%0 Journal Article %J Technology Innovation Management Review %D 2016 %T Intrusion Learning: An Overview of an Emergent Discipline %A Tony Bailetti %A Mahmoud Gad %A Ahmed Shah %K adversarial learning %K clustering %K cybersecurity %K enterprise %K intrusion detection %K intrusion learning %K learning algorithms %K machine learning %K real-time analysis %K resiliency %K security %K streaming network data %X The purpose of this article is to provide a definition of intrusion learning, identify its distinctive aspects, and provide recommendations for advancing intrusion learning as a practice domain. The authors define intrusion learning as the collection of online network algorithms that learn from and monitor streaming network data resulting in effective intrusion-detection methods for enabling the security and resiliency of enterprise systems. The network algorithms build on advances in cyber-defensive and cyber-offensive capabilities. Intrusion learning is an emerging domain that draws from machine learning, intrusion detection, and streaming network data. Intrusion learning offers to significantly enhance enterprise security and resiliency through augmented perimeter defense and may mitigate increasing threats facing enterprise perimeter protection. The article will be of interest to researchers, sponsors, and entrepreneurs interested in enhancing enterprise security and resiliency. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 6 %P 15-20 %8 02/2016 %G eng %U http://timreview.ca/article/964 %N 2 %1 Carleton University Tony Bailetti is an Associate Professor in the Sprott School of Business and the Department of Systems and Computer Engineering at Carleton University, Ottawa, Canada. Professor Bailetti is the Director of Carleton University's Technology Innovation Management (TIM) program. His research, teaching, and community contributions support technology entrepreneurship, regional economic development, and international co-innovation. %2 VENUS Cybersecurity Corporation Mahmoud M. Gad is a Research Associate at VENUS Cybersecurity. He holds a PhD in Electrical and Computer Engineering from the University of Ottawa in Canada. Additionally, he holds an MSc in Electrical and Computer Engineering from the University of Maryland in College Park, United States. His research interests include cybercrime markets, machine learning for intrusion detection, analysis of large-scale networks, and cognitive radio networks. %3 Carleton University Ahmed Shah holds a BEng in Software Engineering and is pursuing an MASc degree in Technology Innovation Management at Carleton University in Ottawa, Canada. Ahmed has experience working in cybersecurity research with the VENUS Cybersecurity Corporation and has experience managing legal deliverables at IBM. %R http://doi.org/10.22215/timreview/964 %0 Journal Article %J Technology Innovation Management Review %D 2015 %T Securing Cyberspace: Towards an Agenda for Research and Practice %A Renaud Levesque %A D’Arcy Walsh %A David Whyte %K Canada %K challenges %K countermeasures %K cyber security %K cybersafety %K cybersecurity %K cyberspace %K detection %K Internet of Things %K leadership %K mitigation %K research %K security %X In this article, we seek to identify the important challenges preventing security in cyberspace and to identify the key questions that nations should set out to answer to play a leading role in securing cyberspace. An important assertion is that the challenge of securing cyberspace transcends the abilities of any single entity and requires a radical shift in our approach in how: i) research is conducted, ii) cybersecurity researchers are educated, iii) new defendable systems are developed, and iv) effective defensive countermeasures are deployed. Our response draws upon extensive source material and our personal experiences as cybersecurity professionals contributing to the establishment of the VENUS Cybersecurity Corporation, a not-for-profit corporation that aims to make Canada a global leader in cybersecurity. We view the challenge to be global and transdisciplinary in nature and this article to be of relevance world-wide to senior decision makers, policy makers, managers, educators, strategists, futurists, scientists, technologists, and others interested in shaping the online world of the future. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 5 %P 26-34 %8 11/2015 %G eng %U http://timreview.ca/article/943 %N 11 %1 Communications Security Establishment Renaud Levesque is the Director General of Core Systems at the Communications Security Establishment (CSE) in Ottawa, Canada, where he is responsible for R&D and systems development. He has significant experience in the delivery of capability and organizational change in highly technical environments. His career began at CSE in 1986 as a Systems Engineer, responsible for the development and deployment of numerous systems, including the CSE IP corporate network in 1991. In 2000 Renaud went to work in the private sector as Head of Speech Technologies at Locus Dialogue, and later at Infospace Inc., where he became Director of Speech Solutions Engineering. He rejoined CSE in 2003, where he assumed the lead role in the IT R&D section. Subsequently, as a Director General, he focused efforts towards the emergence of CSE's Joint Research Office and The Tutte Institute for Mathematics and Computing. Renaud holds a Bachelor of Engineering from l’École