Abstract
The work of Computer Network Defense conducted, for instance, in Security Operations Centers and by Computer Security Incident Teams, is dependent not alone on technology, but also on people. Understanding how people experience these environments is an essential component toward achieving optimal functioning. This paper describes a qualitative research study on the human experience of working in these environments. Using Grounded Theory, a psychological understanding of the experience is developed. Results suggest that positive and negative aspects of the work are either amenable or not amenable to change. Areas of tension are identified, and posited as the focus for improving experience. For this purpose, psychological theories of Social Identity Theory, Relational Dialectics, and Cognitive Dissonance, provide a way of understanding and interpreting these components of Computer Network Defence work, and can be used to assess the experience of staff.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Baxter, L., Braithwaite, D.: Relational dialectics theory. In: Engaging Theories in Interpersonal Communication: Multiple Perspectives, pp. 349–361. Sage (2008)
Charmaz, K.: Constructing Grounded Theory. Sage Publications, London (2006)
Chen, T., Shore, D., Zaccaro, S.J., Dalal, R.S., Tetrick, L., Gorab, A.: An organizational psychology perspective to examining computer security incident response teams. Secur. Priv. 5(12), 61–67 (2014)
Festinger, L.: A Theory of Cognitive Dissonance. Stanford University Press, Palo Alto (1957)
Jajodia, S., Albanese, M.: An integrated framework for cyber situation awareness. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness. LNCS, vol. 10030, pp. 29–46. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61152-5_2
Kandogan, E., Haber, E.: Security administration tools and practices. In: Security and Usability: Designing Secure Systems that People Can Use (2006)
Kvale, S., Brinkmann, S.: InterViews. Learning the Craft of Qualitative Research Interviewing, 2nd edn. Sage Publications, London (2009)
Liu, P., et al.: Human subject research protocol: Computer-aided human centric cyber situation awareness: Understanding cognitive processes of cyber analysts. Technical report ARL-TR-6731, Army Research Laboratory, MD, USA (2013)
O’Connell, D., Kowal, S.: Basic principles of transcription. In: Rethinking Methods in Psychology. Part II, Discourse as Topic, chap. 7. Sage, London (1995)
Paul, C.L., Whitley, K.: A taxonomy of cyber awareness questions for the user-centered design of cyber situation awareness. In: Marinos, L., Askoxylakis, I. (eds.) HAS 2013. LNCS, vol. 8030, pp. 145–154. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39345-7_16
Sundaramurthy, S., et al.: A human capital model for mitigating security analyst burnout. In: Symposium on Usable Privacy and Security. USENIX (2015)
Sundaramurthy, S., et al.: Turning contradictions into innovations or: how we learned to stop whining and improve security operations. In: Symposium on Usable Privacy and Security (SOUPS). USENIX (2016)
Tajfel, H., Turner, J.: An integrative theory of intergroup conflict. In: The Social Psychology of Intergroup Relations, pp. 33–47 (1979)
UK Economic and Social Research Council: Research ethics - ESRC. http://www.esrc.ac.uk/funding/guidance-for-applicants/research-ethics/
Velasquez, N., Weisband, S.: Work practices of system administrators: implications for tool design. In: Symposium on Computer Human Interaction for Management of Information Technology. ACM (2008)
Weir, C., Rashid, A., Noble, J.: I’d like to have an argument, please: using dialectic for effective app security. In: EuroUSEC 2017. Internet Society, April 2017
Werlinger, R., Hawkey, K., Beznosov, K.: An integrated view of human, organizational, and technological challenges of it security management. Inf. Manag. Comput. Secur. 17(1), 4–19 (2009)
Zimmerman, C.: Ten strategies of a world-class cybersecurity operations center. Technical report The MITRE Corporation, Bedford, MA, USA (2014)
Acknowledgement
This work was supported by the Cyber CNI Chair of Institute Mines-Télécom which is held by IMT Atlantique and supported by Airbus Defence and Space, Amossys, BNP Parisbas, EDF, Orange, La Poste, Nokia, Société Générale and the Regional Council of Brittany; it has been acknowledged by the French Centre of Excellence in Cybersecurity.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Rooney, V.M., Foley, S.N. (2018). What You Can Change and What You Can’t: Human Experience in Computer Network Defenses. In: Gruschka, N. (eds) Secure IT Systems. NordSec 2018. Lecture Notes in Computer Science(), vol 11252. Springer, Cham. https://doi.org/10.1007/978-3-030-03638-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-03638-6_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03637-9
Online ISBN: 978-3-030-03638-6
eBook Packages: Computer ScienceComputer Science (R0)