Skip to main content

Argument-Driven Inquiry for Selecting New Cybersecurity Technologies

As the threat landscape of cybersecurity continues to evolve, organizations must keep pace with the latest technologies and solutions to protect themselves against attacks. However, with so many options available, selecting the right cybersecurity technology can be a challenging task. That's where the framework of argument-driven inquiry (ADI) can be helpful.


ADI is a problem-solving framework used in science education to help students develop critical thinking skills. It can also be applied to cybersecurity to help organizations select new technologies. The seven steps of ADI can guide organizations through the process of selecting the right cybersecurity technology:

  1. Identify a problem: The first step is to identify the problem that the organization is trying to solve. For example, the problem could be that the current security solution is not providing adequate protection against the latest threats.
  2. Develop a question: Once the problem has been identified, the next step is to develop a question that can be answered through the process of argumentation. This question should be specific, focused, and answerable based on available data. For example, "Which new cybersecurity technology provides the best protection against the latest threats?"
  3. Develop a hypothesis: The next step is to develop a hypothesis that can be used to answer the question. The hypothesis should be based on available evidence and should be testable through the process of argumentation. For example, "The new technology A provides better protection against the latest threats than the new technology B."
  4. Collect data: The next step is to collect data that can be used to support or refute the hypothesis. This data should be collected from a variety of sources, including internal data from the organization's cybersecurity systems, external data from threat intelligence sources, and data from academic research. For example, data on the effectiveness of new technologies against the latest threats can be collected from security vendors, threat intelligence reports, and academic research papers.
  5. Analyze the data: Once data has been collected, the next step is to analyze the data to determine whether the hypothesis is supported or refuted. This analysis should be rigorous and should take into account any limitations of the data. For example, data on the effectiveness of new technologies can be analyzed by comparing their performance against the latest threats, evaluating their costs and benefits, and assessing their compatibility with the organization's existing infrastructure.
  6. Refine the hypothesis: Based on the results of the data analysis, the hypothesis may need to be refined. This may involve revising the hypothesis, developing new hypotheses, or developing new strategies to mitigate the threat. For example, if the analysis indicates that technology A is not as effective as previously thought, the hypothesis may need to be revised to reflect this new information.
  7. Draw conclusions: The final step is to draw conclusions based on the results of the data analysis. This may involve developing recommendations for cybersecurity strategy and tactics, or developing new policies and procedures to address the identified threat or vulnerability. For example, the analysis may lead to the conclusion that technology B is the best option for the organization, and a new policy for implementing this technology may be developed.

The benefits of using ADI to select new cybersecurity technologies are numerous. By following this framework, organizations can ensure that their decision-making process is based on data and evidence rather than assumptions or vendor claims. ADI can also help organizations avoid costly mistakes, such as investing in technologies that do not meet their needs or are not compatible with their existing infrastructure. Additionally, ADI can provide a structured approach to selecting new technologies, which can help organizations streamline their decision-making process and save time and resources.

In conclusion, selecting the right cybersecurity technology is crucial for any organization's security posture. With the constantly evolving threat landscape, it's essential to make informed decisions based on sound evidence and reasoning. The 7 steps of argument-driven inquiry provide a systematic approach to selecting new cybersecurity technologies, which can help organizations make informed decisions based on available data and rigorous analysis. By identifying the problem, developing a focused question, formulating a testable hypothesis, collecting and analyzing data, and refining the hypothesis, organizations can arrive at evidence-based conclusions and make informed decisions that align with their security needs and goals.

By applying the steps of argument-driven inquiry, organizations can ensure that their selection of cybersecurity technologies is driven by data and not just hype or assumptions. This approach can help organizations select the right technologies for their unique security needs, avoid costly mistakes, and improve their overall security posture. It can also help organizations stay agile and adapt to the constantly changing threat landscape, ensuring that their security strategies remain effective and up-to-date.

Popular posts from this blog

The Interconnected Roles of Risk Management, Information Security, Cybersecurity, Business Continuity, and IT in Modern Organizations

In the rapidly evolving digital landscape, understanding the interconnected roles of Risk Management, Information Security, Cybersecurity, Business Continuity, and Information Technology (IT) is crucial for any organization. These concepts form the backbone of an organization's defense strategy against potential disruptions and threats, ensuring smooth operations and the protection of valuable data. Risk Management is the overarching concept that involves identifying, assessing, and mitigating any risks that could negatively impact an organization's operations or assets. These risks could be financial, operational, strategic, or related to information security. The goal of risk management is to minimize potential damage and ensure the continuity of business operations. Risk management is the umbrella under which information security, cybersecurity, and business continuity fall. Information Security is a subset of risk management. While risk management covers a wide range of pot...

Attack Path Scenarios: Enhancing Cybersecurity Threat Analysis

I. Introduction A. Background on Cybersecurity Threats Cybersecurity threats are an ongoing concern for organizations of all sizes and across all industries. As technology continues to evolve and become more integral to business operations, the threat landscape also becomes more complex and sophisticated. Cyber attackers are constantly seeking new ways to exploit vulnerabilities and gain unauthorized access to sensitive data and systems. The consequences of a successful cyber attack can be severe, including financial losses, reputational damage, and legal consequences. Therefore, it is critical for organizations to have effective cybersecurity strategies in place to identify and mitigate potential threats. B. Definition of Attack Path Scenarios Attack Path Scenarios are a type of threat scenario used in cybersecurity to show the step-by-step sequence of tactics, techniques, and procedures (TTPs) that a cyber attacker may use to penetrate a system, gain access to sensitive data, and ach...

A Deep Dive into the Analysis and Production Phase of Intelligence Analysis

Introduction In the complex and ever-evolving world of intelligence, the ability to analyze and interpret information accurately is paramount. The intelligence cycle, a systematic process used by analysts to convert raw data into actionable intelligence, is at the heart of this endeavor. This cycle typically consists of five stages: Planning and Direction, Collection, Processing, Analysis and Production, and Dissemination. Each stage plays a vital role in ensuring that the intelligence provided to decision-makers is accurate, relevant, and timely. While all stages of the intelligence cycle are critical, the Analysis and Production phase is where the proverbial 'rubber meets the road.' It is in this phase that the collected data is evaluated, integrated, interpreted, and transformed into a form that can be used to make informed decisions. The quality of the intelligence product, and ultimately the effectiveness of the decisions made based on that product, hinge on the rigor and ...