Polytechnique, Université de Montréal, Canada. %2 Communications Security Establishment D’Arcy Walsh is a Science Advisor at the Communications Security Establishment (CSE) in Ottawa, Canada. His research interests include software-engineering methods and techniques that support the development and deployment of dynamic systems, including dynamic languages, dynamic configuration, context-aware systems, and autonomic and autonomous systems. He received his BAH from Queen’s University in Kingston, Canada, and he received his BCS, his MCS, and his PhD in Computer Science from Carleton University in Ottawa, Canada. %3 Communications Security Establishment David Whyte is the Technical Director for the Cyber Defence Branch at the Communications Security Establishment (CSE) in Ottawa, Canada. He is CSE's technical lead responsible for overseeing the implementation of the next-generation cyberthreat-detection services for the Government of Canada. He has held many positions over the last 16 years within CSE that span both the Signals Intelligence and Information Technology Security mission lines. David holds a PhD in Computer Science from Carleton University in Ottawa, Canada. The main focus of his research is on the development of network-based behavioural analysis techniques for the detection of rapidly propagating malware. %R http://doi.org/10.22215/timreview/943 %0 Journal Article %J Technology Innovation Management Review %D 2015 %T TIM Lecture Series – When Are Software Systems Safe Enough? %A Chris Hobbs %K risk %K safety %K safety-critical systems %K security %K software systems %K standards %K testing %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 5 %P 56-58 %8 12/2015 %G eng %U http://timreview.ca/article/953 %N 12 %1 QNX Software Systems Chris Hobbs is a Software Safety Consultant at QNX Software Systems in Ottawa, Canada. He was educated as a mathematical philosopher, but finding few jobs available for mathematical philosophers, fell enthusiastically into computer programming where he has spent the last 40 years avoiding management positions and remaining at the leading edge of software development. At QNX Software Systems, he is part of a team focussed on deploying QNX's operating system into safety-critical systems. He works on the safety certification of QNX's products and spends a lot of time with QNX's customers, helping them to design systems to meet specific safety requirements. He is the author of Embedded Software Development for Safety-Critical Systems and The Largest Number Smaller Than Five. %R http://doi.org/10.22215/timreview/953 %0 Journal Article %J Technology Innovation Management Review %D 2014 %T Defining Cybersecurity %A Dan Craigen %A Nadia Diakun-Thibault %A Randy Purse %K cybersecurity %K cyberspace %K definition %K interdisciplinary %K security %X Cybersecurity is a broadly used term, whose definitions are highly variable, often subjective, and at times, uninformative. The absence of a concise, broadly acceptable definition that captures the multidimensionality of cybersecurity impedes technological and scientific advances by reinforcing the predominantly technical view of cybersecurity while separating disciplines that should be acting in concert to resolve complex cybersecurity challenges. In conjunction with an in-depth literature review, we led multiple discussions on cybersecurity with a diverse group of practitioners, academics, and graduate students to examine multiple perspectives of what should be included in a definition of cybersecurity. In this article, we propose a resulting new definition: "Cybersecurity is the organization and collection of resources, processes, and structures used to protect cyberspace and cyberspace-enabled systems from occurrences that misalign de jure from de facto property rights." Articulating a concise, inclusive, meaningful, and unifying definition will enable an enhanced and enriched focus on interdisciplinary cybersecurity dialectics and thereby will influence the approaches of academia, industry, and government and non-governmental organizations to cybersecurity challenges. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 4 %P 13-21 %8 10/2014 %G eng %U http://timreview.ca/article/835 %N 10 %1 Communications Security Establishment Dan Craigen is a Science Advisor at the Communications Security Establishment in Canada. Previously, he was President of ORA Canada, a company that focused on High Assurance/Formal Methods and distributed its technology to over 60 countries. His research interests include formal methods, the science of cybersecurity, and technology transfer. He was the chair of two NATO research task groups pertaining to validation, verification, and certification of embedded systems and high-assurance technologies. He received his BScH and MSc degrees in Mathematics from Carleton University in Ottawa, Canada. %2 Communications Security Establishment Nadia Diakun-Thibault is Senior Science and Analytics Advisor at the Communications Security Establishment in Canada. She holds a Master's degree in Public Administration from Queen's University in Kingston, Canada, and an ABD (PhD) degree in Slavic Languages and Literatures from the University of Toronto, Canada. She has served as Parliamentary Advisor to Members of Parliament and held an Order-in-Council appointment to the Province of Ontario's Advocacy Commission. Her research interests include neurophilosophy, semiotics, linguistics, and