A study on the state of practice in security situational awareness

Teemu Kanstrén, Antti Evesti

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

6 Citations (Scopus)


We present the results of an interview study on the state of practice for Situational Awareness (SA) in the cybersecurity industry. Representatives from four global companies providing cybersecurity monitoring and analysis services and products were interviewed to get a view into the current state of practice in SA. The interviews were performed as a form of thematic interview, resulting in the classification of the results in three main areas of SA, i.e., how security is modelled, what information is collected, and how the data is analyzed. We describe the topics covered by the interviews, the common issues and methods, their differences, and provide a summary view on the current state of security monitoring and analysis in the cybersecurity industry. We also describe potential future work in terms of identified challenges in the area. The results help understand various aspects of cybersecurity situational awareness, to identify gaps between research and practice, and to build holistic SA solutions.
Original languageEnglish
Title of host publicationSoftware Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on
PublisherIEEE Institute of Electrical and Electronic Engineers
ISBN (Electronic)978-1-5090-3713-1
ISBN (Print)978-1-5090-3714-8
Publication statusPublished - 22 Sept 2016
MoE publication typeA4 Article in a conference publication
Event2016 IEEE International Conference on Software Quality, Reliability & Security - Vienna, Austria
Duration: 1 Aug 20163 Aug 2016


Conference2016 IEEE International Conference on Software Quality, Reliability & Security
Abbreviated titleQRS2016


  • interviews
  • monitoring
  • computer security
  • industries
  • companies
  • data visualization


Dive into the research topics of 'A study on the state of practice in security situational awareness'. Together they form a unique fingerprint.

Cite this