SlideShare a Scribd company logo

Supporting Cyber Security Teams

Download as PPTX, PDF
Rick van der Kleij
Rick van der Kleij

1) The document discusses developing a digital teammate to support collaborative sensemaking in cyber security incident response teams. 2) It identifies challenges such as the large amounts of information analysts must process and the ad-hoc and time-constrained nature of their work. 3) The proposed digital teammate would provide tools to facilitate sensemaking, team and incident awareness, and connect different sites to potentially help teams handle incidents better and faster.

Science
1 of 22
TOWARDS A DIGITAL TEAMMATE TO SUPPORT SENSEMAKING IN CYBER SECURITY TEAMS iHSI 2018 | Dr. Rick van der Kleij
CYBER SECURITY Cyber security is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide; Cyber security includes protecting against harm that may come due to malpractice by insiders (e.g., employees), whether intentional or accidental. Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams 08 January 2018
08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
CYBER SECURITY PROFESSIONALS Business processe s
HEADLINES: CYBER SECURITY = TEAMWORK http://www.csoonline.com/article/2844133/data-protection/chertoff-cybersecurity-takes-teamwork.html https://forums.juniper.net/t5/Government-Trends-and-Insights/IMPROVING-CYBERSECURITY-REQUIRES-TEAMWORK-AND-COLLABORATION/ba-p/283544
PROBLEM DEFINITION Cyber security teams have a crucial role in protecting business processes and critical infrastructure; The information environment in cyber security can be characterized as a ‘big data problem’ for human analysts who have to process the large amounts of information to detect attacks; Professionals often have to work on an ad-hoc basis, in close cooperation with other teams, and in time constrained and distributed environments; Failure is not an option; It could be argued that under these working conditions these teams would be likely to encounter problems.
PURPOSE & RESEARCH QUESTION Purpose: To investigate the need for support in professional Cyber Security Teams Research Question: “Are there any needs for improvements or issues that need to be resolved, and, if yes, how could support look like?“
USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
CYBER SECURITY NEEDS MODEL Organization needs Team Performance needs Individual needs Instrumental needs Needs that pertain to Incident handling behavior or tangible outcomes, such as time to identification, or ability to remove threat Needs that pertain to the state of the team or level of team performance required for satisfactory functioning, such as team structure Needs that pertain to the individual’s abilities or attitudes, such as job satisfaction or team orientation Interventions or tools that are required to obtain a satisfactory level of functioning Van der Kleij, R. Kleinhuis, G., & Young, H. (2017). Computer Security Incident Response Team Effectiveness: A Needs Assessment. Frontiers in Psychology, 8, 1-8. Special issue on Mastering Cyberpower: Cognitive Sciences and The Human Factor in Civilian and Military Cyber Security
‘DATA FRAME MODEL OF SENSEMAKING’ “What is happening?”
08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
EVIDENCE/ARGUMENTS MAPPING 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
PREMORTEM IN CYBER SECURITY? 1. Image that several hours have passed 2. Your [emergence response to contain the incident/ incident analysis] has been shown to be an utter disaster 3. Briefly explain why it was a disaster 4. Think of ways to address threats to success 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
DIVERSE PHASE OF THE DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams Innovative Digital assistant human aware Provides for incident and team awareness Observable, predictable and directableAble to connect different sites Facilitates sensemaking Lead to better & faster incident handlings services
USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
17 | Computer Security Incident Response Teams “John is available” “Could he be of assistance to you?” “What is the best approach to mitigate this threat?”
Innovating for Cyber Security Professionals
USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
THE WAY FORWARD Our prototype is a first iteration of a support concept, integrating many needs on process and team support; We are now in the process of developing ways to enhance collaborative sensemaking in Security Operation Centres and Computer Security Incident Response Teams; Cyber security, as a system state, is dependant not only on human behaviour of target & threat entities, but on teamwork of cybersecurity professionals as well. 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
THANK YOU FOR YOUR ATTENTION Take a look: TIME.TNO.NL

