A Team-Level Perspective of Human Factors in Cyber Security: Security Operations Centers

  • Balázs Péter HámornikEmail author
  • Csaba Krasznay
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 593)


The paper aims to establish a research framework: encompass various fields of interest that have not been linked previously: the information security, the computer supported collaborative work (CSCW), and team cognition in high-risk situations. Where they meet in practice are the Security Operations Centers (SOCs). These security organization units rely on teamwork of experts and they collaborate under high time pressure. They must react as fast as possible to protect the enterprise assets and data. To understand and support their work the research should focus on them as a team. We are highlighting perspectives to understand the teamwork in SOCs.


Human factors Security Operations Center Teamwork Computer supported collaborative work 



The research is sponsored by the Government of Hungary under Grant No. KÖFOP-2.1.2.-VEKOP-15-2016-00001.


  1. 1.
    Juhász, M., Soós, J.K.: Impact of non-technical skills on NPP teams’ performance: task load effects on communication. In: 2007 IEEE 8th Human Factors and Power Plants and HPRCT 13th Annual Meeting (2007)Google Scholar
  2. 2.
    Sexton, J.B.B., Helmreich, R.L.L.: Analyzing cockpit communications: the links between language, performance, error, and workload. In: Proceedings of the Tenth International Symposium on Aviation Psychology, pp. 689–695 (1999)Google Scholar
  3. 3.
    Antalovits, M., Izsó, L.: A methodology for assessing and developing teamwork in cognitively demanding jobs. Period. Polytech. Soc. Manag. Sci. 7, 105–118 (1999)Google Scholar
  4. 4.
    Burtscher, M.J., Wacker, J., Grote, G., Manser, T.: Managing nonroutine events in anesthesia: the role of adaptive coordination. Hum. Fact. J. Hum. Fact. Ergon. Soc. 52, 282–294 (2010)CrossRefGoogle Scholar
  5. 5.
    Hutchins, E.: Cognition in the Wild. MIT Press, Cambridge (1995)Google Scholar
  6. 6.
    Schmutz, J., Hoffmann, F., Heimberg, E., Manser, T.: Effective coordination in medical emergency teams: the moderating role of task type. Eur. J. Work Organ. Psychol. 24, 761–776 (2015)CrossRefGoogle Scholar
  7. 7.
    Muniz, J., McIntyre, G., AlFardan, N.: Security Operations Center: Building, Operating, and Maintaining Your SOC. Cisco Press, Indianapolis (2015)Google Scholar
  8. 8.
    Forte, D.: An inside look at security operation centres. Netw. Secur. 2003, 11–12 (2003)Google Scholar
  9. 9.
    Ahmad, A., Maynard, S.B., Shanks, G.: A case analysis of information systems and security incident responses. Int. J. Inf. Manag. 35, 717–723 (2015)CrossRefGoogle Scholar
  10. 10.
    Forte, D.: State of the art security management. Comput. Fraud Secur. 2009, 17–18 (2009)Google Scholar
  11. 11.
  12. 12.
    Levi, D.: Group Dynamics for Teams. Sage, Thousand Oaks (2011)Google Scholar
  13. 13.
    Mohammed, S., Klimoski, R., Rentsch, J.R.: The measurement of team mental models: we have no shared schema. Organ. Res. Methods 3, 123–165 (2000)CrossRefGoogle Scholar
  14. 14.
    Klimoski, R., Mohammed, S.: Team mental model: construct or metaphor? J. Manag. 20, 403–437 (1994)Google Scholar
  15. 15.
    Cooke, N.J., Salas, E., Cannon-Bowers, J.A., Stout, R.J.: Measuring team knowledge. Hum. Fact. 42, 151–173 (2000)CrossRefGoogle Scholar
  16. 16.
    Banks, A.P., Millward, L.J.: Differentiating knowledge in teams: the effect of shared declarative and procedural knowledge on team performance. Gr. Dyn. Theor. Res. Pract. 11, 95–106 (2007)CrossRefGoogle Scholar
  17. 17.
    Hámornik, B.P., Köles, M., Komlódi, A., Hercegfi, K., Izsó, L.: Features of collaboration in the VirCA immersive 3D environment. In: Stanney, K., Hale, K.S. (eds.) Proceedings of Advances in Cognitive Engineering and Neuroergonomics - AHFE 2014, pp. 130–139. The AHFE Conference, Krakow (2014)Google Scholar
  18. 18.
    Carstensen, P.H., Schmidt, K.: Computer supported cooperative work: new challenges to systems design. In: Itoh, K. (ed.) Handbook of Human Factors, pp. 619–636. Asakura Publishing, Tokyo (1999)Google Scholar
  19. 19.
    Wilson, P.A. (Advanced Concepts Branch, Central Computer and Telecommunications Agency, Treasury, Great Britain): Computer Supported Cooperative Work: An Introduction. Intellect, Oxford (1991)Google Scholar
  20. 20.
    Baecker, R.M., Grudin, J., Buxton, W.A.S., Greenberg, S.: Readings in Human-Computer Interaction: Toward the Year 2000, 2nd edn, p. 595. Elsevier, Saint Louis (1995)Google Scholar
  21. 21.
  22. 22.
    Werlinger, R., Muldner, K., Hawkey, K., Beznosov, K.: Preparation, detection, and analysis: the diagnostic work of IT security incident response. Inf. Manag. Comput. Secur. 18, 26–42 (2010)CrossRefGoogle Scholar
  23. 23.
    Goodall, J.R., Ozok, A.A., Lutters, W.G., Rheingans, P., Komlodi, A.: A user-centered approach to visualizing network traffic for intrusion detection. In: CHI 2005 Extended Abstracts on Human Factors in Computing Systems – CHI 2005. p. 1403. ACM Press, New York (2005)Google Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  1. 1.Department of Ergonomics and PsychologyBudapest University of Technology and EconomicsBudapestHungary
  2. 2.Institute of E-governmentNational University of Public ServiceBudapestHungary

Personalised recommendations