Technological Solutions for Improving Performance of Cyber Security Analysts

Purpose The purpose of this paper is to investigate security decision-making during risk and uncertain conditions and to propose a normative model capable of tracing the decision rationale. Design/methodology/approach The proposed risk rationalisation model is grounded in literature and studies on security analysts’ activities. The model design was inspired by established awareness models including the situation awareness and observe–orient–decide–act (OODA). Model validation was conducted using cognitive walkthroughs with security analysts. Findings The results indicate that the model may adequately be used to elicit the rationale or provide traceability for security decision-making. The results also illustrate how the model may be applied to facilitate design for security decision makers. Research limitations/implications The proof of concept is based on a hypothetical risk scenario. Further studies could investigate the model’s application in actual scenarios. Originality/value The paper proposes a novel approach to tracing the rationale behind security decision-making during risk and uncertain conditions. The research also illustrates techniques for adapting decision-making models to inform system design.

Download Full-text

Supporting Collaboration Among Cyber Security Analysts Through Visualizing Their Analytical Reasoning Processes

2018 IEEE International Conference on Multimedia & Expo Workshops (ICMEW) ◽

10.1109/icmew.2018.8551497 ◽

2018 ◽

Author(s):

Lindsey Thomas ◽

Adam Vaughan ◽

Zachary Courtney ◽

Chen Zhong ◽

Awny Alnusair

Keyword(s):

Cyber Security ◽

Security Analysts ◽

Analytical Reasoning

Download Full-text

Concerns of Modern IoT: Exploration over Attainments of Past Observational Challenges in IoT

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.e8647.0310521 ◽

2021 ◽

Vol 10 (5) ◽

pp. 18-23

Author(s):

Vikram Narayanda ◽

Archana M. ◽

Raman D.

Keyword(s):

Internet Of Things ◽

Cyber Security ◽

Human Potential ◽

The Internet ◽

Security Analysts ◽

The Past ◽

The Future ◽

The Absolute ◽

Different Parts

In the previous past times internet of things (IoT) constructed up the different parts of life to improve usefulness by reducing human work including only a pair of sensors. In the previous there were frequently the absolute greatest obstacles which IoT as of now prompts achievement are not automatic. Just a few percent of organizations were fruitful with their IoT activities be that as it can, given a considerable number of which are simply operational or authoritative. Albeit numerous issues related with IoT arrangements are not mechanical, they are similarly agonizing and hard to survive. Furthermore, if each association needs to beat these difficulties in a void, a 74 percent 3 dissatisfaction rate is probably going to proceed. Be that as it may, by transparently sharing the information and bits of knowledge increased through broad experience encouraged IoT to push ahead all in all intensifying our human potential. The achievement of IoT over the past impediments puts more prominence on its capacity to conquer the future difficulties. IoT is an innovation that should be known as an aid. In any case, since it interfaces all the things to 4 the Internet, the things become defenseless against a type of security dangers. Huge organizations and cyber security analysts are giving their best to make things ideal for the purchasers, yet there is still a ton to be finished.

Download Full-text

An Economics Primer for Cyber Security Analysts

Military Cyber Affairs ◽

10.5038/2378-0789.3.1.1036 ◽

2018 ◽

Vol 3 (1) ◽

Author(s):

John Harvey ◽

Keyword(s):

Cyber Security ◽

Security Analysts

Download Full-text

USA's View on World Cyber Security Issues

Cyber Warfare and Cyber Terrorism ◽

10.4018/978-1-59140-991-5.ch052 ◽

2011 ◽

pp. 446-452

Author(s):

Norman Schneidewind

Keyword(s):

Cyber Security ◽

International Security ◽

The Internet ◽

Cyber Attack ◽

Security Analysts ◽

Security Issues ◽

The World ◽

Critical Issues ◽

Source Of Information

There is little evidence that the world is more secure from a major cyber attack than in 2000 because attacks on the Internet go on unabated . In addition to calling for new legislation and oversight, this chapter serves as a source of information about cyber security that domestic and international security analysts can use as a resource for understanding the critical issues and as a guide for preparing for hearings and legislative initiatives.

Download Full-text

CLAP: A Cross-Layer Analytic Platform for the Correlation of Cyber and Physical Security Events Affecting Water Critical Infrastructures

Journal of Cybersecurity and Privacy ◽

10.3390/jcp1020020 ◽

2021 ◽

Vol 1 (2) ◽

pp. 365-386

Author(s):

Gustavo Gonzalez-Granadillo ◽

Rodrigo Diaz ◽

Juan Caubet ◽

Ignasi Garcia-Milà

Keyword(s):

Real Time ◽

Cyber Security ◽

Cross Correlation ◽

Cyber Attacks ◽

Cross Layer ◽

Decision Making Process ◽

Physical Security ◽

Security Analysts ◽

Correlation Rules ◽

Active Attack

Water CIs are exposed to a wide number of IT challenges that go from the cooperation and alignment between physical and cyber security teams to the proliferation of new vulnerabilities and complex cyber-attacks with potential disastrous consequences. Although novel and powerful solutions are proposed in the literature, most of them lack appropriate mechanisms to detect cyber and physical attacks in real time. We propose a Cross-Layer Analytic Platform (denoted as CLAP) developed for the correlation of Cyber and Physical security events affecting water CIs. CLAP aims to improve the detection of complex attack scenarios in real time based on the correlation of cyber and physical security events. The platform assigns appropriate severity values to each correlated alarm that will guide security analysts in the decision-making process of prioritizing mitigation actions. A series of passive and active attack scenarios against the target infrastructure are presented at the end of the paper to show the mechanisms used for the detection and correlation of cyber–physical security events. Results show promising benefits in the improvement of response accuracy, false rates reduction and real-time detection of complex attacks based on cross-correlation rules.

Download Full-text