In order to better understand which advanced research methods can benefit a cybersecurity space, it is vital to recognize the core responsibilities of a cybersecurity project manager. The primary functions of a cyber security project manager revolve around the monitoring of information flows throughout a firm’s network (Tulane University, n.d.). Operations that occur within the network must pass through a functioning infrastructure that is facilitated by a manager and appropriate utilities. In more detail, this includes the maintenance and application of software upgrades, hardware systems, and network performance. A cybersecurity manager may also observe resource management within a firm. Critical operations within the firm must always have appropriate resources and a manager is often in the role of maintaining such necessary tools and materials. Cybersecurity managers may also allocate and use resources in an appropriate way to achieve tasks within the firm. Cybersecurity – specific resource management may include network bandwidth, employees that specialize in cybersecurity, and technological resources such as hardware or software.
These responsibilities indicate in which areas cybersecurity managers may require focused research. Areas that are especially relevant include risk assessment, cybersecurity market analysis, and performance measurements. Risk assessment revolves around testing current infrastructure and resources against common threats to cybersecurity in the workspace. These may reflect internal and external factors that contribute to increased risk for the firm’s operations and information network. The market analysis can refer to the ways in which cybersecurity is currently evolving and adapting within a larger industry in which the firm operates. This can allow managers to utilize gathered information to apply and upgrade their current infrastructure, software, and other utilized tools. Performance measurements refer to the internal functions of the company and ways in which cybersecurity management contributes to the accomplishment of critical tasks within the firm. There are other ways in which a cybersecurity manager may apply research methods to increase the productivity and quality of a firm’s cybersecurity presence, but these three functions are integral.
Advanced research methods include distinct skills such as categorization, description, comparison, explanation, evaluation, correlation, prediction, and validation. It also allows for the appropriate use of qualitative and quantitative studies and the understanding of which is relevant for what purpose (Benedetti, n.d.). Within the realm of cybersecurity, these elements can be usefully adapted in all three areas which are risk management, market analysis, and performance measurements While quantitative data may seem to be more prevalent, qualitative information is also important for a manager as it explores user experience within the firm. Advanced research methods that are specific within the area of cybersecurity include theoretical frameworks such as observational, mathematical, and experimental studies.
Observational studies include three distinct models for research which are exploratory, descriptive, and machine learning studies. All of these approaches center on the interpretation of collected observations regarding systems, models, theories, and designs of cybersecurity. Exploratory studies focus on the collection of cross-sectional, case-control, ecological, and longitudinal findings within the realm of cybersecurity (Edgar & Manz, 2017). Analysis bias is also an integral component of utilizing observational findings. Descriptive studies vary as they primarily focus on the in-depth understanding of specific cases of elements of cybersecurity. As such, they include case studies, surveys, and case reports. Their results often work as guides in regards to the selection of appropriate methods or models of cybersecurity for those working within the industry. Machine learning studies refer to purely quantitative approaches which implement computational algorithms in order to form usable models out of empirical data. This is especially beneficial in regard to performance measurement as it allows a firm to produce learning-based models that function within practical contexts.
Mathematical studies consist of theoretical research and the use of simulations to access findings. Theoretical studies are defined by definitions, propositions, predictions, interrelated concepts, and relationship and outcome models. As such, formal cybersecurity theoretical research frameworks develop existing and upcoming concepts specifically in relation to functioning cybersecurity. It is primarily focused on qualitative data. An adequate theory is testable, and as such, concepts developed within the theoretical research field must be provable within real-world contexts in order to remain relevant (Lu, 2018). With evolving technology, the use of simulation for research purposes has become more adept and influential in the translation of findings to developing real-life models. This is especially relevant for cybersecurity, which exists primarily within a digital world and is closely related to accurate simulations. Though all of the digital space cannot be mathematically modeled to create an accurate simulation, in regard to collecting accurate empirical data, simulations are likely the most appropriate choice.
Experimental research studies include experimental research methods, hypothetico-deductive research, and quasi-experimental research. Experimental models are the least applicable within the real-life contexts of cybersecurity but are still relevant within the sphere of findings that do not fit into prior research models (Benzel, 2021). Experimental methods may provide outcomes that address unfair or unexplored issues and components of current cybersecurity. As such, they may be prevalent within market research and risk management, especially as the capabilities of cybersecurity are continuously evolving.
References
Benedetti, A. (n.d.). Advanced research methods. UCLA. Web.
Benzel, T. (2021). Cybersecurity research for the future.Communications of the ACM, 64(1), 26-28. Web.
Edgar, T. W., & Manz, D. O. (2017). Research methods for cyber security. Elsevier.
Lu, Y. (2018). Cybersecurity research: A review of current research topics.Journal of Industrial Integration and Management, 3(4). Web.
Tulane University. (n.d.). What does a cybersecurity manager do? Tulane University. Web.