Can Cybersecurity Be Proactive? A Big Data Approach and Challenges

The cybersecurity community typically reacts to attacks after they occur. Being reactive is costly and can be fatal where attacks threaten lives, important data, or mission success. But can cybersecurity be done proactively? Our research capitalizes on the Germination Period—the time lag between hacker communities discussing software flaw types and flaws actually being exploited—where proactive measures can be taken. We argue for a novel proactive approach, utilizing big data, for (I) identifying potential attacks before they come to fruition; and based on this identification, (II) developing preventive counter-measures. The big data approach resulted in our vision of the Proactive Cybersecurity System (PCS), a layered, modular service platform that applies big data collection and processing tools to a wide variety of unstructured data sources to predict vulnerabilities and develop countermeasures. Our exploratory study is the first to show the promise of this novel proactive approach and illuminates challenges that need to be addressed

Digital Gold: Cybersecurity Regulations and Establishing the Free Trade of Big Data

Data is everywhere. With more than ten billion Internetenabled devices worldwide, each day individuals create a flood of information that is transferred onto the Internet as big data. Businesses that have the resources to capture and utilize data can better understand their consumers, allowing for reinforcement of customer relationship management, improvements to the management of operational risk, and enhancement of overall firm performance. However, big data’s advantages come with high costs. The cost of organization and storage coupled with the fact that no legal principle allows for any sort of property rights in big data creates a “digital divide” between data giants, like Facebook and Google, and smaller businesses. What’s more, because each country sets different cybersecurity standards, start-up costs and expenses are cutting many businesses out of the digital market. This Note will first discuss the basics of big data and then argue that policymakers need to promote the free trade of data as a commodity with independent property rights. This Note will then discuss the obstacles to the free trade of data regarding privacy rights and the diversity of international cybersecurity regulations. Finally, this Note will propose the need for a multilateral convention on cybersecurity that will promote a centralized regulatory approach

DeapSECURE Computational Training for Cybersecurity Students: Improvements, Mid-Stage Evaluation, and Lessons Learned

DeapSECURE is a non-degree computational training program that provides a solid high-performance computing (HPC) and big-data foundation for cybersecurity students. DeapSECURE consists of six modules covering a broad spectrum of topics such as HPC platforms, big-data analytics, machine learning, privacy-preserving methods, and parallel programming. In the second year of this program, to improve the learning experience, we implemented a number of changes, such as grouping modules into two broad categories, big-data and HPC ; creating a single cybersecurity storyline across the modules; and introducing post-workshop (optional) hackshops. Two major goals of these changes are, firstly, to effectively engage students to maintain high interest and attendance in such a non-degree program, and, secondly, to increase knowledge and skill acquisition. To assess the program, and in particular the changes made in the second year, we evaluated and compared the execution and outcomes of the training in Year 1 and Year 2. The assessment data shows that the implemented changes have partially achieved our goals, while simultaneously providing indications where we can further improve. The development of a fully on-line training mode is planned for the next year, along with a reproducibility pilot study to broaden the subject domain from cybersecurity to other areas, such as computations with sensitive data

Autonomous Vehicles:The Cybersecurity Vulnerabilities and Countermeasures for Big Data Communication

The possible applications of communication based on big data have steadily increased in several industries, such as the autonomous vehicle industry, with a corresponding increase in security challenges, including cybersecurity vulnerabilities (CVs). The cybersecurity-related symmetry of big data communication systems used in autonomous vehicles may raise more vulnerabilities in the data communication process between these vehicles and IoT devices. The data involved in the CVs may be encrypted using an asymmetric and symmetric algorithm. Autonomous vehicles with proactive cybersecurity solutions, power-based cyberattacks, and dynamic countermeasures are the modern issues/developments with emerging technology and evolving attacks. Research on big data has been primarily focused on mitigating CVs and minimizing big data breaches using appropriate countermeasures known as security solutions. In the future, CVs in data communication between autonomous vehicles (DCAV), the weaknesses of autonomous vehicular networks (AVN), and cyber threats to network functions form the primary security issues in big data communication, AVN, and DCAV. Therefore, efficient countermeasure models and security algorithms are required to minimize CVs and data breaches. As a technique, policies and rules of CVs with proxy and demilitarized zone (DMZ) servers were combined to enhance the efficiency of the countermeasure. In this study, we propose an information security approach that depends on the increasing energy levels of attacks and CVs by identifying the energy levels of each attack. To show the results of the performance of our proposed countermeasure, CV and energy consumption are compared with different attacks. Thus, the countermeasures can secure big data communication and DCAV using security algorithms related to cybersecurity and effectively prevent CVs and big data breaches during data communication

Performance of Machine Learning and Big Data Analytics paradigms in Cybersecurity and Cloud Computing Platforms

The purpose of the research is to evaluate Machine Learning and Big Data Analytics paradigms for use in Cybersecurity. Cybersecurity refers to a combination of technologies, processes and operations that are framed to protect information systems, computers, devices, programs, data and networks from internal or external threats, harm, damage, attacks or unauthorized access. The main characteristic of Machine Learning (ML) is the automatic data analysis of large data sets and production of models for the general relationships found among data. ML algorithms, as part of Artificial Intelligence, can be clustered into supervised, unsupervised, semi-supervised, and reinforcement learning algorithms

The Technologization of Insurance: An Empirical Analysis of Big Data and Artificial Intelligence’s Impact on Cybersecurity and Privacy

This Article engages one of the biggest issues debated among privacy and technology scholars by offering an empirical examination of how big data and emerging technologies influence society. Although scholars explore the ways that code, technology, and information regulate society, existing research primarily focuses on the theoretical and normative challenges of big data and emerging technologies. To our knowledge, there has been very little empirical analysis of precisely how big data and technology influence society. This is not due to a lack of interest but rather a lack of disclosure by data providers and corporations that collect and use these technologies. Specifically, we focus on one of the biggest problems for businesses and individuals in society: cybersecurity risks and data breach events. Due to the lack of stringent legal regulations and preparation by organizations, insurance companies are stepping in and offering not only cyber insurance but also risk management services aimed at trying to improve organizations’ cybersecurity profile and reduce their risk. Drawing from sixty interviews of the cyber insurance field, a quantitative analysis of a “big data” set we obtained from a data provider, and observations at cyber insurance conferences, we explore the effects of what we refer to as the “technologization of insurance,” the process whereby technology influences and shapes the delivery of insurance. Our study makes two primary findings. First, we show how big data, artificial intelligence, and emerging technologies are transforming the way insurers underwrite, price insurance, and engage in risk management. Second, we show how the impact of these technological interventions is largely symbolic. Insurtech innovations are ineffective at enhancing organizations’ cybersecurity, promoting the role of insurers as regulators, and helping insurers manage uncertainty. We conclude by offering recommendations on how society can help technology to assure algorithmic justice and greater security of consumer information as opposed to greater efficiency and profit