TY - GEN
T1 - Cyber situation awareness as distributed socio-cognitive work
AU - Tyworth, Michael
AU - Giacobe, Nicklaus A.
AU - Mancuso, Vincent
PY - 2012
Y1 - 2012
N2 - A key challenge for human cybersecurity operators is to develop an understanding of what is happening within, and to, their network. This understanding, or situation awareness, provides the cognitive basis for human operators to take action within their environments. Yet developing situation awareness of cyberspace (cyber-SA) is understood to be extremely difficult given the scope of the operating environment, the highly dynamic nature of the environment and the absence of physical constraints that serve to bound the cognitive task23. As a result, human cybersecurity operators are often "flying blind" regarding understanding the source, nature, and likely impact of malicious activity on their networked assets. In recent years, many scholars have dedicated their attention to finding ways to improve cyber-SA in human operators. In this paper we present our findings from our ongoing research of how cybersecurity analysts develop and maintain cyber-SA. Drawing from over twenty interviews of analysts working in the military, government, industrial, and educational domains, we find that cyber-SA to be distributed across human operators and technological artifacts operating in different functional areas.
AB - A key challenge for human cybersecurity operators is to develop an understanding of what is happening within, and to, their network. This understanding, or situation awareness, provides the cognitive basis for human operators to take action within their environments. Yet developing situation awareness of cyberspace (cyber-SA) is understood to be extremely difficult given the scope of the operating environment, the highly dynamic nature of the environment and the absence of physical constraints that serve to bound the cognitive task23. As a result, human cybersecurity operators are often "flying blind" regarding understanding the source, nature, and likely impact of malicious activity on their networked assets. In recent years, many scholars have dedicated their attention to finding ways to improve cyber-SA in human operators. In this paper we present our findings from our ongoing research of how cybersecurity analysts develop and maintain cyber-SA. Drawing from over twenty interviews of analysts working in the military, government, industrial, and educational domains, we find that cyber-SA to be distributed across human operators and technological artifacts operating in different functional areas.
UR - http://www.scopus.com/inward/record.url?scp=84870169890&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84870169890&partnerID=8YFLogxK
U2 - 10.1117/12.919338
DO - 10.1117/12.919338
M3 - Conference contribution
AN - SCOPUS:84870169890
SN - 9780819490865
T3 - Proceedings of SPIE - The International Society for Optical Engineering
BT - Cyber Sensing 2012
PB - SPIE
T2 - Cyber Sensing 2012
Y2 - 24 April 2012 through 25 April 2012
ER -