Chapter 1. Introduction to Strategic Cybersecurity

Discuss what strategic cybersecurity is

Discussion on how it is not cybersecurity strategy

Chapter 2. No one cares about cybersecurity

Real motivations

Consequences

How can cybersecurity help them in spite of themselves?

Chapter 3. Cost-Benefit & Cybersecurity

Cost-Benefit to the defender

Cost-Benefit to the attacker

Chapter 4. What is the box that is cybersecurity?

Where do we draw the line?

What are areas that should be abandoned

What are areas that should be explored

Chapter 5. The detect, prevent, accept paradigm

Outline the paradigm

Case studies

Chapter 6. Building your own cybersecurity box

What is out of the cyber domain: sim swapping, go daddy

What is likely to be your attacker

What is likely to be your loss

Chapter 7. Cybersecurity as a material

Sourcing

Test and evaluation

Utilization

Deprecation

Failure analysis

Chapter 8. Cybersecurity as infrastructure

A comparison to electricity

How do we get there and what will it mean?

Chapter 9. Strategic Defensive Security

Detect

Identify

Monitor

Hunt

Chapter 10. Strategic Offensive Security

Penetration testing

Red Teaming

Reverse Red Teaming

Chapter 11. Strategic Assurance

Frameworks

Auditing

Case study

Chapter 12. Strategic cybersecurity in commercial sectors

The approach

Case study

Chapter 13. Strategic cybersecurity in accountable sectors

Healthcare approach

Case study

Financial approach

Chapter 14. Strategic Magic

AI

ML

Block Chain

Chapter 15. Looking Forward

Where is the theory-craft?

We need new ideas and paradigms as much as we need new technology

Why is it difficult for academia to evolve cybersecurity?

Especially offensive cybersecurity

What is wrong with cybersecurity currently in academics

Degree programs

Potential solutions

Why does industry often lack an academic approach?

Dr. Jacob G. Oakley is a cybersecurity author and subject matter expert with 16 years of experience focusing on strategic enterprise-level cybersecurity architectures as well as offensive cybersecurity operations within government and commercial sectors. His previous technical books, Professional Red Teaming, Waging Cyber War, and Cybersecurity for Space, are also published by Apress.

There is a distinct lack of theoretical innovation in the cybersecurity industry. This is not to say that innovation is lacking, as new technologies, services, and solutions (as well as buzzwords) are emerging every day. This book will be the first cybersecurity text aimed at encouraging abstract and intellectual exploration of cybersecurity from the philosophical and speculative perspective. Technological innovation is certainly necessary, as it furthers the purveying of goods and services for cybersecurity producers in addition to securing the attack surface of cybersecurity consumers where able.

To do this, a taxonomy of the cybersecurity body of work is laid out to identify how the influences of the industry’s past and present constrain future innovation. Then, cost-benefit analysis and right-sizing of cybersecurity roles and responsibilities—as well as defensible experimentation concepts—are presented as the foundation for moving beyond some of those constraining factors that limit theoretical cybersecurity innovation. Lastly, examples and case studies demonstrate future-oriented topics for cybersecurity theorization such as game theory, infinite-minded methodologies, and strategic cybersecurity implementations.

What you’ll learn