Dimitri Percia David

• PhD in Information Systems
• Professor of Data Science & Econometrics at University of Applied Science of Western Switzerland

Established methodologies for monitoring and forecasting trends in technological development fall short of capturing advancements in Large Language Models (LLMs). This chapter suggests a complementary and alternative approach to mitigate this concern. Traditional indicators, such as search volumes and citation frequencies, are demonstrated to inade...

The latency reduction between the discovery of vulnerabilities, the build-up, and the dissemination of cyberattacks has put significant pressure on cybersecurity professionals. For that, security researchers have increasingly resorted to collective action in order to reduce the time needed to characterize and tame outstanding threats. Here, we inve...

The need for dependable and real-time insights on technological paradigm shifts requires objective information. We develop a lean recommender system which predicts emerging technology by a sequential blend of machine learning and network analytics. We illustrate the capabilities of this system with patent data and discuss how it can help organizati...

We introduce a novel recursive algorithm that analyzes and ranks the relative influence that companies and technologies have in a technology landscape. The algorithm also incorporates exogenous variables that reflect investor preferences. The results provide investors with an optimal ranking of technologies and thus help them to make more informed...

Job offers reveal employer preferences about capabilities required for future cyberdefense. We model such job openings as edges of a bipartite network of organizations and technologies. We propose and train a parsimonious prediction algorithm with extant job offer data to predict which capabilities firms will require up to six months from now. We c...

We propose a reproducible, automated, scalable, and free method for automated bibliometric analysis that requires little computing power. We explain how firms can use this method with open source data from public repositories to generate unbiased insights about future technology developments, and to assess the maturity, security and likely future d...

The book was inadvertently published with an incorrect author name in Chapter 39 as Percia David Dimitri whereas it should be Dimitri Percia David. The chapter has now been corrected and approved by the author.

This article describes three collective intelligence dynamics observed on ThreatFox, a free platform operated by abuse.ch that collects and shares indicators of compromise. These three dynamics are empirically analyzed with an exclusive dataset provided by the sharing platform. First, participants’ onboarding dynamics are investigated and the impor...

This paper presents a novel science indicator to identify, analyze, and capture technology trends based on Wikipedia page views and OpenAlex presented at STI2022. Our webometric methodology is grounded in open science practices and applied to crowd-sourced, open, and free data. We explore the relationships between 36 data protection and encryption...

Any trend assessment concerning data protection and encryption technologies constitutes a challenging task for various reasons. The swift development of security technologies brings a myriad of novel protocols, tools, and procedures whose technological readiness levels also evolve rapidly. We used a benchmarking development indicator, the attention...

Generative Language Models gained significant attention in late 2022 / early 2023, notably with the introduction of models refined to act consistently with users' expectations of interactions with AI (conversational models). Arguably the focal point of public attention has been such a refinement of the GPT3 model -- the ChatGPT and its subsequent i...

We study security-development patterns in computer-science technologies through (i) the security attention among technologies, (ii) the relation between technological change and security development, and (iii) the effect of opinion on security development. We perform a scientometric analysis on arXiv e-prints (n=340,569) related to 20 computer-scie...

Because of the considerable heterogeneity and complexity of the technological landscape, building accurate models to forecast is a challenging endeavor. Due to their high prevalence in many complex systems, S-curves are a popular forecasting approach in previous work. However, their forecasting performance has not been directly compared to other te...

We introduce TechRank, a recursive algorithm based on a bi-partite graph with weighted nodes. We develop TechRank to link companies and technologies based on the method of reflection. We allow the algorithm to incorporate exogenous variables that reflect an investor's preferences. We calibrate the algorithm in the cybersecurity sector. First, our r...

Strategic decisions rely heavily on non-scientific instrumentation to forecast emerging technologies and leading companies. Instead, we build a fast quantitative system with a small computational footprint to discover the most important technologies and companies in a given field, using generalisable methods applicable to any industry. With the hel...

The latency reduction between the discovery of vulnerabilities, the build-up and dissemination of cyber-attacks has put significant pressure on cybersecurity professionals. For that, security researchers have increasingly resorted to collective action in order to reduce the time needed to characterize and tame outstanding threats. Here, we investig...

