Cybersecurity Background
Welcome to LIS 640 InfoEcon and Cybersecurity!
Required Textbook
The first thing you should do is obtain a copy of the one required book for the class. This book is called:
“You’ll See This Message When Its Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” by Josephine Wolff. MIT Press, Nov, 2018. ISBN 9780262349543.
The eBook version is fine; you can get links to buy an ebook from multiple major retailers here. The UW-Madison library has a single physical copy of the book (I think), but I have not been able to find a copy electronically through the library. So, I recommend buying the eBook. If you do find it electronically through the library, please let me know so I can share this knowledge with others in the class!
You don’t need to read it right now, but you will need it for the first assignment, which is due in a week.
Readings
For this week, we will start off talking about cybersecurity as a whole. What is cybersecurity? Do we even know?
I’d like you to start off by reading Chapter 1 from the book “Cybersecurity Myths and Misconcepions” by Eugene Spafford, Leigh Metcalf, and Josiah Dykstra. This chapter addresses the question “What is cybersecurity?” and identifies a number of myths about cybersecurity as a whole, and describes why the authors think they are myths. It is a good and amusing way to think about what cybersecurity really is.
(Note: This book is available electronically via the UW-Madison library: https://learning-oreilly-com.ezproxy.library.wisc.edu/library/view/cybersecurity-myths-and/9780137929214/ch01.xhtml#ch01. You are welcome to read more of it if you like. Also, Spaf (Gene Spafford, the lead author of the book) gave a talk that was posted on YouTube that basically describes the ideas in the first chapter of the book. You’re welcome to watch that instead if you prefer, though its long (25 minutes) and I find Spaf to be a bit long-winded.)
That whole chapter is really about what cybersecurity is NOT – easily understood or definable. But what is cybersecurity? Here is a short document that is an introduction to a larger book of knowledge on cybersecurity, that tries to give a positive definition of cybersecurity – that is, it tries to say what cybersecurity is. Read that to see what at least one set of experts thinks cybersecurity is.
Summary + Question
OK, so if I chose good readings, and you read them thoughtfully, then you’ve got a lot of thoughts in your head about cybersecurity right now. Its complicated.
So I’d like you to do two things. First, try to summarize. What is cybersecurity? Write a brief (1 paragraph max) summary of what YOU think cybersecurity is after reading these readings. What kinds of things does “cybersecurity” cover? Second, ask a question. I’m sure there are many questions you could ask. Choose one you think is interesting, and ask it.
In this class, when there is a reading, you will usually be asked to submit a “Summary + Question” on Canvas.
There are three types of questions that you can ask (though you only have to ask one question):
- A confusion question asks about something that you are still confused about even after reading the assigned material. It can be confusion about a specific point or a more general confusion about the topic overall.
- A curiousity question asks about something that makes you want to learn more about. The readings may have gotten you to think about something else that is related, but not really discussed in the material that you don’t understand; that is, it got you to be curious about something else. This is a great chance to express that curiousity.
- A connection isn’t a question; instead, it is an example that applies the concept that your are learning to some other aspect of your life or some other interesting thing in the world.
After reading the material, come up with one question; it can be of any of these three types, and submit it on Canvas.
Both the summary and the question should be posted on the Quiz for today’s readings on Canvas. Do it before class on Thursday, and hopefully we’ll be able to discuss/answer some of these questions in class.