期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2020
卷号:98
期号:24
页码:3972-3982
出版社:Journal of Theoretical and Applied
摘要:The worldwide digital transformation of organizations in all sectors makes them depend increasingly on technology services which indirectly increases the risk of threats and cyber-attacks. Hence, organizations utilize Security Operation Centers (SOCs) to monitor their digital infrastructure for potential cyber incidents. SOC receives and collects information and consequently makes decisions and issues orders or commands. The increment utilization of SOC as a part of cyber security strategy has led to several studies in improving SOC operations. However, few studies have focused on challenges faced by the management and technical staffs working in SOCs. This paper aims to identify these challenges by conducting a qualitative study on SOCs in organizations from different industry sectors in Saudi Arabia. Analyzing the interview data determines the technical and non-technical issues that exist in SOC. The main challenges of SOCs are high false positive rate, low quality of threat intelligence, slow response speed, low visibility on devices and network, and insufficient automation level. Moreover, there are disagreements between managers and SOCs� employee which could affect SOC efficiency and effectiveness if not addressed. The future research directions are presented highlighting the real-world needs of SOCs.
