Software Engineering Institute

Cybersecurity Data Science (CSDS) is a rapidly emerging practitioner discipline at the intersection of two fields of intense public and commercial interest. CSDS emerges from the growing practice of applying data science to prevent, detect, and remediate expanding and evolving cybersecurity threats. It offers a range of methods to address growing challenges in the cybersecurity domain, including rapidly evolving threats, expanding vulnerabilities, shrinking human resources, data overload, and challenges with orchestrating automated decisioning.

Because CSDS is in the early stages of professionalization, however, gaps in its practice impede its effectiveness. This presentation seeks to characterize the emerging CSDS professional discipline from the perspective of practitioners. Results from interviews with 50 global cybersecurity data scientists will be summarized and reviewed. Common themes raised in interviews will be framed to provide attendees with practical guidance on implementing CSDS solutions and programs.

In mapping CSDS boundaries and gaps based on comprehensive practitioner input, this presentation offers guidance to practitioners, managers, and researchers interested to advance CSDS professional practice and general effectiveness. This includes those who are planning operational programmatic implementations and/or research initiatives. As this research will be published in a forthcoming book, the hope is to gain feedback from the community on the best practices and challenges it has identified. This presentation advances the 2019 presentation by extending and completing the research and analysis that was previously conducted.