Recommended

Case study: Managed Services for Network and Security Devices - Happiest Minds
Case study: Managed Services for Network and Security Devices - Happiest MindsCase study: Managed Services for Network and Security Devices - Happiest Minds
Case study: Managed Services for Network and Security Devices - Happiest MindsHappiest Minds Technologies
 
Elastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElasticsearch
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security InfographicIdeba
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...STASH | Datacentric Security
 
Case Study: Risk Assessment & Security Strategy Definition - Happiest Minds
Case Study: Risk Assessment & Security Strategy Definition - Happiest MindsCase Study: Risk Assessment & Security Strategy Definition - Happiest Minds
Case Study: Risk Assessment & Security Strategy Definition - Happiest MindsHappiest Minds Technologies
 
Infographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityInfographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityIntronis MSP Solutions by Barracuda
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security EbookIdeba
 
Millions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQMillions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQNetIQ
 

Recommended

Case study: Managed Services for Network and Security Devices - Happiest Minds
Case study: Managed Services for Network and Security Devices - Happiest MindsCase study: Managed Services for Network and Security Devices - Happiest Minds
Case study: Managed Services for Network and Security Devices - Happiest MindsHappiest Minds Technologies
 
Elastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElasticsearch
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security InfographicIdeba
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...STASH | Datacentric Security
 
Case Study: Risk Assessment & Security Strategy Definition - Happiest Minds
Case Study: Risk Assessment & Security Strategy Definition - Happiest MindsCase Study: Risk Assessment & Security Strategy Definition - Happiest Minds
Case Study: Risk Assessment & Security Strategy Definition - Happiest MindsHappiest Minds Technologies
 
Infographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityInfographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityIntronis MSP Solutions by Barracuda
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security EbookIdeba
 
Millions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQMillions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQNetIQ
 
NUS-ISS Learning Day 2018-Leading conversation in IoT security
NUS-ISS Learning Day 2018-Leading conversation in IoT securityNUS-ISS Learning Day 2018-Leading conversation in IoT security
NUS-ISS Learning Day 2018-Leading conversation in IoT securityNUS-ISS
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...Scalar Decisions
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security PresentationIdeba
 
Case study: ISO 27001 Certification Readiness - Happiest Minds
Case study: ISO 27001 Certification Readiness - Happiest MindsCase study: ISO 27001 Certification Readiness - Happiest Minds
Case study: ISO 27001 Certification Readiness - Happiest MindsHappiest Minds Technologies
 
Haystax Technology - About Us
Haystax Technology - About UsHaystax Technology - About Us
Haystax Technology - About UsHaystax Technology
 
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQ
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQThe Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQ
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQElasticsearch
 
Whole Person Risk Modeling
Whole Person Risk ModelingWhole Person Risk Modeling
Whole Person Risk ModelingHaystax Technology
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax Technology
 
Track-2307_KUKREJA.potx
Track-2307_KUKREJA.potxTrack-2307_KUKREJA.potx
Track-2307_KUKREJA.potxPuneet Kukreja
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsInterset
 
What is still missed for security real life facts
What is still missed for security real life factsWhat is still missed for security real life facts
What is still missed for security real life factsAladdin Dandis
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Tracey Ong
 
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...Sonia Usih, PMP, MCPM, BSc.
 
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Fujitsu Middle East
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNorth Texas Chapter of the ISSA
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesThe TNS Group
 
How to make managed services work
How to make managed services workHow to make managed services work
How to make managed services workJacklyn Johnson
 
Hacked: Threats, Trends and the Power of Connected Data
Hacked: Threats, Trends and the Power of Connected DataHacked: Threats, Trends and the Power of Connected Data
Hacked: Threats, Trends and the Power of Connected DataNeo4j
 
Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsBit Stew Systems
 
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTORgree_tech
 
The 10 most trusted cyber threat solution providers
The 10 most trusted cyber threat solution providersThe 10 most trusted cyber threat solution providers
The 10 most trusted cyber threat solution providersInsights success media and technology pvt ltd
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionMike Wons
 

