{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T08:55:15Z","timestamp":1743065715245,"version":"3.40.3"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030045364"},{"type":"electronic","value":"9783030045371"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-04537-1_2","type":"book-chapter","created":{"date-parts":[[2018,12,17]],"date-time":"2018-12-17T07:38:48Z","timestamp":1545032328000},"page":"23-38","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["An Evidence Quality Assessment Model for Cyber Security Policymaking"],"prefix":"10.1007","author":[{"given":"Atif","family":"Hussain","sequence":"first","affiliation":[]},{"given":"Siraj","family":"Shaikh","sequence":"additional","affiliation":[]},{"given":"Alex","family":"Chung","sequence":"additional","affiliation":[]},{"given":"Sneha","family":"Dawda","sequence":"additional","affiliation":[]},{"given":"Madeline","family":"Carr","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,12,18]]},"reference":[{"key":"2_CR1","unstructured":"D. Bestuzhev, How to survive attacks that result in password leaks? Securelist, Kaspersky Lab, Moscow, Russia, July 13, 2012."},{"issue":"4-5","key":"2_CR2","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/s10611-007-9058-4","volume":"46","author":"David Chaikin","year":"2007","unstructured":"D. Chaikin, Network investigations of cyber attacks: The limits of digital evidence, Crime, Law and Social Change, vol. 46(4-5), pp. 239\u2013256, 2006.","journal-title":"Crime, Law and Social Change"},{"key":"2_CR3","unstructured":"G. Corera, If 2017 could be described as \u201ccyber-geddon,\u201d what will 2018 bring? BBC News, December 30, 2017."},{"key":"2_CR4","unstructured":"P. Davies, Is evidence-based government possible? presented at the Fourth Annual Campbell Collaboration Colloquium, 2004."},{"issue":"2","key":"2_CR5","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1162\/ISEC_a_00136","volume":"38","author":"Erik Gartzke","year":"2013","unstructured":"E. Gartzke, The myth of cyberwar: Bringing war in cyberspace back down to Earth, International Security, vol. 38(2), pp. 41\u201373, 2013.","journal-title":"International Security"},{"issue":"1","key":"2_CR6","doi-asserted-by":"publisher","first-page":"138","DOI":"10.1093\/pa\/gsi012","volume":"58","author":"A. Glees","year":"2005","unstructured":"A. Glees, Evidence-based policy or policy-based evidence? Hutton and the government\u2019s use of secret intelligence, Parliamentary Affairs, vol. 58(1), pp. 138\u2013155, 2005.","journal-title":"Parliamentary Affairs"},{"issue":"4","key":"2_CR7","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1080\/03071847.2013.826509","volume":"158","author":"Clement Guitton","year":"2013","unstructured":"C. Guitton and E. Korzak, The sophistication criterion for attribution: Identifying the perpetrators of cyber attacks, The RUSI Journal, vol. 158(4), pp. 62\u201368, 2013.","journal-title":"The RUSI Journal"},{"key":"2_CR8","unstructured":"O. Hathaway, R. Crootof, P. Levitz, H. Nix, A. Nowlan, W. Perdue and J. Spiegel, The law of cyber attack, California Law Review, vol. 100(4), pp. 817\u2013886, 2012."},{"key":"2_CR9","unstructured":"IBM Security, IBM X-Force Threat Intelligence Index 2017, The Year of the Mega Breach, Somers, New York, 2017."},{"key":"2_CR10","unstructured":"E. Kaspersky, The man who found Stuxnet \u2013 Sergey Ulasen in the spotlight, Security Matters, Kaspersky Lab, Moscow, Russia (www.eugene.kaspersky.com\/2011\/11\/02\/the-man-who-found-stuxnet-sergey-ulasen-in-the-spotlight), November 2, 2011."},{"key":"2_CR11","unstructured":"Kaspersky Lab and Business Advantage, The State of Industrial Cybersecurity \u2013 Global Report, Woburn, Massachusetts and San Francisco, California, 2017."