THE HUMAN FACTOR CAPABILITIES IN SECURITY OPERATION CENTER (SOC)

Abstract

The human factor is considered the weakest link in cybersecurity and inside the Security Operation Centers (SOC) and it represents the most important component at the same time. Human factor capabilities and challenges attracted the attention of researchers to address how these challenges can be reduced or mitigated. However, these research papers do not consider the complexity, unpredictability, interdependent and evolving nature of the SOC systems. This study aims to explore the human capabilities and weaknesses inside the Security Operation Centre. To this end, we employed survey bases questionaries alongside the daily observation of SOC analysts and interviews with SOC experts. Forty SOC analysts and five experts conducted the survey. The finding of this study will help SOC managers and SOC designers better understand the challenges faced by the SOC analysts and take into account the interdependent and evolving nature of the Security Operation Centers.

Additional information

Notes on contributors

Samir Achraf Chamkar

Chamkar Samir Achraf is now a Ph.D. student at Sultan Moulay Slimane University. He has worked in the cybersecurity industry for many years. Passionate about protecting information systems and facing cyber-attacks. He worked for many well-known Cybersecurity companies in Morocco, such as Dataprotect and Omnidata. His goals include the continuous improvement of the Security Operation Centers' performances and capabilities.

Yassine Maleh

Yassine Maleh, is an associate professor of cybersecurity and IT governance at Sultan Moulay Slimane University, Morocco. He is the founding chair of IEEE Consultant Network Morocco and founding president of the African Research Center of Information Technology & Cybersecurity. He is a senior member of IEEE and a member of the International Association of Engineers IAENG and The Machine Intelligence Research Labs. Dr Maleh has made contributions in the fields of information security and privacy, Internet of things security, wireless and constrained networks security. His research interests include information security and privacy, Internet of things, networks security, information system, and IT governance. He has published over 80 papers (book chapters, international journals, and conferences/workshops), 14 edited books, and 3 authored books. He is the editor-in-chief of the International Journal of Information Security and Privacy, and theInternational Journal of Smart Security Technologies (IJSST). He serves as an associate editor for IEEE Access (2019 Impact Factor 4.098), the International Journal of Digital Crime and Forensics (IJDCF), and the International Journal of Information Security and Privacy (IJISP). He is a series editor of Advances in Cybersecurity Management, by CRC Taylor & Francis?-. He was also a guest editor of a special issue on Recent Advances on Cyber Security and Privacy for Cloud-of-Things of the International Journal of Digital Crime and Forensics (IJDCF), Volume 10, Issue 3, July–September 2019. He has served and continues to serve on executive and technical program committees and as a reviewer of numerous international conferences and journals such as Elsevier Ad Hoc Networks, IEEE Network Magazine, IEEE Sensor Journal, ICT Express, and Springer Cluster Computing. He was the Publicity chair of BCCA 2019 and the General Chair of the MLBDACP 19 symposium and ICI2C’21 Conference. 

Noreddine Gherabi

Noreddine Gherabi is a professor of computer science with industrial and academic experience. He holds a doctorate degree in computer science. In 2013, he worked as a professor of computer science at Mohamed Ben Abdellah University and since 2015 has worked as a research professor at Sultan Moulay Slimane University, Morocco. Member of the International Association of Engineers (IAENG).He is having several contributions in information systems namely: big data, semantic web, pattern recognition, intelligent systems.He has more than 40 papers (book chapters, international journals, and conferences/workshops), and edited books. He has served on executive and technical program committees and as a reviewer of numerous international conferences and journals, he convened and chaired more than 30 conferences and workshops.