The Journal of Threat Intelligence and Incident Response focuses on topics, lessons, and knowledge of immediate practical value to practitioners in these fields. What does that mean? It means the editors are looking for knowledge that has worked for you or your organization in finding, tracking, remediating, and understanding cyber threats.
MOST cybersecurity professionals have never submitted a journal article in their career. This means for most, the idea of submitting a journal article may be new or even a bit frightening. Second, journals have historically been known and understood only in the most privileged environments and circles leaving many individuals behind and left-out of contributing through this mechanism.
So, considering all that I wanted to create a short page on demystifying the process and reduce some stress about what this is about.
Also, read this JTIIR Quick Start.
Am I, or Is This Idea, Good Enough for a Journal?
“Our doubts are traitors, and make us lose the good we oft might win, by fearing to attempt.” – William Shakespeare
First, stop asking if you or your ideas are good enough. They are. In the progress of everyone’s career we solve a problem that others want to know “how did you do/know that?!” That’s it. It’s good enough. 😊 The purpose of this Journal is to capture, propagate, and archive all those improvements we’ve all made so the community can build on those to everyone’s benefit.
This means we’re looking for content applicable to ALL professional levels. Your idea is not “too basic” for submission.
Check the Topics of Interest page to make sure your idea is relevant to the purpose of the journal.
Where To Get Ideas?
Another question I normally get: where do I get an idea to submit?
Have you written a blog or whitepaper, presented a webinar, recorded a video, submitted or presented at a conference? Those are great places to start and JTIIR submissions can come from all those sources.
Have you solved a problem during your work that led to a significant impact on finding, tracking, or remediating cyber threats?
Do you have unique insight or unique perspective on a substantial unsolved or controversial problem within threat intelligence and incident response?
All of those are great areas to consider.
I’ve Submitted to a Conference, Why Should I Submit to a Journal?
First, great job! Thank you for contributing anywhere for the benefit of the community.
A conference is a great place to share ideas but rarely are they good places to archive ideas so that they’re relied upon years later. Some conferences stream or post their conference presentations but many do not. Nor are conference presentations reviewed for content accuracy and rigor.
We encourage you to not only give conference presentations but then consider writing your content up in journal form so that it can be further strengthened through review and archived and shared far into the future.
How Long Does It Need to Be?
As long as it needs to be is the only answer. Length is never a consideration for acceptance. In fact, THE SHORTER THE BETTER.
I personally recommend that for an articles with the greatest impact to target between 4 and 10 pages.
How Should I Start Writing a Journal Article?
Start simply. Just state the problem you had or the problem you see. Then state your solution. Try to make that no more than 3 or 4 sentences. Forget formatting or length.
Imagine a person pulled up a chair next to you and with wide eyes asked you “how did you do that?!” I like to call this part, “The Journey.”
Now, just tell them.
When you’re done go back and break up the journey into 3-5 parts. You can call these “sections.” And now examine if each section is sufficient. Imagine the person next you asks, “can you tell me more about that?” And, “why did that work? Would it work for me?” Provide a little more insight and evidence that what you did worked and would likely work for others. Have others tried it too and did it work? We call this “rigor.”
Start finding external references – search for others who’ve worked on something similar and inject those where they fit.
Now, look deeper for related work. Has anyone else written anything similar to what you’re discussing? Most likely they have – write that up in a few paragraphs into a “Prior Works” section.
Write an introduction, paint a picture for your audience. How did you “find” the problem? How common is the problem you’re describing? What would be the benefit of solving it?
Write a conclusion, take your introduction and turn it around – start with your solution (“here is what we did”) and then end with the problem statement (“and we’ve shown this approach to effectively do X”).
Lastly, go back to the top where you write those originally 3-4 sentences and you’re going to turn that into an “abstract.” All you do is state the problem, provide a sentence for each of the 3-5 parts, then state the value of what you’ve done. Now CUT! Cut it down to 150 words or less.
Congratulations! You’re basically done! You should have all the ingredients of a Journal article. An abstract, introduction, prior works, 3-5 sections describing your solution along with citations and evidence, and a conclusion.
The hardest part is to format what you’ve done using this Style Guide.
Do I Need to Write the Whole Thing?
NO!
Writing a “article” is a scary endeavor. It’s not easy for most of us (including me).
Plus, you may not be willing to make a commitment. What if you spend weeks writing an article and it gets rejected? Nobody wants that.
You can submit just an abstract, draft, or outline and the editors will provide you feedback on (1) whether the idea is a fit and (2) whether it approaches the problem and topic properly for a journal article.
However, the more of an article you provide – even just a draft or outline, the more we can evaluate and provide more valuable feedback.
But, I fully and personally recommend you try to write the whole thing before you submit. The reason? Because in the end you’ll have a fabulous piece of work you can submit or post elsewhere even if not in the JTIIR. Plus, if you’ve not written a journal article, or have had little practice, I suggest you try it!
How Do I Submit?
When you’re ready you’ll create an account and submit HERE.
After I Submit, What Happens Next?
First, your name is entirely removed from the submission. We won’t know who you are to prevent bias.
Next, your submission will be evaluated as to its fit for the purpose of the journal. We won’t be evaluating you or your idea. We need to make sure your submission is within our scope which you can find here.
Then comes the biggest part: your submission will be sent to two or more reviewers. We try to match your subject with the reviewers that have the greatest experience in that area. The reviewers will then provide feedback and recommendations that you’ll receive.
An editor will then consider the reviewer’s comments and recommendations and decide whether to accept your submission. There are several categories: accept with no revisions, accept with minor revisions, accept with significant revisions, or reject.
Finally, if you’re accepted then your article will be scheduled. It’s important to understand that we are limited to a reasonable number of articles in each issue. Therefore, your submission may be accepted but scheduled for a later issue. This is common for any journal.