Andrew Morin (University of Tulsa)

As the cost and frequency of cybersecurity incidents continue to rise, so too has the pressure on security operation centers (SOC) to perform efficiently. This has forced cybersecurity leadership, such as chief information security officers (CISOs), into an arduous balancing act of maintaining a costeffective cybersecurity posture while simultaneously retaining an efficient cybersecurity workforce. To meet both of these goals, SOC leadership will often track key performance indicators (KPIs) related to the daily tasks performed by SOC analysts. While these quantitative metrics allow SOC leadership to monitor certain analyst performance patterns, the evaluation of analysts based on these imperfect measurements may lead to undesirable operant conditioning. As such, it is not immediately obvious how, or even if, these KPIs improve upon the larger goals envisioned by organizational leadership. In this paper, we perform a mixedmethods case study of an academic SOC to determine how well KPIs translate the organizational goals from cybersecurity leadership to SOC analysts. Specifically, we use qualitative surveys and interviews, as well as quantitative KPI measurements from analysts to determine the congruency of CISO and SOC analyst goals. We find that analysts who perform well across KPIs are not necessarily the best at furthering SOC goals, and vice versa. We find that within this specific SOC, analysts appear to be incentivized to deviate from organizational cybersecurity goals in pursuit of better KPI scores.

View More Papers

mmProcess: Phase-Based Speech Reconstruction from mmWave Radar

Hyeongjun Choi, Young Eun Kwon, Ji Won Yoon (Korea University)

Read More

Cyber Threat Intelligence for SOC Analysts

Nidhi Rastogi, Md Tanvirul Alam (Rochester Institute of Technology)

Read More

SketchFeature: High-Quality Per-Flow Feature Extractor Towards Security-Aware Data Plane

Sian Kim (Ewha Womans University), Seyed Mohammad Mehdi Mirnajafizadeh (Wayne State University), Bara Kim (Korea University), Rhongho Jang (Wayne State University), DaeHun Nyang (Ewha Womans University)

Read More