Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Challenges and performance metrics for security operations center analysts: a systematic review

Agyepong, Enoch, Cherdantseva, Yulia ORCID: https://orcid.org/0000-0002-3527-1121, Reinecke, Philipp ORCID: https://orcid.org/0000-0002-2411-0891 and Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X 2020. Challenges and performance metrics for security operations center analysts: a systematic review. Journal of Cyber Security Technology 4 (3) , pp. 125-152. 10.1080/23742917.2019.1698178

Full text not available from this repository.

Abstract

The increasing use of Security Operations Centers (SOCs) by organisations as a part of their cybersecurity strategy has led to several studies aiming to understand and improve SOC operations. However, to the best of our knowledge, there is no systematic literature review on the challenges faced by SOC analysts or on metrics for measuring analysts performance. To this end, we conducted a Systematic Literature Review (SLR) in accordance with the guidelines for undertaking SLR and analyzed papers published on SOCs between 2008 and 2018. We provide a comprehensive overview of the challenges faced by SOC analysts and of the metrics suggested in the literature for measuring analysts performance. In addition, we present a mapping between the challenges and existing performance metrics showing how the effectiveness of an analyst in addressing a particular challenge could be measured. We also discuss the drawbacks of the existing metrics and suggest directions for improvement. Our findings will enable SOC analysts and managers, as well as the academic community to gain a better understanding of the challenges impeding the performance of SOC analysts, and how analysts performance could be measured and improved.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Publisher: Taylor & Francis
ISSN: 2374-2917
Date of Acceptance: 24 November 2019
Last Modified: 24 Feb 2024 10:31
URI: https://orca.cardiff.ac.uk/id/eprint/132226

Actions (repository staff only)

Edit Item Edit Item
Altmetric
Dimensions
CORE (COnnecting REpositories)


Maintained by Cardiff University Information Services