{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T19:13:29Z","timestamp":1770837209620,"version":"3.50.1"},"reference-count":56,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2024,7,19]],"date-time":"2024-07-19T00:00:00Z","timestamp":1721347200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,7,19]],"date-time":"2024-07-19T00:00:00Z","timestamp":1721347200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100005416","name":"Norges Forskningsr\u00e5d","doi-asserted-by":"publisher","award":["333900"],"award-info":[{"award-number":["333900"]}],"id":[{"id":"10.13039\/501100005416","id-type":"DOI","asserted-by":"publisher"}]},{"name":"NTNU Norwegian University of Science and Technology"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2024,10]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Security operation centers (SOCs) are increasingly established to meet the growing threat against cyber security. The operators of SOCs respond to complex incidents under time constraints. Within critical infrastructure, the consequences of human error or low performance in SOCs may be detrimental. In other domains, situation awareness (SA) has proven useful to understand and measure how operators use information and decide the correct actions. Until now, SA research in SOCs has been restricted by a lack of in-depth studies of SA mechanisms. Therefore, this study is the first to conduct a goal-directed task analysis in a SOC for critical infrastructure. The study was conducted through a targeted series of unstructured and semi-structured interviews with SOC operators and their leaders complemented by a review of documents, incident reports, and in situ observation of work within the SOC and real incidents. Among the presented findings is a goal hierarchy alongside a complete overview of the decisions the operators make during escalated incidents. How the operators gain and use SA in these decisions is presented as a complete set of SA requirements. The findings are accompanied by an analysis of contextual differences in how the operators prioritize goals and use information in network incidents and security incidents. This enables a discussion of what SA processes might be automated and which would benefit from different SA models. The study provides a unique insight into the SA of SOC operators and is thus a steppingstone for bridging the knowledge gap of Cyber SA.<\/jats:p>","DOI":"10.1007\/s10207-024-00872-6","type":"journal-article","created":{"date-parts":[[2024,7,19]],"date-time":"2024-07-19T07:02:41Z","timestamp":1721372561000},"page":"3253-3282","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["The awareness of operators: a goal-directed task analysis in SOCs for critical infrastructure"],"prefix":"10.1007","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3271-3868","authenticated-orcid":false,"given":"H\u00e5vard Jakobsen","family":"Ofte","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,7,19]]},"reference":[{"key":"872_CR1","first-page":"75","volume":"345","author":"EuropeanUnion","year":"2008","unstructured":"EuropeanUnion: Council Directive 2008\/114\/EC of 8 December 2008\u2013on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection. Off. J. Eur. Union 345, 75\u201382 (2008)","journal-title":"Off. J. Eur. Union"},{"issue":"11s","key":"872_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3510410","volume":"54","author":"H Kayan","year":"2022","unstructured":"Kayan, H., et al.: Cybersecurity of industrial cyber-physical systems: a review. ACM Computing Surveys (CSUR) 54(11s), 1\u201335 (2022). https:\/\/doi.org\/10.1145\/3510410","journal-title":"ACM Computing Surveys (CSUR)"},{"key":"872_CR3","doi-asserted-by":"publisher","first-page":"100361","DOI":"10.1016\/j.cosrev.2021.100361","volume":"40","author":"N Chowdhury","year":"2021","unstructured":"Chowdhury, N., Gkioulos, V.: Cyber security training for critical infrastructure protection: a literature review. Comput. Sci. Rev. 40, 100361 (2021). https:\/\/doi.org\/10.1016\/j.cosrev.2021.100361","journal-title":"Comput. Sci. Rev."},{"issue":"17","key":"872_CR4","doi-asserted-by":"publisher","first-page":"4667","DOI":"10.1002\/sec.1657","volume":"9","author":"M Evans","year":"2016","unstructured":"Evans, M., et al.: Human behaviour as an aspect of cybersecurity assurance. Secur. Commun. Netw. 9(17), 4667\u20134679 (2016). https:\/\/doi.org\/10.1002\/sec.1657","journal-title":"Secur. Commun. Netw."