More Related Content

What's hot

NUS-ISS Learning Day 2018-Leading conversation in IoT security
NUS-ISS Learning Day 2018-Leading conversation in IoT securityNUS-ISS Learning Day 2018-Leading conversation in IoT security
NUS-ISS Learning Day 2018-Leading conversation in IoT securityNUS-ISS
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...Scalar Decisions
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security PresentationIdeba
 
Case study: ISO 27001 Certification Readiness - Happiest Minds
Case study: ISO 27001 Certification Readiness - Happiest MindsCase study: ISO 27001 Certification Readiness - Happiest Minds
Case study: ISO 27001 Certification Readiness - Happiest MindsHappiest Minds Technologies
 
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQ
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQThe Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQ
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQElasticsearch
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax Technology
 
Track-2307_KUKREJA.potx
Track-2307_KUKREJA.potxTrack-2307_KUKREJA.potx
Track-2307_KUKREJA.potxPuneet Kukreja
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsInterset
 
What is still missed for security real life facts
What is still missed for security real life factsWhat is still missed for security real life facts
What is still missed for security real life factsAladdin Dandis
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Tracey Ong
 
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...Sonia Usih, PMP, MCPM, BSc.
 
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Fujitsu Middle East
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNorth Texas Chapter of the ISSA
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesThe TNS Group
 
How to make managed services work
How to make managed services workHow to make managed services work
How to make managed services workJacklyn Johnson
 
Hacked: Threats, Trends and the Power of Connected Data
Hacked: Threats, Trends and the Power of Connected DataHacked: Threats, Trends and the Power of Connected Data
Hacked: Threats, Trends and the Power of Connected DataNeo4j
 
Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsBit Stew Systems
 
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTORgree_tech
 

What's hot (20)

NUS-ISS Learning Day 2018-Leading conversation in IoT security
NUS-ISS Learning Day 2018-Leading conversation in IoT securityNUS-ISS Learning Day 2018-Leading conversation in IoT security
NUS-ISS Learning Day 2018-Leading conversation in IoT security
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security Presentation
 
Case study: ISO 27001 Certification Readiness - Happiest Minds
Case study: ISO 27001 Certification Readiness - Happiest MindsCase study: ISO 27001 Certification Readiness - Happiest Minds
Case study: ISO 27001 Certification Readiness - Happiest Minds
 
Haystax Technology - About Us
Haystax Technology - About UsHaystax Technology - About Us
Haystax Technology - About Us
 
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQ
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQThe Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQ
The Engine Behind 'Discovery': Elasticsearch Service @ CreatorIQ
 
Whole Person Risk Modeling
Whole Person Risk ModelingWhole Person Risk Modeling
Whole Person Risk Modeling
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence Platform
 
Track-2307_KUKREJA.potx
Track-2307_KUKREJA.potxTrack-2307_KUKREJA.potx
Track-2307_KUKREJA.potx
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security Analytics
 
What is still missed for security real life facts
What is still missed for security real life factsWhat is still missed for security real life facts
What is still missed for security real life facts
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
 
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
 
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting Services
 
How to make managed services work
How to make managed services workHow to make managed services work
How to make managed services work
 
Hacked: Threats, Trends and the Power of Connected Data
Hacked: Threats, Trends and the Power of Connected DataHacked: Threats, Trends and the Power of Connected Data
Hacked: Threats, Trends and the Power of Connected Data
 
Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile Analytics
 
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR
[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR
 

Similar to Supporting Cyber Security Teams

Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionMike Wons
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasInterset
 
Cultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurityCultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurityDavid X Martin
 
Akamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security reportAkamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security reportYuriy Yuzifovich
 
Human factors in cybersecurity: Needs assessment
Human factors in cybersecurity: Needs assessment Human factors in cybersecurity: Needs assessment
Human factors in cybersecurity: Needs assessment Rick van der Kleij
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementMighty Guides, Inc.
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?Cognizant
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameTatainteractive1
 
