REVIEWS

The Cyber-Risk Informatics is a sequel to Dr. Sahinoglu’s earlier Wiley text of 2007 and is a reinforcement of his popularized risk metric approach to assessing and managing security and reliability of cyber components and networks at large. His Cyber-Risk assurance modeling, employing math statistically sound metric approaches, from Healthcare to Cloud Computing to name a few themes that he has implemented is not to be encountered in today’s many case study-based textbooks. I certainly take pride in writing a new foreword this time 8 full years later for his follow-up as I was pleased to personally recommend back in 2011 to prepare a new manuscript to incorporate all of his new findings and journal publications. The inaction of not creating this text otherwise would have left a serious void and waste of resources to reach our new generation of risk (fire) fighters to quench the widely prevalent network (forest) breaches (arsons) as the metaphor goes, if you will.

It is my distinct pleasure to highly recommend this book of multi- and transdisciplinary nature equipped with numerical methods and directly related to software application provided for the readers and students as a gluing medium to synergize all the necessary components of research from Testing to Simulation and from Security Assessment to Cloud Computing and hands-on lab practices. His goal to emphasize the strong link between the academic and corporate worlds that complement one another is well justified. I strongly recommend anyone eager to learn new depths in Cyber-Risk modeling to visit this museum of knowledge that will become a scientific classic to refer to in the decades ahead.

In Memoriam: The academic world with great sadness has lost Professor CV Ramamoorthy on March 9, 2016 to eternity at 90; however his spectacular deeds and unforgettable selfless enlightenments of all scholars around the world will never get lost, and his ever-smiling countenance full of wisdom will always be remembered endlessly at every occasion. A good man and gentleman, who helped many when they were in down times, has proudly made his journey. He was a gentle guide and kind mentor to countless and will be dearly missed. May he rest in peace!

Posthumously To: Dearest Professor Ramamoorthy, This book would have been in your masterful palms adorned and enriched with your natural, humbling observance had you in good health prevailed since the book’s prompt delivery was arranged to be sent to you by WILEY. You still will receive it. I would be remiss if I did not quote your timeless and wonderfully crafted e-mail related to the essence of a textbook you encouraged me to compose when you said this project was a must-do. Forever Gratefully!

Dear Prof. Mehmet,

Wonderful information. The topic you are discussing is most important and timely. Please compose an excellent text into an easy to follow sequence of the critical ideas in your presentation—for the layman, to a graduate engineer, and a practicing entrepreneur or financial banker. As I mentioned before, you have the God-given talent in conveying in a very comprehensible form the complex ideas people often find difficult to simplify. I am forwarding this recommendation to John Wiley publisher, Dr. Brett Kurzman of John Wiley to entice you to develop this project. Warmest Regards. Sincerely / RAM

C. V. Ramamoorthy, M.S./Ph.D., Harvard University in EE and Applied Math (Computer Science) Distinguished Professor (Emeritus) of Computer Sciences and Electrical Engineering at the University of California at Berkeley, California. His awards are not limited to IEEE Life Fellow, SDPS Fellow and SR Research Fellow of the ICC Institute at the University of Texas, Austin; Honorary Doctorate in Taiwan and many universities around the world; Editor-in-Chief of IEEE Transactions on Software Engineering and International Journal of Software Engineering and Artificial Intelligence and IEEE Transactions on Knowledge and Data Engineering; Coeditor-in-Chief of the International Journal of Systems Integration and of the Journal of the Society of Design and Process Science; Distinguished Scholar Award, Society for Design & Process Science, 1995; IEEE Richard E. Merwin Award, 1993; IEEE Computer Society Meritorious Service Award, 1991; IEEE Computer Society Taylor Booth Award, 1990; IEEE Computer Society Outstanding Award, 1987; IEEE Centennial Medal, 1984; Fellow, IEEE, 1978; IEEE Computer Society, Special Education Award, 1978; IEEE Computer Society, Honor Roll Award, 1974; Admiral Grace Hopper Chair, Naval Postgraduate School and others.

