Affiliation:
1. Policy Dynamics Inc. 8 Heather Place, New Hamburg Ontario Canada N3A 2G5
2. Retired Annapolis MD. USA 21401
Abstract
AbstractIn this paper, we explore the concept of operational resilience of a network or system of computer systems, focusing on the processes of a cybersecurity team within the multi‐disciplinary network security operations center. The computer system under examination has faced a cyber‐attack that has reduced its capability. The organization's reputation is damaged temporarily but can be restored if the network security operations center can quickly restore the organization's ability to produce desired results. After a cyber‐attack, we examine the processes for restoring the system's capability to its original level. These processes will happen sequentially and require close coordination of the cybersecurity team members. We examine a balanced and adaptive assignment policy within the cybersecurity organization to the various processes, showing how these policies can impact the speed with which the system's capability can be restored. Our findings reveal that the adaptive assignment policy among the team members can increase the system restoration rate even though recovering the complete capability of the system may be the same.
Reference14 articles.
1. Exploring the Concept of Seismic Resilience for Acute Care Facilities
2. Bule Guise “A Guide to The Cyber Security Operations Center” Information Systems Security (ITSEC) https://itsec.group/blog-post-csoc-guide.html (Accessed March 31 2024)
3. Sociometrics and observational assessment of teaming and leadership in a cyber security defense competition
4. Crowley Chris2019 Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey SANS Institute.