},{"issue":"1","key":"872_CR5","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1177\/0018720819875376","volume":"63","author":"MR Endsley","year":"2021","unstructured":"Endsley, M.R.: A systematic review and meta-analysis of direct objective measures of situation awareness: a comparison of SAGAT and SPAM. Hum. Factors 63(1), 124\u2013150 (2021). https:\/\/doi.org\/10.1177\/0018720819875376","journal-title":"Hum. Factors"},{"issue":"3","key":"872_CR6","doi-asserted-by":"publisher","first-page":"2967","DOI":"10.1109\/TPWRS.2013.2240705","volume":"28","author":"M Panteli","year":"2013","unstructured":"Panteli, M., et al.: Assessing the impact of insufficient situation awareness on power system operation. IEEE Trans. Power Syst. 28(3), 2967\u20132977 (2013). https:\/\/doi.org\/10.1109\/TPWRS.2013.2240705","journal-title":"IEEE Trans. Power Syst."},{"issue":"1","key":"872_CR7","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1097\/SIH.0000000000000181","volume":"12","author":"AK Gardner","year":"2017","unstructured":"Gardner, A.K., Kosemund, M., Martinez, J.: Examining the feasibility and predictive validity of the SAGAT tool to assess situation awareness among medical trainees. Simul. Healthc. 12(1), 17\u201321 (2017). https:\/\/doi.org\/10.1097\/SIH.0000000000000181","journal-title":"Simul. Healthc."},{"issue":"3","key":"872_CR8","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1016\/S0925-7535(01)00010-8","volume":"39","author":"NA Stanton","year":"2001","unstructured":"Stanton, N.A., Chambers, P.R., Piggott, J.: Situational awareness and safety. Saf. Sci. 39(3), 189\u2013204 (2001). https:\/\/doi.org\/10.1016\/S0925-7535(01)00010-8","journal-title":"Saf. Sci."},{"key":"872_CR9","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103069","author":"HJ Ofte","year":"2022","unstructured":"Ofte, H.J., Katsikas, S.: Understanding situation awareness in SOCs, a systematic literature review. Comput. Secur. (2022). https:\/\/doi.org\/10.1016\/j.cose.2022.103069","journal-title":"Comput. Secur."},{"key":"872_CR10","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2014.06.008","volume":"46","author":"U Franke","year":"2014","unstructured":"Franke, U., Brynielsson, J.: Cyber situational awareness\u2014a systematic review of the literature. Comput. Secur. 46, 18\u201331 (2014). https:\/\/doi.org\/10.1016\/j.cose.2014.06.008","journal-title":"Comput. Secur."},{"key":"872_CR11","doi-asserted-by":"publisher","DOI":"10.1145\/3384471","author":"R Gutzwiller","year":"2020","unstructured":"Gutzwiller, R., Dykstra, J., Payne, B.: Gaps and opportunities in situational awareness for cybersecurity. Digit. Threat. Res. Pract. (2020). https:\/\/doi.org\/10.1145\/3384471","journal-title":"Digit. Threat. Res. Pract."},{"key":"872_CR12","doi-asserted-by":"publisher","unstructured":"Gutzwiller, R.S., Hunt, S.M., Lange, D.S.: A task analysis toward characterizing cyber-cognitive situation awareness (CCSA) in cyber defense analysts. In: 2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2016. https:\/\/doi.org\/10.1109\/COGSIMA.2016.7497780.","DOI":"10.1109\/COGSIMA.2016.7497780"},{"key":"872_CR13","doi-asserted-by":"crossref","unstructured":"Rajivan, P., Cooke, N.: Impact of team collaboration on cybersecurity situational awareness, In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). 2017. p. 203\u2013226.","DOI":"10.1007\/978-3-319-61152-5_8"},{"key":"872_CR14","doi-asserted-by":"publisher","first-page":"103368","DOI":"10.1016\/j.cose.2023.103368","volume":"132","author":"B Munsinger","year":"2023","unstructured":"Munsinger, B., Beebe, N., Richardson, T.: Virtual reality for improving cyber situational awareness in security operations centers. Comput. Secur. 132, 103368 (2023). https:\/\/doi.org\/10.1016\/j.cose.2023.103368","journal-title":"Comput. Secur."},{"issue":"4","key":"872_CR15","doi-asserted-by":"publisher","first-page":"449","DOI":"10.1080\/00140139.2017.1278796","volume":"60","author":"NA Stanton","year":"2017","unstructured":"Stanton, N.A., et al.: State-of-science: situation awareness in individuals, teams and systems. Ergonomics 60(4), 449\u2013466 (2017). https:\/\/doi.org\/10.1080\/00140139.2017.1278796","journal-title":"Ergonomics"},{"key":"872_CR16","doi-asserted-by":"publisher","DOI":"10.1201\/b11371","volume-title":"Designing for situation awareness: an approach to user-centered design","author":"MR Endsley","year":"2016","unstructured":"Endsley, M.R.: Designing for situation awareness: an approach to user-centered design. CRC Press, London (2016)"},{"issue":"1","key":"872_CR17","first-page":"3","volume":"1","author":"MR Endsley","year":"2000","unstructured":"Endsley, M.R., Garland, D.J.: Theoretical underpinnings of situation awareness: a critical review. Situat. Aware. Anal. Meas. 1(1), 3\u201321 (2000)","journal-title":"Situat. Aware. Anal. Meas."