Download PDFOpen PDF in browser

Exploring Cognition and Proficiency in Cybersecurity Incident Response: Description of a Subject-Matter Expert Interview

10 pagesPublished: July 12, 2024

Abstract

Cybersecurity incident response presents significant challenges, exacerbated by a limited understanding of the cognitive processes employed by cybersecurity professionals. Cognitive task analysis (CTA) is a valuable tool to address this knowledge gap and inform evaluation, training, and design of cybersecurity systems. However, the required access and cost have limited the number and scope of CTAs in cybersecurity. Therefore, a need exists for CTA-derived insights about incident response and methodology of CTA to support data collection in this rapidly evolving domain. In this paper, we explore some of the challenges specific to CTA in the context of incident response, present an example demonstrating how CTA facilitates insights by examining results obtained from a single subject matter expert (SME), and describe the role of CTA in our ongoing mixed methods research program. The application of CTA in supporting quantitative research holds promise for advancing cyber defense strategies.

Keyphrases: case study, cognitive task analysis, computer network defense, cybersecurity, incident response, mixed methods

In: Kenneth Baclawski, Michael Kozak, Kirstie Bellman, Giuseppe D'Aniello, Alicia Ruvinsky and Candida Da Silva Ferreira Barreto (editors). Proceedings of Conference on Cognitive and Computational Aspects of Situation Management 2023, vol 102, pages 44-53.

BibTeX entry
@inproceedings{CogSIMA2023:Exploring_Cognition_Proficiency_Cybersecurity,
  author    = {David Schuster and Crystal M. Fausett and Jenna Korentsides and Sabina Mitesh Patel and Elizabeth H. Lazzara and Joseph R. Keebler},
  title     = {Exploring Cognition and Proficiency in Cybersecurity Incident Response: Description of a Subject-Matter Expert Interview},
  booktitle = {Proceedings of Conference on Cognitive and Computational Aspects of Situation Management 2023},
  editor    = {Kenneth Baclawski and Michael Kozak and Kirstie Bellman and Giuseppe D'Aniello and Alicia Ruvinsky and Candida Da Silva Ferreira Barreto},
  series    = {EPiC Series in Computing},
  volume    = {102},
  publisher = {EasyChair},
  bibsource = {EasyChair, https://easychair.org},
  issn      = {2398-7340},
  url       = {/publications/paper/Wtpl},
  doi       = {10.29007/gt9r},
  pages     = {44-53},
  year      = {2024}}
Download PDFOpen PDF in browser