},{"issue":"5","key":"2_CR12","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1080\/03071847.2014.969932","volume":"159","author":"Robert M Lee","year":"2014","unstructured":"R. Lee and T. Rid, OMG Cyber! The RUSI Journal, vol. 159(5), pp. 4\u201312, 2014.","journal-title":"The RUSI Journal"},{"issue":"1","key":"2_CR13","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1111\/1467-9302.00145","volume":"19","author":"Graham Leicester","year":"1999","unstructured":"G. Leicester, Viewpoint: The seven enemies of evidence-based policy, Public Money and Management, vol. 19(1), pp. 5\u20137, 1999.","journal-title":"Public Money and Management"},{"key":"2_CR14","unstructured":"I. Levy, Active Cyber Defense \u2013 One Year On, National Cyber Security Centre, London, United Kingdom (www.ncsc.gov.uk\/information\/active-cyber-defence-one-year), 2018."},{"key":"2_CR15","unstructured":"Mandiant, APT1: Exposing One of China\u2019s Cyber Espionage Units, Alexandria, Virginia (www.fireeye.com\/content\/dam\/fireeye-www\/services\/pdfs\/mandiant-apt1-report.pdf), 2013."},{"issue":"2","key":"2_CR16","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1332\/174426408784614662","volume":"4","author":"Mark Monaghan","year":"2008","unstructured":"M. Monaghan, Appreciating cannabis: The paradox of evidence in evidence-based policy making, Evidence and Policy: A Journal of Research, Debate and Practice, vol. 4(2), pp. 209\u2013231, 2008.","journal-title":"Evidence & Policy: A Journal of Research, Debate and Practice"},{"issue":"2","key":"2_CR17","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1332\/1744264053730789","volume":"1","author":"G Mulgan","year":"2005","unstructured":"Mulgan, G.: Government, knowledge and the business of policy-making: The potential and limits of evidence-based policy. Evidence and Policy: A Journal of Research, Debate and Practice 1(2), 215\u2013226 (2005)","journal-title":"Evidence and Policy: A Journal of Research, Debate and Practice"},{"key":"2_CR18","unstructured":"National Cyber Security Centre, Password Guidance: Simplifying Your Approach, Guidance, London, United Kingdom (ncsc.gov.uk\/guidance\/password-guidance-simplifying-your-approach), 2016."},{"key":"2_CR19","unstructured":"National Cyber Security Centre, Weekly Threat Report, 22nd December 2017, Report, London, United Kingdom (www.ncsc.gov.uk\/report\/weekly-threat-report-22nd-december-2017), 2017."},{"key":"2_CR20","unstructured":"National Institute of Standards and Technology, CVE-2014-0160 Detail, National Vulnerability Database, Gaithersburg, Maryland (nvd.nist.gov\/vuln\/detail\/CVE-2014-0160), 2014."},{"issue":"1","key":"2_CR21","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1177\/0261018305048967","volume":"25","author":"Michael Naughton","year":"2005","unstructured":"M. Naughton, \u201cEvidence-based policy\u201d and the government of the criminal justice system \u2013 Only if the evidence fits! Critical Social Policy, vol. 25(1), pp. 47\u201369, 2005.","journal-title":"Critical Social Policy"},{"key":"2_CR22","unstructured":"S. Nutley, H. Davies and I. Walter, Evidence-Based Policy and Practice: Cross Sector Lessons from the UK, Working Paper 9, ESRC UK Centre for Evidence Based Policy and Practice, University of St. Andrews, St. Andrews, Scotland, United Kingdom, 2002."},{"key":"2_CR23","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1332\/policypress\/9781861341914.003.0002","volume-title":"What works?Evidence-based policy and practice in public services","author":"Sandra Nutley","year":"2000","unstructured":"S. Nutley and J. Webb, Evidence and the policy process, in What Works? Evidence-Based Policy and Practice in Public Services, H. Davies, S. Nutley and P. Smith (Eds.), Policy Press, Bristol, United Kingdom, pp. 13\u201341, 2000."},{"issue":"1-2","key":"2_CR24","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1080\/01402390.2014.977382","volume":"38","author":"Thomas Rid","year":"2014","unstructured":"T. Rid and B. Buchanan, Attributing cyber attacks, The Journal of Strategic Studies, vol. 38(1-2), pp. 4\u201337, 2015.","journal-title":"Journal of Strategic Studies"},{"key":"2_CR25","unstructured":"S. Shaikh, Future of the Sea: Cyber Security, Foresight, Government Office for Science, London, United Kingdom, 2017."