},{"issue":"1","key":"872_CR18","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1518\/001872095779049543","volume":"37","author":"MR Endsley","year":"1995","unstructured":"Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors 37(1), 32\u201364 (1995). https:\/\/doi.org\/10.1518\/001872095779049543","journal-title":"Hum. Factors"},{"key":"872_CR19","doi-asserted-by":"publisher","DOI":"10.1201\/9781315577654","volume-title":"Distributed situation awareness: theory, measurement and application to teamwork","author":"PM Salmon","year":"2017","unstructured":"Salmon, P.M., et al.: Distributed situation awareness: theory, measurement and application to teamwork. CRC Press, London (2017)"},{"issue":"1","key":"872_CR20","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1177\/1555343415572631","volume":"9","author":"MR Endsley","year":"2015","unstructured":"Endsley, M.R.: Situation awareness misconceptions and misunderstandings. J. Cognit. Eng. Decis. Mak. 9(1), 4\u201332 (2015). https:\/\/doi.org\/10.1177\/1555343415572631","journal-title":"J. Cognit. Eng. Decis. Mak."},{"key":"872_CR21","doi-asserted-by":"crossref","unstructured":"Jajodia, S., et al., Cyber situational awareness. 2009: Springer.","DOI":"10.1007\/978-1-4419-0140-8"},{"key":"872_CR22","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/978-1-4419-0140-8_2","volume-title":"Cyber Situational Awareness","author":"GP Tadda","year":"2010","unstructured":"Tadda, G.P., Salerno, J.S.: Overview of cyber situation awareness. In: Cyber Situational Awareness, pp. 15\u201335. Springer, Berlin (2010)"},{"issue":"3","key":"872_CR23","doi-asserted-by":"publisher","first-page":"490","DOI":"10.1016\/j.ergon.2008.10.010","volume":"39","author":"PM Salmon","year":"2009","unstructured":"Salmon, P.M., et al.: Measuring situation awareness in complex systems: comparison of measures study. Int. J. Ind. Ergon. 39(3), 490\u2013500 (2009). https:\/\/doi.org\/10.1016\/j.ergon.2008.10.010","journal-title":"Int. J. Ind. Ergon."},{"key":"872_CR24","doi-asserted-by":"publisher","unstructured":"Endsley, M.R.: Situation awareness global assessment technique (SAGAT). In: Proceedings of the IEEE 1988 National Aerospace and Electronics Conference. 1988. IEEE https:\/\/doi.org\/10.1109\/NAECON.1988.195097.","DOI":"10.1109\/NAECON.1988.195097"},{"issue":"6","key":"872_CR25","doi-asserted-by":"publisher","first-page":"1323","DOI":"10.1007\/s10207-022-00613-7","volume":"21","author":"F Skopik","year":"2022","unstructured":"Skopik, F., et al.: From scattered data to actionable knowledge: flexible cyber security reporting in the military domain. Int. J. Inf. Secur. 21(6), 1323\u20131347 (2022). https:\/\/doi.org\/10.1007\/s10207-022-00613-7","journal-title":"Int. J. Inf. Secur."},{"key":"872_CR26","doi-asserted-by":"publisher","first-page":"227756","DOI":"10.1109\/ACCESS.2020.3045514","volume":"8","author":"M Vielberth","year":"2020","unstructured":"Vielberth, M., et al.: Security operations center: a systematic study and open challenges. IEEE Access 8, 227756\u2013227779 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3045514","journal-title":"IEEE Access"},{"key":"872_CR27","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-023-00680-4","author":"M Katsantonis","year":"2023","unstructured":"Katsantonis, M., et al.: Cyber range design framework for cyber security education and training. Int. J. Inf. Secur. (2023). https:\/\/doi.org\/10.1007\/s10207-023-00680-4","journal-title":"Int. J. Inf. Secur."},{"key":"872_CR28","doi-asserted-by":"publisher","unstructured":"Giacobe, N.A.: A picture is worth a thousand alerts. In: Proceedings of the Human Factors and Ergonomics Society. 