analytics and innovation. Dr. Pomerleau holds a Ph.D. in Business Administration with a specialization in Homeland Security from Northcentral University (USA), an MBA from the University of Sherbrooke (Canada), and a bachelor's degree in criminology from the University of Montreal (Canada). He holds various security and financial crime professional certifications such as the CPP, PSP, PCI, CFE, CAMS, CCCI & CFCI certifications. In addition to his role with VIDOCQ, Dr. Pomerleau is currently an adjunct in cybersecurity at Polytechnique Montreal. From 2020 to 2021, he was a postdoctoral researcher and a research associate in cybercrime at Georgia State University (USA). In 2020, he published his book Countering Cyber Threats to Financial Institutions; A Private and Public Partnership Approach to Critical Infrastructure. From 2015 to 2018, he was the President of the Association of Certified Fraud Examiner Montreal Chapter. In October 2016, he was awarded an honorary diploma by the University of Montreal School of Criminology for his exemplary contribution to the advancement of society. Dr. David Maimon is an Associate Professor in the Department of Criminal Justice and Criminology at Georgia State University (GSU) and the director of the Evidence-Based Cybersecurity research group (see ebcs.gsu.edu). He received his Ph.D. in Sociology from the Ohio State University in 2009. Prior to joining GSU, Dr. Maimon held academic position in the Department of Criminology and Criminal Justice in the University of Maryland, and the Department of Sociology in the University of Miami. In 2015 he was awarded the "Young Scholar Award" from the "White-Collar Crime Research Consortium of the National White-Collar Crime Center" for his cybercrime research. Throughout his career he has raised more than $3 million to conduct Evidence-Based Cybersecurity research. Since joining GSU, Dr. Maimon has established the Evidence-Based Cybersecurity Research Group, where he and his researchers seek to produce and review multi- and interdisciplinary empirical evidence about the effectiveness of cybersecurity tools and policies. The group and its unique approach to cybersecurity education and research have been acknowledged on popular media platforms (https://edtechmagazine.com/higher/article/2020/09/training-next-generation-cyber-professionals). Moreover, the group's close relationships with cybersecurity professionals in several industries and law enforcement agencies have led to the adoption of the Evidence-Based Cybersecurity approach by several organizations. Dr. Maimon teaches the course "Intro to Evidence-Based Cybersecurity" at the undergraduate level, and "Evidence-Based Cybersecurity" at the graduate level.

1. The Case for an Evidence-Based Approach to Cybersecurity

2. Computers, Computers Networks, the Internet, and Cybersecurity

3. Human Behavior in Cyberspace

4. Criminological, Sociological, Psychological, Ethical and Biological Models Relevant to Cybercrime and Cybercriminals

5. Science and Cybersecurity

6. Network Security and Intrusion Detection Systems

7. The Internet of Things (IoT), Data and Website Security

8. Data Privacy, Training, and Awareness and Cybersecurity Frameworks

9. Risk and Threat Intelligence: The Effectiveness of Online Threat Intelligence in Guiding Financial Institutions’ Incident Response to Online Banking Account Takeovers

10. The Future of Evidence-Based Cybersecurity

Erscheinungsdatum
Reihe/Serie Security, Audit and Leadership Series
Zusatzinfo 4 Tables, black and white; 1 Line drawings, black and white; 3 Halftones, black and white; 4 Illustrations, black and white
Verlagsort London
Sprache englisch
Maße 156 x 234 mm
Gewicht 462 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
ISBN-10 1-032-06278-9 / 1032062789
ISBN-13 978-1-032-06278-5 / 9781032062785
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00