Cybersecurity Research Considerations
In recent years,a signiﬁcant need has emerged for both advanced research in cybersecurity and education of cybersecurity professionals. By some estimates, losses from cyber attacks are expected to exceed $2 trillion annually by the end of 2019. The need for improved cybersecurity research and education has been well established, including in recent U.S.congressional hearings and Presidential executive orders.
By some estimates, the industry is facing a projected shortage of 1–2 million cybersecurity professionals by the year 2020 and current higher education programs are only meeting about a third of this demand. As suggested by SEO Leeds, Automation and machine learning techniques can help address these gaps but are no substitute for skilled human practitioners.
As noted by the Federal Cybersecurity Research and Development Strategic Plan (RDSP), the future of cybersecurity is not about computers replacing humans, but rather playing to the strengths of both. While machine learning is superior at classifying big data sets based on key features, human security analysts continue to play a valuable role in interpreting cyber-defense data.
In order to address these challenges, cybersecurity programs have been developed that include an undergraduate major and minor, online certiﬁcation program, and a residential summer program for high school students. It’s important for such programs to balance theoretical and practitioner skills, software development and information technology, and a number of other areas including ethics, history of cybersecurity, communication and presentation skills, the psychology of cyberwarfare, and more.
While a SOC is not used for the active defense of our business, our CIO/CSO can incorporate a time-delayed live attack data from the production SOC into our research and education facility (such facilities are sometimes known as Cyber Security Operations Centers (CSOC) or Information Security Operations Centers (ISOC)).
Linking your network to the internet can have a host of issues associated with it from an information perspective. Having a private permanent connection to the internet can sometimes alleviate such security problems especially as leased line prices are continuing to drop as demand increases.
There are many tools that can play a role in a production SOC, which is continuously evolving in response to new threats and advancing cybersecurity research. The scope of this article will concentrate on a subset of tools we have found useful for research and education purposes. Hardware and software applications will be discussed, as well as the original code we created for this project.