Science of Cybersecurity

A foundational science for security – In the context of security, science can be thought of as knowledge that results in correct predictions or reliable outcomes. The “Science of Security” resides in a particularly complex area, being at the intersection of behavioral science, formal sciences, and natural sciences. We have identified 7 core themes that together form the foundational basis for our discipline. The themes are strongly inter-related, and mutually inform and benefit each other

Attack Analysis

The deepest understanding of security is obtained when it is informed from a threat actor’s perspective. There is a diverse range of motivations that influence people’s involvement with cyber crime. These range from the political to pleasure, from fraud to national security. Due to the internet’s ability to disseminate information at speed, cyber threats can also stem from the social.

Common Language

This is a vital foundational requirement so that we can express and develop our understanding of security.

Agility

Information assurance and cyber-security services need to become more agile, to reflect the more dynamic environment that systems now reside in. We need to be able to respond to an evolving threat landscape and rapidly changing technology. We need to be able to assess threat and risk much more quickly, and to detect and respond to attacks on our systems in real time.

Measurable Security

Measurements must be developed which include not just technical measures, but also the influence of security policy and user behavior. It is important to be able to carry out trade-offs between security, usability, functionality, and cost to enable better informed investment decisions.

Core Language

Security is lacking in foundational principles and fundamental definitions of concepts. There is a body of work to draw upon, and some well established terms, such as the principle of least privilege or of defense in depth. Definitions, however, tend to vary, and there is little guidance on practical application.

Core Principles

Cyber-security is an emerging area of research that must counter for the dynamic between threat actor, systems and social need. Existing approaches to systems management, such as the principle of least privilege and defense in depth, are models that have grown out of a combination of research and testing.

There is, however, debate over the definitions of these concepts and little guidance on their practical application. CSCSS’ research aims to bridge this gap, at the same time as developing new models for dealing with future threats.

Risk

Work is required to improve the quality and consistency of risk assessment. Much the work in this field has focused on process and methodology, but assessment is still based on individual expertise. Our desire is for risk assessment to be more consistent and less subjective. Research is required to assess the level of variability in risk decision-making and to determine the underlying rationale.

CSCSS runs a number of international conferences that are aimed at generating a cyber-security collegiality, where experts from around the world can gather and exchange information on cyber threats and counter-intelligence.

We also publish an annual cyber power index that ranks nation states on their level of risk and potential response to cyber threats.

Human Factors

This theme tackles factors affecting people’s security relevant behavior. It tackles issues such as: how to make the intangible benefits of information assurance visible; how to secure the optimum psychological contract for under-compliance; the most effective way to communicate information risk; and how the communication method affects subsequent attitude to risk.
·