Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Challenges and performance metrics for security operations center analysts: a systematic review

Agyepong, Enoch, Cherdantseva, Yulia, Reinecke, Philipp and Burnap, Peter 2019. Challenges and performance metrics for security operations center analysts: a systematic review. Journal of Cyber Security Technology 10.1080/23742917.2019.1698178

Full text not available from this repository.

Abstract

The increasing use of Security Operations Centers (SOCs) by organisations as a part of their cybersecurity strategy has led to several studies aiming to understand and improve SOC operations. However, to the best of our knowledge, there is no systematic literature review on the challenges faced by SOC analysts or on metrics for measuring analysts performance. To this end, we conducted a Systematic Literature Review (SLR) in accordance with the guidelines for undertaking SLR and analyzed papers published on SOCs between 2008 and 2018. We provide a comprehensive overview of the challenges faced by SOC analysts and of the metrics suggested in the literature for measuring analysts performance. In addition, we present a mapping between the challenges and existing performance metrics showing how the effectiveness of an analyst in addressing a particular challenge could be measured. We also discuss the drawbacks of the existing metrics and suggest directions for improvement. Our findings will enable SOC analysts and managers, as well as the academic community to gain a better understanding of the challenges impeding the performance of SOC analysts, and how analysts performance could be measured and improved.

Item Type: Article
Date Type: Published Online
Status: In Press
Schools: Computer Science & Informatics
Date of Acceptance: 24 November 2019
Last Modified: 15 Jun 2020 15:30
URI: http://orca.cf.ac.uk/id/eprint/132226

Actions (repository staff only)

Edit Item Edit Item