By Abdelouahid Derhab & Mohamed Belaoued
Organizations across the world have been continuously targeted by sophisticated, disruptive, damaging, and costly cyber-attacks. To address the aforementioned issue, security efforts have focused on how to prevent, detect, and recover from an attack. However, these efforts are defensive, reactive, and inefficient at stopping the damage as they only deal with the attacks after they occur. In recent years, the cybersecurity community has started adopting a proactive approach that aims to predict the likelihood of cyber threats, anticipate the cyber-attacks in advance, and avoid their damages. This policy brief highlights the importance of cyber threats prediction as a promising approach to improve the cybersecurity posture. It also provides recommendations for policymakers at the organizational, national, and international levels that contribute to building cyber threat prediction capabilities, and thus improving the cyber resiliency of organizations.
About the author(s)
Abdelouahid Derhab is an Associate Professor and Information Security Manager at the Center of Excellence in Information Assurance (COEIA), King Saud University. Also a member of the Information Security Management System Steering Committee at the center. His research interests include malware analysis, network security, intrusion detection, mobile security, Internet of things, smart grid, blockchain, and cybersecurity policies. He has served as a lead guest editor and on the editorial board of some peer-reviewed journals. He also served as a workshop chair, technical committee chair, and reviewer for many journals and international conferences. He contributed to developing the “BS Cybersecurity Degree Program” and “Higher Diploma in Cybersecurity” at King Saud University. He also delivered many training courses, lectures, and awareness sessions in the field of cybersecurity, such as network security, application security, information security management and auditing, and cybersecurity standards.
Mohamed Belaoued is an Associate Professor at the Department of Computer Science, University of Skidka, Algeria, and a researcher with LIRE laboratory at the software Technologies and Information Systems Department, University of Constantine 2. He completed his Master’s, and Ph.D. degrees in computer science at the University of Skikda, in 2011, and 2016, respectively. His research interests include malware analysis and detection, intrusion detection, network, and IoT security. He also served as a reviewer for peer-reviewed journals and as a member of technical committees for several international conferences.