icon-carat-right menu search cmu-wordmark

Cybersecurity Data Science 2020: Practitioner Perspectives and Guidance

Presentation
This talk addresses fundamental questions concerning the status of cybersecurity data science (CSDS) as an emerging profession.
Publisher

SAS Institute

Topic or Tag

Abstract

Cybersecurity Data Science (CSDS) is a rapidly emerging practitioner discipline at the intersection of two fields of intense public and commercial interest. CSDS emerges from the growing practice of applying data science to prevent, detect, and remediate expanding and evolving cybersecurity threats. It offers a range of methods to address growing challenges in the cybersecurity domain, including rapidly evolving threats, expanding vulnerabilities, shrinking human resources, data overload, and challenges with orchestrating automated decisioning.

Because CSDS is in the early stages of professionalization, however, gaps in its practice impede its effectiveness. This presentation seeks to characterize the emerging CSDS professional discipline from the perspective of practitioners. Results from interviews with 50 global cybersecurity data scientists will be summarized and reviewed. Common themes raised in interviews will be framed to provide attendees with practical guidance on implementing CSDS solutions and programs.

In mapping CSDS boundaries and gaps based on comprehensive practitioner input, this presentation offers guidance to practitioners, managers, and researchers interested to advance CSDS professional practice and general effectiveness. This includes those who are planning operational programmatic implementations and/or research initiatives. As this research will be published in a forthcoming book, the hope is to gain feedback from the community on the best practices and challenges it has identified. This presentation advances the 2019 presentation by extending and completing the research and analysis that was previously conducted.

Part of a Collection

FloCon 2020 Presentations

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.