Evidence-Based Cybersecurity : Foundations, Research, and Practice - Pierre-Luc Pomerleau

Evidence-Based Cybersecurity

Foundations, Research, and Practice

By: Pierre-Luc Pomerleau, David Maimon

Paperback | 4 October 2024

At a Glance

Paperback


RRP $94.99

$74.25

22%OFF

or 4 interest-free payments of $18.56 with

 or 

Aims to ship in 7 to 10 business days

The prevalence of cyber-dependent crimes and illegal activities that can only be performed using a computer, computer networks, or other forms of information communication technology has significantly increased during the last two decades in the USA and worldwide. As a result, cybersecurity scholars and practitioners have developed various tools and policies to reduce individuals' and organizations' risk of experiencing cyber-dependent crimes. However, although cybersecurity research and tools production efforts have increased substantially, very little attention has been devoted to identifying potential comprehensive interventions that consider both human and technical aspects of the local ecology within which these crimes emerge and persist. Moreover, it appears that rigorous scientific assessments of these technologies and policies "in the wild" have been dismissed in the process of encouraging innovation and marketing. Consequently, governmental organizations, public, and private companies allocate a considerable portion of their operations budgets to protecting their computer and internet infrastructures without understanding the effectiveness of various tools and policies in reducing the myriad of risks they face. Unfortunately, this practice may complicate organizational workflows and increase costs for government entities, businesses, and consumers.

The success of the evidence-based approach in improving performance in a wide range of professions (for example, medicine, policing, and education) leads us to believe that an evidence-based cybersecurity approach is critical for improving cybersecurity efforts. This book seeks to explain the foundation of the evidence-based cybersecurity approach, review its relevance in the context of existing security tools and policies, and provide concrete examples of how adopting this approach could improve cybersecurity operations and guide policymakers' decision-making process. The evidence-based cybersecurity approach explained aims to support security professionals', policymakers', and individual computer users' decision-making regarding the deployment of security policies and tools by calling for rigorous scientific investigations of the effectiveness of these policies and mechanisms in achieving their goals to protect critical assets. This book illustrates how this approach provides an ideal framework for conceptualizing an interdisciplinary problem like cybersecurity because it stresses moving beyond decision-makers' political, financial, social, and personal experience backgrounds when adopting cybersecurity tools and policies. This approach is also a model in which policy decisions are made based on scientific research findings.

Industry Reviews

"This is a tremendous resource for every security professional and organization whose goal is to improve their cybersecurity posture. The evidence-based cybersecurity approach ties the criticality of understanding human behavior with the technical aspects of cyber-crime. A true data centric treasure trove of valuable knowledge."

- Kausar Kenning, Executive Director, Cyber Security, Morgan Stanley

"Despite its technical nature, the evidence base supporting cybersecurity as a field of practice remains flimsy, at best. Some have even compared cybersecurity to "medieval witchcraft". This timely and essential book provides a much needed and comprehensive overview of the available evidence and of the knowledge gaps that persist, also charting the path ahead for a more scientific approach to the design, implementation, and evaluation of cybersecurity measures."

- Dr. Benoit Dupont, Professor of Criminology, University of Montreal, Canada, and Canada Research Chair in Cybersecurity.

"Dr. Pomerleau does a masterful job of deep diving into the realm of contemporary Cybersecurity. Beyond recounting the historical evolution of Cybersecurity, Pomerleau astutely weaves together a traditional IT risk management system approach with a multi-faceted humanistic approach (with ethical, sociological, psychological, and criminal elements) to present a comprehensive how-to guide for evidence-based Cybersecurity analysis."

- Dr. David L. Lowery, Full Professor of Homeland Security & Public Administration, Northcentral University

More in Network Security

Cybercrime : An Encyclopedia of Digital Crime - Nancy E. Marion

RRP $59.99

$49.25

18%
OFF
Information Modeling and Relational Databases : 2nd Edition - Terry Halpin
Cybersecurity For Dummies : 2nd edition - Joseph Steinberg

RRP $52.95

$34.75

34%
OFF
Cyber Wars : Hacks that Shocked the Business World - Charles Arthur
Network Security Assessment : Know Your Network : 3rd Edition - Chris Mcnab
The Language of Cyber Attacks : A Rhetoric of Deception - Aaron Mauro
Beautiful Security : O'Reilly Ser. - Andy Oram

RRP $76.00

$35.75

53%
OFF
Crafting an Information Security Playbook - Jeff Bollinger

RRP $95.00

$43.25

54%
OFF
I'm a Romance Scam IT Detective (Edition 2) - Selina Co
Spam Kings - Brian Mcwilliams

Paperback

RRP $47.50

$26.50

44%
OFF