This paper extends a new approach to integrating analogies and analytical methods from public health and other domains into cybersecurity by introducing a structured framework for evaluating and judiciously applying them. Based on principles of analogy theory, the framework categorizes aspects of analogies into a stoplight system—green, yellow, and red—allowing practitioners to assess their applicability and potential pitfalls. We then employ the Haddon Matrix, a specific analytical method from the public health domain, demonstrating its relevance and utility in analyzing cybersecurity threats such as credential theft via phishing. Finally, we extend the framework's application to other public health and safety models, illustrating how these analogies and analytical methods can be more broadly evaluated and potentially adopted in cybersecurity. Through these contributions, the paper offers a rigorous method for cross-disciplinary cybersecurity innovation, providing specific insights and a generalizable approach for future research and practice.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Extending Analogies and Applying Public Health Models to Cybersecurity

  • O. Sami Saydjari,
  • Josiah Dykstra,
  • Douglas Hough

摘要

This paper extends a new approach to integrating analogies and analytical methods from public health and other domains into cybersecurity by introducing a structured framework for evaluating and judiciously applying them. Based on principles of analogy theory, the framework categorizes aspects of analogies into a stoplight system—green, yellow, and red—allowing practitioners to assess their applicability and potential pitfalls. We then employ the Haddon Matrix, a specific analytical method from the public health domain, demonstrating its relevance and utility in analyzing cybersecurity threats such as credential theft via phishing. Finally, we extend the framework's application to other public health and safety models, illustrating how these analogies and analytical methods can be more broadly evaluated and potentially adopted in cybersecurity. Through these contributions, the paper offers a rigorous method for cross-disciplinary cybersecurity innovation, providing specific insights and a generalizable approach for future research and practice.