This thesis documents the creation of a theoretical basis for the Cyber Security field. While there is no shortage of experience-driven, practical guidelines for ‘Best Practices’ in Cyber Security, the Cyber Security field has no theoretical basis, per se. Without a theoretical framework, Cyber Security is ultimately hindered in its ability to describe, provide an overall and complete ‘big picture’ understanding of, and thus, how best to design and implement Cyber Security Best Practices. This thesis seeks to address this shortfall by introducing the theoretical framework of International Relations (IR) as the basis for generating a theoretical framework for the Cyber Security field. More specifically, this work will draw upon Technology and Security-specific IR theories to generate a framework that is then ‘tailored’ to describe, understand, clarify, and hopefully to predict the nature of Cyber Security. The goal of this work is clarify the threats, scope, and behavior of those threats, how they pertain to any operator of any size, and ultimately, how best to survive and thrive in cyberspace. Once this theoretical framework is established, it will then be ‘validated’ by comparing it with existing experience-based Cyber Security Best Practices, to determine how ‘good a fit’ there really is between the theoretically-predicted and industry-observed Best Practices. A longer-term goal of this Thesis is to offer this framework as a basis with which not only to more fully understand Cyber Security Best Practices, but also to seek out ‘missing’ best practices, whether in this thesis, or in other, future research.

Recommended Citation: Kleinberg H., Reinicke B., Cummings J., Tagliarini G., (2015). Building a Theoretical Basis for Cyber Security Best Practices. UNCW MS CSIS Proceedings. V. 9 , N. 12 .