A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
Technical Performance Metrics of a Security Operations Center (2023)
Forsberg, J., & Frantti, T. (2023). Technical Performance Metrics of a Security Operations Center. Computers and Security, 135, Article 103529. https://doi.org/10.1016/j.cose.2023.103529
JYU-tekijät tai -toimittajat
Julkaisun tiedot
Julkaisun kaikki tekijät tai toimittajat: Forsberg, Joonas; Frantti, Tapio
Lehti tai sarja: Computers and Security
ISSN: 0167-4048
eISSN: 1872-6208
Julkaisuvuosi: 2023
Ilmestymispäivä: 06.10.2023
Volyymi: 135
Artikkelinumero: 103529
Kustantaja: Elsevier
Julkaisumaa: Britannia
Julkaisun kieli: englanti
DOI: https://doi.org/10.1016/j.cose.2023.103529
Julkaisun avoin saatavuus: Avoimesti saatavilla
Julkaisukanavan avoin saatavuus: Osittain avoin julkaisukanava
Julkaisu on rinnakkaistallennettu (JYX): https://jyx.jyu.fi/handle/123456789/90111
Tiivistelmä
This research introduces a novel framework for creating metrics intended for security operations centers (SOCs). The framework is developed using the design science research methodology and has been validated by generating four novel metrics to assess the technical performance of a SOC. Additionally, the study examines the existing landscape of metrics for SOCs and concludes that a majority of the metrics discussed in the literature primarily focus on operational aspects rather than technical performance. The absence of adequate technical performance metrics makes it challenging to accurately evaluate the tangible impact of a SOC on overall cyber defense capabilities. The research also highlights the insufficiency of current methods in constructing metrics and frameworks tailored for measuring SOCs' technical performance. The resulting framework offers SOCs means to create high-quality metrics for performance evaluation. Furthermore, the metrics the framework was validated with offer SOCs an opportunity to enhance their ability to quantify their threat detection capabilities.
YSO-asiasanat: kyberturvallisuus; mittaus; mittarit (mittaus); mittausmenetelmät
Vapaat asiasanat: security operations center; soc; csoc; cyber security operations center; metric; measurement; technical performance; cyber defense; performance indicator
Liittyvät organisaatiot
Hankkeet, joissa julkaisu on tehty
- Kumppanuusmalli - CSG - JyY
- Frantti, Tapio
- Business Finland
OKM-raportointi: Kyllä
VIRTA-lähetysvuosi: 2023
JUFO-taso: 2
