Humans and automation: Augmenting security operation centers
Background: Open Access Systematic Review Humans and Automation: Augmenting
Security Operation Centers by Jack Tilbury and Stephen Flowerday* School of Cyber …
Security Operation Centers by Jack Tilbury and Stephen Flowerday* School of Cyber …
[HTML][HTML] Understanding situation awareness in SOCs, a systematic literature review
Situation awareness is shown through human factors research to be a valuable construct to
understand and improve how humans perform while operating complex systems in critical …
understand and improve how humans perform while operating complex systems in critical …
CRUSOE: A toolset for cyber situational awareness and decision support in incident handling
The growing size and complexity of today's computer network make it hard to achieve and
maintain so-called cyber situational awareness, ie, the ability to perceive and comprehend …
maintain so-called cyber situational awareness, ie, the ability to perceive and comprehend …
[HTML][HTML] Automation Bias and Complacency in Security Operation Centers
The volume and complexity of alerts that security operation center (SOC) analysts must
manage necessitate automation. Increased automation in SOCs amplifies the risk of …
manage necessitate automation. Increased automation in SOCs amplifies the risk of …
SoK: applications and challenges of using recommender systems in cybersecurity incident handling and response
M Husák, M Čermák - Proceedings of the 17th International Conference …, 2022 - dl.acm.org
Incident handling, a fundamental activity of a cybersecurity incident response team, is a
complex discipline that consumes a significant amount of personnel's time and costs. There …
complex discipline that consumes a significant amount of personnel's time and costs. There …
Empowering Security Operation Center with Artificial Intelligence and Machine Learning–A Systematic Literature Review
Organizational cybersecurity relies heavily on security operation centers (SOCs) to protect
businesses and institutions from emerging cyber threats. In recent years, the complexity and …
businesses and institutions from emerging cyber threats. In recent years, the complexity and …
Towards a data-driven recommender system for handling ransomware and similar incidents
M Husák - 2021 IEEE International Conference on Intelligence …, 2021 - ieeexplore.ieee.org
Effective triage is of utmost importance for cybersecurity incident response, namely in
handling ransomware or similar incidents in which the attacker may use self-propagating …
handling ransomware or similar incidents in which the attacker may use self-propagating …
[PDF][PDF] Unravelling the dynamic complexity of cyber-security: Towards identifying core systemic structures driving cyber-security investment decision-making
S Zeijlemaker - 2022 - repository.ubn.ru.nl
This dissertation and the related research would not have been possible without the support
of many people in my environment. I therefore want to thank everyone involved for their help …
of many people in my environment. I therefore want to thank everyone involved for their help …
Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph
We present an approach to decision support in cybersecurity with respect to cyber threats
and stakeholders' requirements. We approach situations in which cybersecurity experts …
and stakeholders' requirements. We approach situations in which cybersecurity experts …
Understanding decision making in security operations centres: building the case for cyber deception technology
A Reeves, D Ashenden - Frontiers in Psychology, 2023 - frontiersin.org
Introduction A Security Operations Centre (SOC) is a command centre where analysts
monitor network activity, analyse alerts, investigate potential threats, and respond to …
monitor network activity, analyse alerts, investigate potential threats, and respond to …