The Importance of Cybersecurity in Software Development.pdf
The Importance of Cybersecurity in Software Development.pdfThe Importance of Cybersecurity in Software Development.pdf
The Importance of Cybersecurity in Software Development.pdfsphinx Worldbiz
 
Cybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & PracticesCybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & PracticesJoseph DeFever
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceChristian F. Nissen
 

Similar to Supporting Cyber Security Teams (20)

The 10 most trusted cyber threat solution providers
The 10 most trusted cyber threat solution providersThe 10 most trusted cyber threat solution providers
The 10 most trusted cyber threat solution providers
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital Disruption
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum Dallas
 
Cultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurityCultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurity
 
Akamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security reportAkamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security report
 
Human factors in cybersecurity: Needs assessment
Human factors in cybersecurity: Needs assessment Human factors in cybersecurity: Needs assessment
Human factors in cybersecurity: Needs assessment
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat Management
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
The 10 most trusted companies in enterprise security 2019
The 10 most trusted companies in enterprise security 2019The 10 most trusted companies in enterprise security 2019
The 10 most trusted companies in enterprise security 2019
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
 
Cyber security trends 2018
Cyber security trends 2018Cyber security trends 2018
Cyber security trends 2018
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious Game
 
The Importance of Cybersecurity in Software Development.pdf
The Importance of Cybersecurity in Software Development.pdfThe Importance of Cybersecurity in Software Development.pdf
The Importance of Cybersecurity in Software Development.pdf
 
Gill_Pat.2016.Resume.CISO.1
Gill_Pat.2016.Resume.CISO.1Gill_Pat.2016.Resume.CISO.1
Gill_Pat.2016.Resume.CISO.1
 
9545-RR-Why-Use-MSSP
9545-RR-Why-Use-MSSP9545-RR-Why-Use-MSSP
9545-RR-Why-Use-MSSP
 
Cybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & PracticesCybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & Practices
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber Resilience
 

More from Rick van der Kleij

Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!Rick van der Kleij
 
Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime Rick van der Kleij
 
Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag Rick van der Kleij
 
Human factors in cybersecurity
Human factors in cybersecurity Human factors in cybersecurity
Human factors in cybersecurity Rick van der Kleij
 
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)Rick van der Kleij
 
Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet) Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet) Rick van der Kleij
 
Social media for influence operations
Social media for influence operationsSocial media for influence operations
Social media for influence operationsRick van der Kleij
 
Opportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approachOpportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approachRick van der Kleij
 
Boundary spanning in military operations
Boundary spanning in military operationsBoundary spanning in military operations
Boundary spanning in military operationsRick van der Kleij
 
Coordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalitiesCoordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalitiesRick van der Kleij
 

More from Rick van der Kleij (11)

Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!
 
Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime
 
Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag
 
Human factors in cybersecurity
Human factors in cybersecurity Human factors in cybersecurity
Human factors in cybersecurity
 
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
 
Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet) Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet)
 
Social media for influence operations
Social media for influence operationsSocial media for influence operations
Social media for influence operations
 
Landmacht 2.0 sociale media
Landmacht 2.0 sociale mediaLandmacht 2.0 sociale media
Landmacht 2.0 sociale media
 
Opportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approachOpportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approach
 
Boundary spanning in military operations
Boundary spanning in military operationsBoundary spanning in military operations
Boundary spanning in military operations
 
Coordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalitiesCoordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalities
 

Recently uploaded

User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)Columbia Weather Systems
 
BUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdf
BUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdfBUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdf
BUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdfWildaNurAmalia2
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Nistarini College, Purulia (W.B) India
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfSELF-EXPLANATORY
 
Microphone- characteristics,carbon microphone, dynamic microphone.pptx
Microphone- characteristics,carbon microphone, dynamic microphone.pptxMicrophone- characteristics,carbon microphone, dynamic microphone.pptx
Microphone- characteristics,carbon microphone, dynamic microphone.pptxpriyankatabhane
 
preservation, maintanence and improvement of industrial organism.pptx
preservation, maintanence and improvement of industrial organism.pptxpreservation, maintanence and improvement of industrial organism.pptx
preservation, maintanence and improvement of industrial organism.pptxnoordubaliya2003
 