public policy. She is also an adjunct faculty member in the Department of Computer Science and Engineering at North Carolina State University in the United States. %3 Communications Security Establishment Randy Purse is the Senior Learning Advisor at the Information Technology Security Learning Centre at the Communications Security Establishment in Canada. A former officer in the Canadian Forces, he is an experienced security practitioner and learning specialist. His research interests include the human dimensions of security and collective and transformative learning in the workplace. He has a Master’s of Education in Information Technology from Memorial University of Newfoundland in St. John's, Canada, and he is a PhD candidate specializing in Adult and Workplace Learning in the Faculty of Education at the University of Ottawa, Canada. %R http://doi.org/10.22215/timreview/835 %0 Journal Article %J Technology Innovation Management Review %D 2014 %T The Online World of the Future: Safe, Productive, and Creative %A Tony Bailetti %A Renaud Levesque %A D’Arcy Walsh %K bisociation %K cybersecurity %K excludability %K future vision %K Industrial Internet %K Internet %K Internet of Everything %K Internet of Things %K online %K productivity %K rivalry %K safety %K security %X A safer online world is required to attain higher levels of productivity and creativity. We offer a view of a future state of the online world that places safety, productivity, and creativity above all else. The online world envisaged for 2030 is safe (i.e., users communicate with accuracy and enduring confidence), productive (i.e., users make timely decisions that have an ongoing global effect), and creative (i.e., users can connect seemingly unrelated information online). The proposed view differs from other views of the future online world that are anchored around technology solutions, confrontation, deception, and personal or commercial gain. The following seven conditions characterize the proposed view of the online world: i) global-scale autonomous learning systems; ii) humans co-working with machines; iii) human factors that are authentic and transferrable; iv) global scale whole-brain communities; v) foundational knowledge that is authentic and transferrable; vi) timely productive communication; and vii) continuous technological adaptation. These conditions are expected to enable new social-behavioural, socio-technical, and organizational interaction models. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 4 %P 5-12 %8 10/2014 %G eng %U http://timreview.ca/article/834 %N 10 %1 Carleton University Tony Bailetti is an Associate Professor in the Sprott School of Business and the Department of Systems and Computer Engineering at Carleton University, Ottawa, Canada. Professor Bailetti is the Director of Carleton University's Technology Innovation Management (TIM) program. His research, teaching, and community contributions support technology entrepreneurship, regional economic development, and international co-innovation. %2 Communications Security Establishment Renaud Levesque is the Director General of Core Systems at the Communications Security Establishment (CSE) in Ottawa, Canada, where he is responsible for R&D and systems development. He has significant experience in the delivery of capability and organizational change in highly technical environments. His career began at CSE in 1986 as a Systems Engineer, responsible for the development and deployment of numerous systems, including the CSE IP corporate network in 1991. In 2000 Renaud went to work in the private sector as Head of Speech Technologies at Locus Dialogue, and later at Infospace Inc., where he became Director of Speech Solutions Engineering. He rejoined CSE in 2003, where he assumed the lead role in the IT R&D section. Subsequently, as a Director General, he focused efforts towards the emergence of CSE's Joint Research Office and The Tutte Institute for Mathematics and Computing. Renaud holds a Bachelor of Engineering from l’École Polytechnique, Université de Montréal, Canada. %3 Communications Security Establishment D’Arcy Walsh is a Science Advisor at the Communications Security Establishment (CSE) in Ottawa, Canada. His research interests include software-engineering methods and techniques that support the development and deployment of dynamic systems, including dynamic languages, dynamic configuration, context-aware systems, and autonomic and autonomous systems. He received his BAH from Queen’s University in Kingston, Canada, and he received his BCS, his MCS, and his PhD in Computer Science from Carleton University in Ottawa, Canada. %R http://doi.org/10.22215/timreview/834 %0 Journal Article %J Technology Innovation Management Review %D 2014 %T Safety in the Online World of the Future %A Nadeem Douba %A Björn Rütten %A David Scheidl %A Paul Soble %A D’Arcy Walsh %K cybersecurity %K prospect theory %K risk-based decision making %K safety %K security %K weak transdisciplinary %X In this article, we address what it means to be safe in the online world of the future by advocating the perspective whereby improving safety will improve resilience in cyberspace. We adopt a specific approach towards transdisciplinarity; present a weakly transdisciplinary model of the safety context and an initial position about what existing disciplines are most relevant; and link prospect theory to risk-based decision making as one example that could lead to a new paradigm for safety. By treating safety as a transdisciplinary challenge, there is an opportunity to enable the participants of the online world to become more productive and creative than ever before. The beneficiary of this increased productivity and creativity will ultimately be the public. The perspective of this article is of interest to senior decision makers, policy makers, managers, educators, strategists, futurists, scientists, technologists, and others interested in shaping the online world of the future. