"Researcher Will Use NSF Award to Fortify and Improve Security Operations Centers"

A researcher at the University of Kansas School of Engineering received the Faculty Early Career Development (CAREER) Program award from the National Science Foundation (NSF) in support of investigating how to improve the effectiveness of Security Operations Centers (SOCs). These centers are centralized facilities put in place to handle security issues and protect enterprise computer networks for private industry, academic institutions, and government organizations. According to Alexandru Bardas, assistant professor in KU's Department of Electrical Engineering and Computer Science (EECS), SOCs are usually deployed to manage organizations' network operations, combat threats in cyberspace, and maintain regulatory compliance. Automation and metrics are essential elements in SOCs, but security-driven automation in such environments is often implemented in ad hoc ways and not accurately reflected in the metrics. Bardas says current solutions fail to capture all dimensions of automation. He also pointed out that enterprise networks normally have either partial technical solutions to security challenges that are both social and technical or social frameworks that do not fully understand the technical elements of enterprise network security, thus resulting in a one-size-fits-all solution that adds to SOCs' inefficiencies. The KU researcher will work on creating a framework that customizes security-focused automation for operational environments, assesses the humans' role in this process, and reflects the results in the metrics. The main goal of the framework is to connect an organization's technical capabilities to its social structure. This work will involve different approaches, such as the design of dynamic abstractions, the performance of ethnographic studies, and more. This article continues to discuss the project aimed at increasing the effectiveness of SOCs.

KU reports "Researcher Will Use NSF Award to Fortify and Improve Security Operations Centers"

 

Submitted by Anonymous on