Theoretical Cybersecurity: Principles and Advanced Concepts
暫譯: 理論網路安全:原則與進階概念
Oakley, Jacob G., Butler, Michael, York, Wayne
相關主題
商品描述
There is a distinct lack of theoretical innovation in the cybersecurity industry. This is not to say that innovation is lacking, as new technologies, services, and solutions (as well as buzzwords) are emerging every day. This book will be the first cybersecurity text aimed at encouraging abstract and intellectual exploration of cybersecurity from the philosophical and speculative perspective. Technological innovation is certainly necessary, as it furthers the purveying of goods and services for cybersecurity producers in addition to securing the attack surface of cybersecurity consumers where able.
The issue is that the industry, sector, and even academia are largely technologically focused. There is not enough work done to further the trade--the craft of cybersecurity. This book frames the cause of this and other issues, and what can be done about them. Potential methods and directions are outlined regarding how the industry can evolve to embrace theoretical cybersecurity innovation as it pertains to the art, as much as to the science.
To do this, a taxonomy of the cybersecurity body of work is laid out to identify how the influences of the industry's past and present constrain future innovation. Then, cost-benefit analysis and right-sizing of cybersecurity roles and responsibilities--as well as defensible experimentation concepts--are presented as the foundation for moving beyond some of those constraining factors that limit theoretical cybersecurity innovation. Lastly, examples and case studies demonstrate future-oriented topics for cybersecurity theorization such as game theory, infinite-minded methodologies, and strategic cybersecurity implementations.
What you'll learn
- The current state of the cybersecurity sector and how it constrains theoretical innovation How to understand attacker and defender cost benefit
- The detect, prevent, and accept paradigm
- How to build your own cybersecurity box
- Supporting cybersecurity innovation through defensible experimentation
- How to implement strategic cybersecurity
- Infinite vs finite game play in cybersecurity
Who This Book Is For
This book is for both practitioners of cybersecurity and those who are required to, or choose to, employ such services, technology, or capabilities.
商品描述(中文翻譯)
在網路安全產業中,理論創新明顯不足。這並不是說創新完全缺乏,因為每天都有新技術、新服務和新解決方案(以及流行詞彙)不斷出現。本書將是第一本旨在從哲學和推測的角度鼓勵對網路安全進行抽象和智識探索的網路安全文本。技術創新無疑是必要的,因為它促進了網路安全產品供應商的商品和服務的提供,並在可能的情況下保障網路安全消費者的攻擊面。
問題在於,這個產業、領域甚至學術界在很大程度上都專注於技術。為了推進這個行業——網路安全的技藝,所做的工作還不夠。本書框架了這一問題及其他問題的原因,以及可以採取的措施。概述了行業如何演變以擁抱理論網路安全創新的潛在方法和方向,這涉及到藝術與科學的平衡。
為了做到這一點,將網路安全的工作體系進行分類,以識別行業過去和現在的影響如何限制未來的創新。然後,提出成本效益分析和網路安全角色與責任的適當調整——以及可辯護的實驗概念——作為超越限制理論網路安全創新的某些約束因素的基礎。最後,通過示例和案例研究展示未來導向的網路安全理論化主題,如博弈論、無限思維方法論和戰略性網路安全實施。
您將學到的內容
- 網路安全領域的現狀及其如何限制理論創新
- 如何理解攻擊者和防禦者的成本效益
- 檢測、預防和接受的範式
- 如何建立自己的網路安全框架
- 通過可辯護的實驗支持網路安全創新
- 如何實施戰略性網路安全
- 網路安全中的無限與有限遊戲
本書適合誰
本書適合網路安全的從業者以及那些需要或選擇使用此類服務、技術或能力的人士。