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 4 %P 41-48 %8 11/2014 %G eng %U http://timreview.ca/article/849 %N 11 %1 Red Canari Nadeem Douba is the founding principal of Red Canari, an information security consulting firm that specializes in the areas of information technology and cybersecurity. With over 15 years experience, Nadeem provides consulting and training services for organizations within the public and private sector. He has also presented at some of the world's largest security conferences and is the author of many well-known open source security tools, including one used by the Internet Archive project. His primary research interests include open source intelligence, application and operating system security, and big data. He received his BEng in Systems and Computer Engineering from Carleton University in Ottawa, Canada. %2 The Conference Board of Canada Björn Rütten is the Senior Research Associate for National Security and Public Safety with The Conference Board of Canada. Bjorn leads the Conference Board’s research projects in the area of national security and public safety and is responsible for the development and execution of the research plan of the Centre for National Security. He also contributes to other security-related network and research initiatives, such as those of the Centre for the North. %3 Carleton University David Scheidl is a recent graduate from the Global Politics program at Carleton University in Ottawa, Canada. During his studies, he focused on security intelligence and geopolitics, with special emphasis on Western security agencies in both the cybersecurity and real-world intelligence fields. He has extensive background in military communications, having served in the Army Signals Reserve since 2009. %4 Communications Security Establishment Paul Soble is a Science Advisor at the Communications Security Establishment (CSE) in Ottawa, Canada. Over the past three decades, he has held a variety of positions at CSE in the areas of enterprise architecture, visualization and data mining, speech and text natural language processing, adaptive antenna arrays, and systems development. He received his BSc and MSc degrees in Electrical Engineering from University of Manitoba in Winnipeg, Canada, and he is a licensed professional engineer in the province of Ontario. %# Communications Security Establishment D’Arcy Walsh is a Science Advisor at the Communications Security Establishment (CSE) in Ottawa, Canada. His research interests include software-engineering methods and techniques that support the development and deployment of dynamic systems, including dynamic languages, dynamic configuration, context-aware systems, and autonomic and autonomous systems. He received his BAH from Queen’s University in Kingston, Canada, and he received his BCS, his MCS, and his PhD in Computer Science from Carleton University in Ottawa, Canada. %R http://doi.org/10.22215/timreview/849 %0 Journal Article %J Technology Innovation Management Review %D 2014 %T TIM Lecture Series – Web Infections and Protections: Theory and Practice %A Arnold Kwong %K attack vectors %K countermeasures %K cybersecurity %K infections %K Internet %K privacy %K security %K targets %K threat vectors %K threats %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 4 %P 35- %8 03/2014 %G eng %U http://timreview.ca/article/774 %N 3 %1 Extratelligence Arnold Kwong has over thirty years experience in management, manufacturing, and technology applications. His operational expertise and cross-disciplinary outlook have been applied in planning, analysis, implementation, and problem-solving settings. A strong operational emphasis on quality and risk management comes from extensive practical work. Ongoing technical expertise, with ongoing research and application publications, focus on telecommunications, security models, mobile financial applications security, complex systems integration and deployment, software modeling of enterprises, real-time data collection, and advancements in computer science. His technical experiences include a core of multivendor complex systems analysis; data base/storage/data communications relationships; software design, development, and evaluation; and hardware/software architectural design and implementation issues. Areas of specific management expertise include complex product development and management, technological risk management, and regulatory compliance for organizations in both the public and private service and manufacturing sectors. Areas of specific technical experience include application architectures; system architectures; applications and Internet security; storage/data base administration, management, and enterprise modeling; networking and data communications; and computer science research. %R http://doi.org/10.22215/timreview/774 %0 Journal Article %J Technology Innovation Management