Can Cyber Operations Be Made Autonomous? An Answer from the Situational Awareness Viewpoint

Chen Zhong, John Yen, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingChapter

3 Scopus citations

Abstract

Although many building blocks of today’s cyber-defense solutions are already fully automatic, there is still a debate on whether next-generation cyber-defense solutions should be wholly autonomous. In this paper, we contribute to the debate in the context of Cybersecurity Operations Centers (CSOCs), which have been widely established in prominent companies and organizations to achieve cyber situational awareness. Based on the lessons we learned from a recent case study on making CSOC data triage operations more autonomous, we conclude that instead of asking whether cyber operations can be made autonomous or not, it seems more appropriate to ask the following questions: (a) How to make cyber operations more autonomous? (b) What is the right research roadmap for making cyber operations more autonomous? We also comment on what should be the current frontier in building a significantly better CSOC.

Original languageEnglish (US)
Title of host publicationAdaptive Autonomous Secure Cyber Systems
PublisherSpringer International Publishing
Pages63-88
Number of pages26
ISBN (Electronic)9783030334321
ISBN (Print)9783030334314
DOIs
StatePublished - Jan 1 2020

All Science Journal Classification (ASJC) codes

  • General Computer Science

Fingerprint

Dive into the research topics of 'Can Cyber Operations Be Made Autonomous? An Answer from the Situational Awareness Viewpoint'. Together they form a unique fingerprint.

Cite this