A study on the state of practice in security situational awareness

Teemu Kanstrén, Antti Evesti

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

3 Citations (Scopus)

Abstract

We present the results of an interview study on the state of practice for Situational Awareness (SA) in the cybersecurity industry. Representatives from four global companies providing cybersecurity monitoring and analysis services and products were interviewed to get a view into the current state of practice in SA. The interviews were performed as a form of thematic interview, resulting in the classification of the results in three main areas of SA, i.e., how security is modelled, what information is collected, and how the data is analyzed. We describe the topics covered by the interviews, the common issues and methods, their differences, and provide a summary view on the current state of security monitoring and analysis in the cybersecurity industry. We also describe potential future work in terms of identified challenges in the area. The results help understand various aspects of cybersecurity situational awareness, to identify gaps between research and practice, and to build holistic SA solutions.
Original languageEnglish
Title of host publicationSoftware Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on
PublisherInstitute of Electrical and Electronic Engineers IEEE
Pages69-76
ISBN (Electronic)978-1-5090-3713-1
ISBN (Print)978-1-5090-3714-8
DOIs
Publication statusPublished - 22 Sep 2016
MoE publication typeA4 Article in a conference publication
Event2016 IEEE International Conference on Software Quality, Reliability & Security - Vienna, Austria
Duration: 1 Aug 20163 Aug 2016

Conference

Conference2016 IEEE International Conference on Software Quality, Reliability & Security
Abbreviated titleQRS2016
CountryAustria
CityVienna
Period1/08/163/08/16

Fingerprint

Industry
Monitoring

Keywords

  • interviews
  • monitoring
  • computer security
  • industries
  • companies
  • data visualization

Cite this

Kanstrén, T., & Evesti, A. (2016). A study on the state of practice in security situational awareness. In Software Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on (pp. 69-76). Institute of Electrical and Electronic Engineers IEEE. https://doi.org/10.1109/QRS-C.2016.14
Kanstrén, Teemu ; Evesti, Antti. / A study on the state of practice in security situational awareness. Software Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on . Institute of Electrical and Electronic Engineers IEEE, 2016. pp. 69-76
@inproceedings{5a445976a5fe403597109d41e2989f86,
title = "A study on the state of practice in security situational awareness",
abstract = "We present the results of an interview study on the state of practice for Situational Awareness (SA) in the cybersecurity industry. Representatives from four global companies providing cybersecurity monitoring and analysis services and products were interviewed to get a view into the current state of practice in SA. The interviews were performed as a form of thematic interview, resulting in the classification of the results in three main areas of SA, i.e., how security is modelled, what information is collected, and how the data is analyzed. We describe the topics covered by the interviews, the common issues and methods, their differences, and provide a summary view on the current state of security monitoring and analysis in the cybersecurity industry. We also describe potential future work in terms of identified challenges in the area. The results help understand various aspects of cybersecurity situational awareness, to identify gaps between research and practice, and to build holistic SA solutions.",
keywords = "interviews, monitoring, computer security, industries, companies, data visualization",
author = "Teemu Kanstr{\'e}n and Antti Evesti",
year = "2016",
month = "9",
day = "22",
doi = "10.1109/QRS-C.2016.14",
language = "English",
isbn = "978-1-5090-3714-8",
pages = "69--76",
booktitle = "Software Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on",
publisher = "Institute of Electrical and Electronic Engineers IEEE",
address = "United States",

}

Kanstrén, T & Evesti, A 2016, A study on the state of practice in security situational awareness. in Software Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on . Institute of Electrical and Electronic Engineers IEEE, pp. 69-76, 2016 IEEE International Conference on Software Quality, Reliability & Security , Vienna, Austria, 1/08/16. https://doi.org/10.1109/QRS-C.2016.14

A study on the state of practice in security situational awareness. / Kanstrén, Teemu; Evesti, Antti.

Software Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on . Institute of Electrical and Electronic Engineers IEEE, 2016. p. 69-76.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - A study on the state of practice in security situational awareness

AU - Kanstrén, Teemu

AU - Evesti, Antti

PY - 2016/9/22

Y1 - 2016/9/22

N2 - We present the results of an interview study on the state of practice for Situational Awareness (SA) in the cybersecurity industry. Representatives from four global companies providing cybersecurity monitoring and analysis services and products were interviewed to get a view into the current state of practice in SA. The interviews were performed as a form of thematic interview, resulting in the classification of the results in three main areas of SA, i.e., how security is modelled, what information is collected, and how the data is analyzed. We describe the topics covered by the interviews, the common issues and methods, their differences, and provide a summary view on the current state of security monitoring and analysis in the cybersecurity industry. We also describe potential future work in terms of identified challenges in the area. The results help understand various aspects of cybersecurity situational awareness, to identify gaps between research and practice, and to build holistic SA solutions.

AB - We present the results of an interview study on the state of practice for Situational Awareness (SA) in the cybersecurity industry. Representatives from four global companies providing cybersecurity monitoring and analysis services and products were interviewed to get a view into the current state of practice in SA. The interviews were performed as a form of thematic interview, resulting in the classification of the results in three main areas of SA, i.e., how security is modelled, what information is collected, and how the data is analyzed. We describe the topics covered by the interviews, the common issues and methods, their differences, and provide a summary view on the current state of security monitoring and analysis in the cybersecurity industry. We also describe potential future work in terms of identified challenges in the area. The results help understand various aspects of cybersecurity situational awareness, to identify gaps between research and practice, and to build holistic SA solutions.

KW - interviews

KW - monitoring

KW - computer security

KW - industries

KW - companies

KW - data visualization

U2 - 10.1109/QRS-C.2016.14

DO - 10.1109/QRS-C.2016.14

M3 - Conference article in proceedings

SN - 978-1-5090-3714-8

SP - 69

EP - 76

BT - Software Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on

PB - Institute of Electrical and Electronic Engineers IEEE

ER -

Kanstrén T, Evesti A. A study on the state of practice in security situational awareness. In Software Quality, Reliability and Security Companion (QRS-C), 2016 IEEE International Conference on . Institute of Electrical and Electronic Engineers IEEE. 2016. p. 69-76 https://doi.org/10.1109/QRS-C.2016.14