The cybersecurity technological landscape is a complex ecosystem in which entities -- such as companies and technologies -- influence each other in a non-trivial manner. Measuring the influence between entities is a tenet for informed technological investments in critical infrastructure. To study the mutual influence of companies and technologies f...

Mapping the technology landscape is crucial for market actors to take informed investment decisions. However, given the large amount of data on the Web and its subsequent information overload, manually retrieving information is a seemingly ineffective and incomplete approach. In this work, we propose an end-to-end recommendation based retrieval app...

Cyber-security breaches inflict significant costs on organizations. Hence, the development of an information-systems defense capability through cyber-security investment is a prerequisite. The question of how to determine the optimal amount to invest in cyber-security has been widely investigated in the literature. In this respect, the Gordon-Loeb...

Fifth generation mobile networks (5G) are currently being deployed by mobile operators around the globe. 5G acts as an enabler for various use cases and also improves the security and privacy over 4G and previous network generations. However, as recent security research has revealed, the standard still has security weaknesses that may be exploitabl...

This book constitutes the refereed proceedings of the 16th International Conference on Critical Information Infrastructures Security, CRITIS 2021, which took place in Lausanne, Switzerland, during September 27-29, 2021. The 12 full papers included in this volume were carefully reviewed and selected from 42 submissions. They were organized in topica...

We investigate how human beliefs are associated with the absorption of specialist knowledge that is required to produce cyber-security. We ground our theorizing in the knowledge-based view of the firm and transaction-cost economics. We test our hypotheses with a sample of 262 members of an information-sharing and analysis center who share sensitive...

The operational continuity of critical infrastructures (CIs) is vital for the functioning of modern societies. Yet, these CIs are monitored/managed by an interdependent ecosystem of information systems, exposing CIs to the systemic risk of cascading failures. Consequently, CIs require an information-systems defense capability – i.e., the ability to...

Security information sharing (SIS) is an activity whereby individuals exchange information that is relevant to analyze or prevent cybersecurity incidents. However, despite technological advances and increased regulatory pressure, individuals still seem reluctant to share security information. Few contributions have addressed this conundrum to date....

Empirical studies have analyzed the incentive mechanisms for sharing security information between human agents, a key activity for critical infrastructure protection. However, recent research shows that most Information Sharing and Analysis Centers do not perform optimally, even when properly regulated. Using a meso-level of analysis, we close an i...

Empirical studies have analyzed the incentive mechanisms that support security information sharing between human agents, a key activity for critical infrastructure protection. However, recent research shows that most Information Sharing and Analysis Centers – the most common institution organizing security information sharing – do not perform at Pa...

In this paper, we investigate the role of incentives for Security Information Sharing (SIS) between human agents working in institutions. We present an incentive-based SIS system model that is empirically tested with an exclusive dataset. The data was collected with an online questionnaire addressed to all participants of a deployed Information Sha...

We propose an extension of the Gordon-Loeb model by considering multi-periods and relaxing the assumption of a continuous security breach probability function. Such adaptations allow capturing dynamic aspects of information security investment such as the advent of a disruptive technology and its consequences. In this paper, the case of big data an...

Various measures have been proposed to mitigate the underinvestment problem in cybersecurity. Investment models have theoretically demonstrated the potential application of security information sharing (SIS) to Critical Infrastructure Protection (CIP). However, the free rider problem remains a major pitfall, preventing the full potential benefits o...

The Swiss Armed Forces are suffering from a structural deficit of militia officers despite good pay and a general supportive attitude in the population. Whereas, prior studies have focused on motivation to explain understaffing in armed forces, we offer an alternative approach based on opportunity cost. We model decision alternatives both within an...

La cybersécurité ne se limite pas aux sciences informatiques. Une approche holistique et multidisciplinaire est nécessaire pour renforcer notre souveraineté numérique. Deux recherches scientifiques adoptant une approche économique de la cybersécurité sont présentées. La première se concentre sur les incitations au partage de l’information sur les c...