TOPIC 8 Temperature and Heat.pdf physics
TOPIC 8 Temperature and Heat.pdf physicsTOPIC 8 Temperature and Heat.pdf physics
TOPIC 8 Temperature and Heat.pdf physicsssuserddc89b
 
Pests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdfPests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdfPirithiRaju
 
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptxSTOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptxMurugaveni B
 
Pests of soyabean_Binomics_IdentificationDr.UPR.pdf
Pests of soyabean_Binomics_IdentificationDr.UPR.pdfPests of soyabean_Binomics_IdentificationDr.UPR.pdf
Pests of soyabean_Binomics_IdentificationDr.UPR.pdfPirithiRaju
 
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPirithiRaju
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxSwapnil Therkar
 
OECD bibliometric indicators: Selected highlights, April 2024
OECD bibliometric indicators: Selected highlights, April 2024OECD bibliometric indicators: Selected highlights, April 2024
OECD bibliometric indicators: Selected highlights, April 2024innovationoecd
 
Pests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdfPests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdfPirithiRaju
 
GenBio2 - Lesson 1 - Introduction to Genetics.pptx
GenBio2 - Lesson 1 - Introduction to Genetics.pptxGenBio2 - Lesson 1 - Introduction to Genetics.pptx
GenBio2 - Lesson 1 - Introduction to Genetics.pptxBerniceCayabyab1
 
User Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather StationUser Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather StationColumbia Weather Systems
 
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxLIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxmalonesandreagweneth
 
THE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptx
THE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptxTHE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptx
THE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptxNandakishor Bhaurao Deshmukh
 

Recently uploaded (20)

User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
 
Volatile Oils Pharmacognosy And Phytochemistry -I
Volatile Oils Pharmacognosy And Phytochemistry -IVolatile Oils Pharmacognosy And Phytochemistry -I
Volatile Oils Pharmacognosy And Phytochemistry -I
 
BUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdf
BUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdfBUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdf
BUMI DAN ANTARIKSA PROJEK IPAS SMK KELAS X.pdf
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
 
Microphone- characteristics,carbon microphone, dynamic microphone.pptx
Microphone- characteristics,carbon microphone, dynamic microphone.pptxMicrophone- characteristics,carbon microphone, dynamic microphone.pptx
Microphone- characteristics,carbon microphone, dynamic microphone.pptx
 
preservation, maintanence and improvement of industrial organism.pptx
preservation, maintanence and improvement of industrial organism.pptxpreservation, maintanence and improvement of industrial organism.pptx
preservation, maintanence and improvement of industrial organism.pptx
 
TOPIC 8 Temperature and Heat.pdf physics
TOPIC 8 Temperature and Heat.pdf physicsTOPIC 8 Temperature and Heat.pdf physics
TOPIC 8 Temperature and Heat.pdf physics
 
Pests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdfPests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdf
 
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptxSTOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
 
Pests of soyabean_Binomics_IdentificationDr.UPR.pdf
Pests of soyabean_Binomics_IdentificationDr.UPR.pdfPests of soyabean_Binomics_IdentificationDr.UPR.pdf
Pests of soyabean_Binomics_IdentificationDr.UPR.pdf
 
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
 
Hot Sexy call girls in Moti Nagar,🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Moti Nagar,🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Moti Nagar,🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Moti Nagar,🔝 9953056974 🔝 escort Service
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
 
OECD bibliometric indicators: Selected highlights, April 2024
OECD bibliometric indicators: Selected highlights, April 2024OECD bibliometric indicators: Selected highlights, April 2024
OECD bibliometric indicators: Selected highlights, April 2024
 
Pests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdfPests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdf
 
GenBio2 - Lesson 1 - Introduction to Genetics.pptx
GenBio2 - Lesson 1 - Introduction to Genetics.pptxGenBio2 - Lesson 1 - Introduction to Genetics.pptx
GenBio2 - Lesson 1 - Introduction to Genetics.pptx
 
User Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather StationUser Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather Station
 
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxLIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
 
THE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptx
THE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptxTHE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptx
THE ROLE OF PHARMACOGNOSY IN TRADITIONAL AND MODERN SYSTEM OF MEDICINE.pptx
 

Supporting Cyber Security Teams

  • 1. TOWARDS A DIGITAL TEAMMATE TO SUPPORT SENSEMAKING IN CYBER SECURITY TEAMS iHSI 2018 | Dr. Rick van der Kleij
  • 2. CYBER SECURITY Cyber security is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide; Cyber security includes protecting against harm that may come due to malpractice by insiders (e.g., employees), whether intentional or accidental. Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams 08 January 2018
  • 3. 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 5. HEADLINES: CYBER SECURITY = TEAMWORK http://www.csoonline.com/article/2844133/data-protection/chertoff-cybersecurity-takes-teamwork.html https://forums.juniper.net/t5/Government-Trends-and-Insights/IMPROVING-CYBERSECURITY-REQUIRES-TEAMWORK-AND-COLLABORATION/ba-p/283544
  • 6. PROBLEM DEFINITION Cyber security teams have a crucial role in protecting business processes and critical infrastructure; The information environment in cyber security can be characterized as a ‘big data problem’ for human analysts who have to process the large amounts of information to detect attacks; Professionals often have to work on an ad-hoc basis, in close cooperation with other teams, and in time constrained and distributed environments; Failure is not an option; It could be argued that under these working conditions these teams would be likely to encounter problems.
  • 7. PURPOSE & RESEARCH QUESTION Purpose: To investigate the need for support in professional Cyber Security Teams Research Question: “Are there any needs for improvements or issues that need to be resolved, and, if yes, how could support look like?“
  • 8. USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 9. CYBER SECURITY NEEDS MODEL Organization needs Team Performance needs Individual needs Instrumental needs Needs that pertain to Incident handling behavior or tangible outcomes, such as time to identification, or ability to remove threat Needs that pertain to the state of the team or level of team performance required for satisfactory functioning, such as team structure Needs that pertain to the individual’s abilities or attitudes, such as job satisfaction or team orientation Interventions or tools that are required to obtain a satisfactory level of functioning Van der Kleij, R. Kleinhuis, G., & Young, H. (2017). Computer Security Incident Response Team Effectiveness: A Needs Assessment. Frontiers in Psychology, 8, 1-8. Special issue on Mastering Cyberpower: Cognitive Sciences and The Human Factor in Civilian and Military Cyber Security
  • 10. ‘DATA FRAME MODEL OF SENSEMAKING’ “What is happening?”
  • 11. 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 12. EVIDENCE/ARGUMENTS MAPPING 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 13. PREMORTEM IN CYBER SECURITY? 1. Image that several hours have passed 2. Your [emergence response to contain the incident/ incident analysis] has been shown to be an utter disaster 3. Briefly explain why it was a disaster 4. Think of ways to address threats to success 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 14. USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 15. DIVERSE PHASE OF THE DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams Innovative Digital assistant human aware Provides for incident and team awareness Observable, predictable and directableAble to connect different sites Facilitates sensemaking Lead to better & faster incident handlings services
  • 16. USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 17. 17 | Computer Security Incident Response Teams “John is available” “Could he be of assistance to you?” “What is the best approach to mitigate this threat?”
  • 18. Innovating for Cyber Security Professionals
  • 19. USER CENTERED DESIGN 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 20. 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 21. THE WAY FORWARD Our prototype is a first iteration of a support concept, integrating many needs on process and team support; We are now in the process of developing ways to enhance collaborative sensemaking in Security Operation Centres and Computer Security Incident Response Teams; Cyber security, as a system state, is dependant not only on human behaviour of target & threat entities, but on teamwork of cybersecurity professionals as well. 08 January 2018Digital teammate to support collaborative sensemaking in Cyber Security Incident Response Teams
  • 22. THANK YOU FOR YOUR ATTENTION Take a look: TIME.TNO.NL