The critical status of cybersecurity in today’s connected world is self-evident from countless unwanted security breaches in all walks of life. The Cyber-Risk Informatics has many interesting discussions and illustrative examples that will present students and other researchers an overview to understand the importance of this area. Furthermore, this book, in addition to examples, presents several computational and intellectual challenges to students and other researchers in this area. The new text on cyber assurance modeling proceeds with a good foundation in mathematics and statistics and culminates to game-theoretic risk computing (including the sensory networks), as well as simulation-based best practices and continues with the popular topic, such as Cloud Computing, in terms of its performance characteristics. This text finally offers the students and researchers a chance to learn enough about the hands-on lab practices to help land a decent cybersecurity job. These building blocks click well with synergy while carefully executed through plenty of examples and screenshots. It is a useful reference text for students and researchers taking courses in search for cybersecurity metrics and risk management methods given the lack of technical resources in this area.

S. S. Iyengar, Ph.D., Director and Ryder Professor, Department of Computer Science FIU School of Computing and Information Sciences, Miami, FL. His awards are not limited to IEEE Fellow, ACM Fellow, AAAS Fellow, and National Academy of Inventors Fellow; Recipient of Florida Innovation Award; The Association of Scientists and Developers and Faculty Award (India); Distinguished Service Award (LSU); Distinguished Research Award (China); IEEE Computer Society Technical Achievement Award; IEEE Computer Society Meritorious Award; IEEE Computer Society Golden Core Membership; LSU Prestigious Distinguished Research Master Award; IEEE Distinguished Visitor, NASA Faculty Fellow; Editor to 16 IEEE and other journals; authored 20 books from sensors to robotics with 5 patents and numerous grants.

In my daily dealings as a director of a cybersecurity center of national importance and as an academician, I have felt the need for a book that gives me foundations and tools to deal with important issues on risk assessment in cybersecurity. Not only I but my many peers across the country have felt the void of a pedagogical resource that combines building blocks of quantitative concepts and practice of risk assessment. This much needed book fills a void in the cybersecurity field. The field of cybersecurity has advanced at a very rapid pace, but the theory and pedagogical components have not kept pace with this advance. This is perhaps the first book that first gives the fundamentals of risk assessment, much needed statistical foundations, network principles, reliability, game-theoretic foundations, etc. and presents it an easy-to-understand manner without compromising the rigor of the field. The book will be very useful to layman and practitioners in the cybersecurity arena, especially in regard to the hands-on lab exercises, as in Chapter 10 and full Java-assisted applets in the Cyber-Risk Solver website with a solution set.

I know that this book will be on my desk within easy reach. I can find no other person better qualified than Professor Mehmet Sahinoglu to address the very important areas of quantitative risk assessment. Professor Sahinoglu brings the best of his academic expertise and 35 years of experience in the field to present a unique balance of theory, practice, and research in this book. The pedagogical components including examples and lab exercises make this book unique and exemplary.

Vir V. Phoha, Ph.D., formerly Director of Center for Secure Cyberspace, College of Engineering, Louisiana Tech University, Ruston, LA; currently Professor of Electrical Engineering and Computer Science, L.C. Smith College of Engineering and Computer Science, Syracuse University, Syracuse, NY.

This may be the first book of its kind in a long time—one that brings real engineering and science back into the world of Cyber-Risk assessments. One of the growing challenges in the world of security today is simply to arrive at a concrete definition of risk. There are literally thousands of books written on or related to the subject of risk in the cybersecurity world. However, finding a book that describes risk in quantitative terms is nearly impossible. The modern practice of determining Cyber-Risk is instead left to the philosophical whims of qualitative deductions and long lists of gadgets and software that will surely make you cyber secure. In a time when computing power is at an all-time high, we find ourselves facing a dearth of knowledge with regard to understanding how much risk we are actually exposed to in our systems. So the question remains, “Does anybody really know what Cyber-Risks we are...