[HTML][HTML] Learning from safety science: A way forward for studying cybersecurity incidents in organizations
In the aftermath of cybersecurity incidents within organizations, explanations of their causes
often revolve around isolated technical or human events such as an Advanced Persistent …
often revolve around isolated technical or human events such as an Advanced Persistent …
Challenges and performance metrics for security operations center analysts: a systematic review
E Agyepong, Y Cherdantseva, P Reinecke… - Journal of Cyber …, 2020 - Taylor & Francis
The increasing use of Security Operations Centers (SOCs) by organisations as a part of their
cyber security strategy has led to several studies aiming to understand and improve SOC …
cyber security strategy has led to several studies aiming to understand and improve SOC …
Security operations center: A systematic study and open challenges
Since the introduction of Security Operations Centers (SOCs) around 15 years ago, their
importance has grown significantly, especially over the last five years. This is mainly due to …
importance has grown significantly, especially over the last five years. This is mainly due to …
99% false positives: A qualitative study of {SOC} analysts' perspectives on security alarms
In this work, we focus on the prevalence of False Positive (FP) alarms produced by security
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
Matched and mismatched SOCs: A qualitative study on security operations center issues
Organizations, such as companies and governments, created Security Operations Centers
(SOCs) to defend against computer security attacks. SOCs are central defense groups that …
(SOCs) to defend against computer security attacks. SOCs are central defense groups that …
[HTML][HTML] A systematic method for measuring the performance of a cyber security operations centre analyst
E Agyepong, Y Cherdantseva, P Reinecke… - Computers & Security, 2023 - Elsevier
Analysts who work in a Security Operations Centre (SOC) play an essential role in
supporting businesses to protect their computer networks against cyber attacks. To manage …
supporting businesses to protect their computer networks against cyber attacks. To manage …
A cyber security data triage operation retrieval system
Data triage is a fundamental stage of cyber defense analysis for achieving cyber situational
awareness in a Security Operations Center (SOC). It has a high requirement for cyber …
awareness in a Security Operations Center (SOC). It has a high requirement for cyber …
Integrated network and security operation center: A systematic analysis
D Shahjee, N Ware - IEEE Access, 2022 - ieeexplore.ieee.org
Traditionally, network and security operation center teams have worked in silos despite
commonalities. The network operating center (NOC) team is to provide operationality and …
commonalities. The network operating center (NOC) team is to provide operationality and …
Enacting expertise: Ritual and risk in cybersecurity
J Shires - Politics and Governance, 2018 - cogitatiopress.com
This article applies the concept of ritual to cybersecurity expertise, beginning with the
cybersecurity “skills gap”: the perceived lack of suitably qualified professionals necessary to …
cybersecurity “skills gap”: the perceived lack of suitably qualified professionals necessary to …
True Attacks, Attack Attempts, or Benign Triggers? An Empirical Measurement of Network Alerts in a Security Operations Center
Security Operations Centers (SOCs) face the key challenge of handling excessive security
alerts. While existing works have studied this problem qualitatively via user studies, there is …
alerts. While existing works have studied this problem qualitatively via user studies, there is …