I’ve been asked why I think there’s a gap between researchers and practice in Cybersecurity and why I started working on DTRAP.
By training and inclination, I am a theoretical mathematician, in other words, a pure researcher. I often describe this field in terms of a chicken. As a theoretical mathematician, I define a thing I call a chicken. I precisely define its properties and then I use that definition, and perhaps other mathematical principles, to prove things about my chicken. An applied mathematician takes this definition and then determines what constraints she needs to apply in order to apply my theoretical concepts to the real world. Unfortunately, these constraints are often quite severe because the applied mathematician is still working in a general case, just slightly more constrained. However, it’s usually more applicable than my original abstract discussion.
A practitioner comes along and says “No really, I have a chicken. It just laid an egg. I need to deal with this problem.” The solution to that problem is generally a combination of the theoretical and the applied, but the practitioner doesn’t always have the time to search through the research to find it. They need to solve the problem as they have it right now. The practitioner is often dealing with a fast paced world involving money constraints and a desire to solve the problem quickly as opposed to the often drawn out research seen in academia.
That’s how I describe the difference between the two. The researcher is interested in the general case of “thing defined as chicken” while the practitioner has the chicken laying an egg. It’s a way of approaching a problem, each side has a different method.
I’ve actually had Cybersecurity researchers in academia inform me that there’s nothing a practitioner can tell them that would change what they look at, and similarly, I’ve had practitioners tell me there’s nothing a researcher can tell them that will help them solve their current problems. I think both attitudes are wrong and communication is necessary. As I said before, each side approaches the problems differently, which doesn’t help in communication.
Cybersecurity is a very practical field. Both sides need to communicate, practitioners for their take on their current problems and what they see as possibly happening in the future and researchers for their abilities to frame these problems in the best context for research on solving them. There are conferences that tackle these problems, but while I’ve found them to be very useful and interesting, I believed a journal would help us attract a wider audience on both sides of the problem.
And that’s why I started the work on DTRAP.