Technical Performance Metrics of a Security Operations Center
Forsberg, J., & Frantti, T. (2023). Technical Performance Metrics of a Security Operations Center. Computers and Security, 135, Article 103529. https://doi.org/10.1016/j.cose.2023.103529
Published in
Computers and SecurityDate
2023Copyright
© 2023 The Author(s). Published by Elsevier Ltd.
This research introduces a novel framework for creating metrics intended for security operations centers (SOCs). The framework is developed using the design science research methodology and has been validated by generating four novel metrics to assess the technical performance of a SOC. Additionally, the study examines the existing landscape of metrics for SOCs and concludes that a majority of the metrics discussed in the literature primarily focus on operational aspects rather than technical performance. The absence of adequate technical performance metrics makes it challenging to accurately evaluate the tangible impact of a SOC on overall cyber defense capabilities. The research also highlights the insufficiency of current methods in constructing metrics and frameworks tailored for measuring SOCs' technical performance. The resulting framework offers SOCs means to create high-quality metrics for performance evaluation. Furthermore, the metrics the framework was validated with offer
...
Publisher
ElsevierISSN Search the Publication Forum
0167-4048Keywords
Publication in research information system
https://converis.jyu.fi/converis/portal/detail/Publication/193402946
Metadata
Show full item recordCollections
Related funder(s)
Business FinlandFunding program(s)
Co-Innovation, BFAdditional information about funding
The research was supported by Business Finland (grant number 10/31/2022) and the University of Jyväskylä.License
Except where otherwise noted, this item's license is described as CC BY 4.0