Review %D 2013 %T Servitization in a Security Business: Changing the Logic of Value Creation %A Arto Rajala %A Mika Westerlund %A Mervi Murtonen %A Kim Starck %K co-creation %K customer value creation %K objectification %K products %K security %K services %K servitization %K value provision %X How can a firm change its value-creation logic from providing technology to selling technology-based services? This is a question many security companies face today when trying to apply a solutions-based business model in response to recent macro- and microeconomic trends. The fact that customers increasingly demand security as a service, rather than technical equipment, challenges the basis of a security firm's value provision and alters the logic of its operation. In this article, we investigate a technology- and product-oriented security business that is now rapidly transforming into a service business. We use data from a case study to propose a 4C model (conceptualization, calculation, communication, and co-creation of value) that can help security providers to objectify their service offerings and succeed in the servitization of their security businesses. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 3 %P 65-72 %8 08/2013 %G eng %U http://timreview.ca/article/718 %N 8 %1 Aalto University Arto Rajala, D.Sc. (Econ.) is a Senior Researcher in the School of Business at Aalto University in Finland. He earned his doctoral degree in Marketing from the Helsinki School of Economics. Arto's current research interests include business networks, business marketing, business-to-business service development, and innovation ecosystems. %2 Carleton University Mika Westerlund, D. Sc. (Econ.) is an Assistant Professor at Carleton University’s Sprott School of Business in Ottawa, Canada. He previously held positions as a Postdoctoral Scholar in the Haas School of Business at the University of California Berkeley and in the School of Economics at Aalto University. Mika earned his doctoral degree in Marketing from the Helsinki School of Economics. His current research interests include open innovation, business strategy, and management models in high-tech and service-intensive industries. %3 VTT Technical Research Centre of Finland Mervi Murtonen is a senior scientist at VTT Technical Research Centre of Finland. Her research interests include risk assessment practices, security management systems and contracted security services. Mervi holds an MSc degree in Electrical Engineering from Tampere University of Technology, Finland. Currently, she is finalizing her doctoral thesis on supplier-perceived customer value in business-to-business security services. %4 Stanley Security Finland Kim Starck is a Sales and Security Director at Stanley Security Finland. He has strong experience in sales, sales management, as well as security and quality management. Kim has broad understanding of business operations and operations management, and he holds a Professional Master of Security (MBA) degree from Aalto University, Finland. He has been actively involved in process and solution development at Stanley Security. %R http://doi.org/10.22215/timreview/718 %0 Journal Article %J Technology Innovation Management Review %D 2013 %T TIM Lecture Series – Energy Efficiency and Data Security in Modern Data Centres %A Jerry Glowka %K data centre %K design %K energy conservation %K green innovation %K power saving %K security %K storage %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 3 %P 41-44 %8 02/2013 %G eng %U http://timreview.ca/article/659 %N 2 %1 IceBerg Networks Jerry Glowka is the Vice President of Solutions Architecture at IceBerg Networks (http://icebergnetworks.com). Jerry has deeply developed skills in networking, security, and storage that allows him to combine best-of-breed technology to produce robust secure solutions for data centres as well as cloud computing. Jerry has been successful in identifying, working with, and bringing together world-leading technologies to address data centre exhaust and unmanageable power demands, and to overcome consumer fears related to the use of virtualized resources. Jerry is IceBerg's representative in the NSERC Strategic Network for Smart Applications on Virtual Infrastructure (SAVI), which is researching the evolution of today's Internet, its protocols, and its structure. %R http://doi.org/10.22215/timreview/659 %0 Journal Article %J Technology Innovation Management Review %D 2013 %T TIM Lecture Series – Using Risk to Drive a Security Service %A Paul Card %K cybersecurity %K platforms %K risk management %K security %K services %K strategy %K uncertainty %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 3 %P 42-45 %8 06/2013 %G eng %U http://timreview.ca/article/696 %N 6 %1 Seccuris Paul Card is Director of R&D at Seccuris. He has more than 10 years of experience working with domestic and international companies to advance technology, research, and development strategies. Prior to joining Seccuris, Paul was a Research Scientist at TR Labs, where he was responsible for the security research portfolio. He has worked with over 20 different ICT companies in research and development activities. Paul holds a PhD and MSc in Electrical and Computer Engineering from the University of Manitoba in Winnipeg, Canada. Paul is an Adjunct Professor of the University of Manitoba, and he is a member of the IEEE and the ACM. %R http://doi.org/10.22215/timreview/696