Cybersecurity in Humanities and Social Sciences - A Research Methods Approach

Read more

The humanities and social sciences are interested in the cybersecurity object since its emergence in the security debates, at the beginning of the 2000s. This scientific production is thus still relatively young, but diversified, mobilizing at the same time political science, international relations, sociology , law, information science, security studies, surveillance studies, strategic studies, polemology. There is, however, no actual cybersecurity studies. After two decades of scientific production on this subject, we thought it essential to take stock of the research methods that could be mobilized, imagined and invented by the researchers. The research methodology on the subject "cybersecurity" has, paradoxically, been the subject of relatively few publications to date. This dimension is essential. It is the initial phase by which any researcher, seasoned or young doctoral student, must pass, to define his subject of study, delimit the contours, ask the research questions, and choose the methods of treatment. It is this methodological dimension that our book proposes to treat. The questions the authors were asked to answer were: how can cybersecurity be defined? What disciplines in the humanities and social sciences are studying, and how, cybersecurity? What is the place of pluralism or interdisciplinarity? How are the research topics chosen, the questions defined? How, concretely, to study cybersecurity: tools, methods, theories, organization of research, research fields, data ...? How are discipline-specific theories useful for understanding and studying cybersecurity? Has cybersecurity had an impact on scientific theories?

List of contents

Introduction ix
Daniel VENTRE, Hugo LOISEAU and Hartmut ADEN
 
Chapter 1 The "Science" of Cybersecurity in the Human and Social Sciences: Issues and Reflections 1
Hugo LOISEAU
 
1.1 Introduction 1
 
1.2 A method? 4
 
1.3 Data? 11
 
1.4 One or more definition(s)? 16
 
1.5 Conclusion 20
 
1.6 References 21
 
Chapter 2 Definitions, Typologies, Taxonomies and Ontologies of Cybersecurity 25
Daniel VENTRE
 
2.1 Introduction 25
 
2.2 Definition 27
 
2.2.1 What is a definition? 27
 
2.2.2 Usefulness of definitions 29
 
2.2.3 Rules for constructing definitions 29
 
2.2.4 Definitions of cybersecurity 32
 
2.3 Typology 43
 
2.3.1 What is a typology? 44
 
2.3.2 Usefulness of typologies 44
 
2.3.3 Rules for the construction of typologies 45
 
2.3.4 Cybersecurity typologies 46
 
2.4 Taxonomy 48
 
2.4.1 What is a taxonomy? 48
 
2.4.2 Usefulness of taxonomy 49
 
2.4.3 Rules for the construction of taxonomies 49
 
2.4.4 Taxonomies of cybersecurity 50
 
2.5 Ontologies 51
 
2.5.1 What is ontology? 52
 
2.5.2 Usefulness of ontologies 53
 
2.5.3 Rules for construction of ontologies 53
 
2.5.4 Cybersecurity ontologies 54
 
2.6 Conclusion 56
 
2.7 References 57
 
Chapter 3 Cybersecurity and Data Protection - Research Strategies and Limitations in a Legal and Public Policy Perspective 67
Hartmut ADEN
 
3.1 Introduction 67
 
3.2 Studying the complex relationship between cybersecurity and data protection: endangering privacy by combating cybercrime? 68
 
3.2.1 Potential tensions between cybersecurity and data protection 69
 
3.2.2 Potential synergies between cybersecurity and data protection 72
 
3.3 Methodological approaches and challenges for the study of cybersecurity - legal and public policy perspectives 74
 
3.3.1 Legal interpretation and comparison as methodological approaches to the study of cybersecurity 74
 
3.3.2 Public policy approaches to the study of cybersecurity 77
 
3.3.3 Transdisciplinary synergies between legal and public policy perspectives 78
 
3.4 Conclusion and outlook 80
 
3.5 References 81
 
Chapter 4 Researching State-sponsored Cyber-espionage 85
Joseph FITSANAKIS
 
4.1 Defining cybersecurity and cyber-espionage 85
 
4.2 Taxonomies of cyber-threats 87
 
4.3 The structure of this chapter 88
 
4.4 The significance of state-sponsored cyber-espionage 90
 
4.5 Research themes in state-sponsored cyber-espionage 94
 
4.6 Theorizing state-sponsored cyber-espionage in the social sciences 98
 
4.7 Research methodologies into state-sponsored cyber-espionage 104
 
4.8 Intellectual precision and objectivity in state-sponsored cyber-espionage research 106
 
4.9 Detecting state actors in cyber-espionage research 110
 
4.10 Identifying specific state actors in cyber-espionage research 112
 
4.11 Conclusion: researching a transformational subject 116
 
4.12 References 118
 
Chapter 5 Moving from Uncertainty to Risk: The Case of Cyber Risk 123
Michel DACOROGNA and Marie KRATZ
 
5.1 Introduction 123
 
5.2 The scientific approach to move from uncertainty to risk 124
 
5.3 Learning about the data: the exploratory phase 126
 
5.4 Data cleansing 128
 
5.5 Statistical exploration on the various variables of the dataset 130
 
5.6 Univariate modeling for the relevant variables 134
 
5.7 Multivariate and dynamic modeling 139
 
5.7.1 A fast-chang

About the author

Hugo LOISEAU, École de politique appliquée Faculté des lettres et sciences humaines Université de Sherbrooke Quebec Canada.
Daniel VENTRE, CESDIP Laboratory CNRS Guyancourt France.
Hartmut ADEN, Berlin School of Economics and Law Berlin Institute for Safety and Security Research Germany.

Summary

The humanities and social sciences are interested in the cybersecurity object since its emergence in the security debates, at the beginning of the 2000s. This scientific production is thus still relatively young, but diversified, mobilizing at the same time political science, international relations, sociology , law, information science, security studies, surveillance studies, strategic studies, polemology. There is, however, no actual cybersecurity studies. After two decades of scientific production on this subject, we thought it essential to take stock of the research methods that could be mobilized, imagined and invented by the researchers. The research methodology on the subject "cybersecurity" has, paradoxically, been the subject of relatively few publications to date. This dimension is essential. It is the initial phase by which any researcher, seasoned or young doctoral student, must pass, to define his subject of study, delimit the contours, ask the research questions, and choose the methods of treatment. It is this methodological dimension that our book proposes to treat. The questions the authors were asked to answer were: how can cybersecurity be defined? What disciplines in the humanities and social sciences are studying, and how, cybersecurity? What is the place of pluralism or interdisciplinarity? How are the research topics chosen, the questions defined? How, concretely, to study cybersecurity: tools, methods, theories, organization of research, research fields, data ...? How are discipline-specific theories useful for understanding and studying cybersecurity? Has cybersecurity had an impact on scientific theories?