},{"issue":"1","key":"2_CR26","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1332\/1744264052703177","volume":"1","author":"Louise Shaxson","year":"2005","unstructured":"L. Shaxson, Is your evidence robust enough? Questions for policy makers and practitioners, Evidence and Policy: A Journal of Research, Debate and Practice, vol. 1(1), pp. 101\u2013112, 2005.","journal-title":"Evidence & Policy: A Journal of Research, Debate and Practice"},{"key":"2_CR27","unstructured":"W. Solesbury, Evidence Based Policy: Whence it Came and Where it\u2019s Going, Working Paper No. 1, ESRC UK Centre for Evidence Based Policy and Practice, Queen Mary, University of London, London, United Kingdom, 2001."},{"key":"2_CR28","unstructured":"Strategic Policy Making Team, Professional Policy Making for the Twenty-First Century, Version 2.0, Cabinet Office, London, United Kingdom, 1999."},{"key":"2_CR29","unstructured":"L. Tanczer, I. Brass, M. Carr, J. Blackstock and M. Elsden, The United Kingdom\u2019s emerging Internet of Things (IoT) policy landscape, to appear in Rewired: Cybersecurity Governance, R. Ellis and V. Mohan (Eds.), Wiley, Hoboken, New Jersey."},{"issue":"3","key":"2_CR30","doi-asserted-by":"publisher","first-page":"1000","DOI":"10.1057\/sj.2015.35","volume":"30","author":"Adrian Venables","year":"2017","unstructured":"A. Venables, S. Shaikh and J. Shuttleworth, The projection and measurement of cyberpower, Security Journal, vol. 30(3), pp. 1000\u20131011, 2017.","journal-title":"Security Journal"},{"key":"2_CR31","unstructured":"N. Villeneuve, J. Bennett, N. Moran, T. Haq, M. Scott and K. Geers, Operation \u201cKe3chang:\u201d Targeted Attacks against Ministries of Foreign Affairs, FireEye, Milpitas, California (www.fireeye.com\/content\/dam\/fireeye-www\/global\/en\/current-threats\/pdfs\/wp-operation-ke3chang.pdf), 2014."},{"issue":"5","key":"2_CR32","doi-asserted-by":"publisher","first-page":"426","DOI":"10.2307\/3109916","volume":"39","author":"Carol H. Weiss","year":"1979","unstructured":"C. Weiss, The many meanings of research utilization, Public Administration Review, vol. 39(5), pp. 426\u2013431, 1979.","journal-title":"Public Administration Review"},{"key":"2_CR33","unstructured":"R. Whitt, Adaptive policy-making: Evolving and applying emergent solutions for U.S. communications policy, Federal Communications Law Journal, vol. 61(3), pp. 483\u2013590, 2009."},{"key":"2_CR34","doi-asserted-by":"crossref","unstructured":"K. Young, D. Ashby, A. Boaz and L. Grayson, Social science and the evidence-based policy movement, Social Policy and Society, vol. 1(3), pp. 215\u2013224, 2002.","DOI":"10.1017\/S1474746402003068"}],"container-title":["IFIP Advances in Information and Communication Technology","Critical Infrastructure Protection XII"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-04537-1_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,13]],"date-time":"2024-07-13T11:21:18Z","timestamp":1720869678000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-04537-1_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030045364","9783030045371"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-04537-1_2","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"18 December 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICCIP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Critical Infrastructure Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Arlington, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 March 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 March 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iccip2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ifip1110.org\/Conferences\/2018conferenceinformation.php","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}