Theoretical Cybersecurity: Principles and Advanced Concepts

There is a distinct lack of theoretical innovation in the cybersecurity industry. This is not to say that innovation is lacking, as new technologies, services, and solutions (as well as buzzwords) are emerging every day. This book will be the first cybersecurity text aimed at encouraging abstract and intellectual exploration of cybersecurity from the philosophical and speculative perspective. Technological innovation is certainly necessary, as it furthers the purveying of goods and services for cybersecurity producers in addition to securing the attack surface of cybersecurity consumers where able.

The issue is that the industry, sector, and even academia are largely technologically focused. There is not enough work done to further the trade—the craft of cybersecurity. This book frames the cause of this and other issues, and what can be done about them. Potential methods and directions are outlined regarding how the industry can evolve to embrace theoretical cybersecurity innovation as it pertains to the art, as much as to the science.

To do this, a taxonomy of the cybersecurity body of work is laid out to identify how the influences of the industry’s past and present constrain future innovation. Then, cost-benefit analysis and right-sizing of cybersecurity roles and responsibilities—as well as defensible experimentation concepts—are presented as the foundation for moving beyond some of those constraining factors that limit theoretical cybersecurity innovation. Lastly, examples and case studies demonstrate future-oriented topics for cybersecurity theorization such as game theory, infinite-minded methodologies, and strategic cybersecurity implementations.

What you’ll learn

• The current state of the cybersecurity sector and how it constrains theoretical innovation
• How to understand attacker and defender cost benefit
• The detect, prevent, and accept paradigm
• How to build your own cybersecurity box
• Supporting cybersecurity innovation through defensible experimentation
• How to implement strategic cybersecurity
• Infinite vs finite game play in cybersecurity

About the Author

Dr. Jacob G. Oakley is a cybersecurity author and subject matter expert with 16 years of experience focusing on strategic enterprise-level cybersecurity architectures as well as offensive cybersecurity operations within government and commercial sectors. His previous technical books, Professional Red Teaming, Waging Cyber War, and Cybersecurity for Space, are also published by Apress.

Michael Butler is a cybersecurity subject matter expert with 12 years of experience focusing on building, developing, and leading teams of ethical hackers. He is a primary instructor and developer of an offensive cloud security course taught both privately and at Blackhat conferences in the United States, Europe, and Asia. He has previously collaborated with Dr. Oakley as the technical reviewer for Professional Red Teaming.

Wayne York is a cybersecurity technical editor and subject matter expert with 18 years of experience focusing on offensive cybersecurity operations and program protection within government and commercial sectors. His previous technical edited book is Waging Cyber War by Dr. Oakley, published by Apress.

Dr. Matthew Puckett is a mathematics professor and former software engineer. His areas of interest include theology, cognitive science, and artificial intelligence. His hobbies include chess, where he is currently one of the top 300 players in the United States (according to FIDE).

Dr. J. Louis Sewell is a mathematician trained in Graph Theory. As Technical Fellow of a Huntsville, AL, technology company, he develops enduring solutions to critical infrastructure challenges in government and civilian sectors. Professionally and personally, he has a special interest in artificial intelligence ethics, infinite game dynamics, and the role of personal experience in the philosophy of science.