2013. https:\/\/doi.org\/10.1177\/1541931213571039.","DOI":"10.1177\/1541931213571039"},{"key":"872_CR29","doi-asserted-by":"publisher","unstructured":"Giacobe, N.A., et al.: Capturing human cognition in cyber-security simulations with NETS. In: IEEE ISI 2013\u20142013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics. 2013. https:\/\/doi.org\/10.1109\/ISI.2013.6578844.","DOI":"10.1109\/ISI.2013.6578844"},{"key":"872_CR30","doi-asserted-by":"crossref","unstructured":"Hoffman, R.R.: Protocols for cognitive task analysis. Florida Institute for Human and Machine Cognition Inc Pensacola FL. (2005)","DOI":"10.21236\/ADA475413"},{"key":"872_CR31","doi-asserted-by":"publisher","unstructured":"Zhong, C., et al.: ARSCA: A computer tool for tracing the cognitive processes of cyber-attack analysis. In: 2015 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision, CogSIMA. 2015. https:\/\/doi.org\/10.1109\/COGSIMA.2015.7108193.","DOI":"10.1109\/COGSIMA.2015.7108193"},{"key":"872_CR32","doi-asserted-by":"crossref","unstructured":"Mullins, R., Nargi, B., Fouse, A.: Understanding and enabling tactical situational awareness in a security operations center. In: Advances in Intelligent Systems and Computing. 2020. p. 75\u201382.","DOI":"10.1007\/978-3-030-52581-1_10"},{"key":"872_CR33","doi-asserted-by":"publisher","unstructured":"Le Blanc, K., et al.: Characterizing cyber tools for monitoring power grid systems: what information is available and who needs it? In: 2017 IEEE International Conference on Systems, Man, and Cybernetics, SMC. 2017. https:\/\/doi.org\/10.1109\/SMC.2017.8123164.","DOI":"10.1109\/SMC.2017.8123164"},{"key":"872_CR34","doi-asserted-by":"publisher","unstructured":"Pahi, T., Leitner, M., Skopik, F.: Analysis and assessment of situational awareness models for national cyber security centers. In: ICISSP 2017\u2014Proceedings of the 3rd International Conference on Information Systems Security and Privacy. 2017. https:\/\/doi.org\/10.5220\/0006149703340345.","DOI":"10.5220\/0006149703340345"},{"key":"872_CR35","unstructured":"Skopik, F.: The limitations of national cyber security sensor networks debunked: why the human factor matters, In: Proceedings of the 14th International Conference on Cyber Warfare and Security (ICCWS). 2019. p. 405\u2013412."},{"key":"872_CR36","doi-asserted-by":"publisher","unstructured":"Kanstr\u00e9n, T., Evesti, A.: A study on the state of practice in security situational awareness. In: 2016 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). 2016. https:\/\/doi.org\/10.1109\/QRS-C.2016.14.","DOI":"10.1109\/QRS-C.2016.14"},{"key":"872_CR37","unstructured":"Eldardiry, O.M., Caldwell, B.S.: Improving information and task coordination in cyber security operation centers. In: IIE Annual Conference and Expo. 2015."},{"key":"872_CR38","doi-asserted-by":"publisher","first-page":"102398","DOI":"10.1016\/j.cose.2021.102398","volume":"109","author":"R Smith","year":"2021","unstructured":"Smith, R., et al.: The agile incident response for industrial control systems (AIR4ICS) framework. Comput. Secur. 109, 102398 (2021). https:\/\/doi.org\/10.1016\/j.cose.2021.102398","journal-title":"Comput. Secur."},{"key":"872_CR39","doi-asserted-by":"publisher","unstructured":"Ahrend, J.M., Jirotka, M., Jones, K.: On the collaborative practices of cyber threat intelligence analysts to develop and utilize tacit threat and defence knowledge. In: 2016 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA. 2016. https:\/\/doi.org\/10.1109\/CyberSA.2016.7503279.","DOI":"10.1109\/CyberSA.2016.7503279"},{"key":"872_CR40","doi-asserted-by":"publisher","unstructured":"Varga, S., Brynielsson, J., Franke, U.: Information requirements for national level cyber situational awareness. In: Proceedings of the 2018 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining, ASONAM. 2018. https:\/\/doi.org\/10.1109\/ASONAM.2018.8508410.","DOI":"10.1109\/ASONAM.2018.8508410"},{"key":"872_CR41","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102122","author":"A Ahmad","year":"2021","unstructured":"Ahmad, A., et al.: How can organizations develop situation awareness for incident response: a case study of management practice. Comput. Secur. (2021). https:\/\/doi.org\/10.1016\/j.cose.2020.102122","journal-title":"Comput. Secur."},{"key":"872_CR42","doi-asserted-by":"publisher","unstructured":"Paterson, D.M.: Work Domain Analysis for network management revisited: Infrastructure, teams and situation awareness. In: 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA. 2014. https:\/\/doi.org\/10.1109\/CogSIMA.2014.6816548.","DOI":"10.1109\/CogSIMA.2014.6816548"},{"key":"872_CR43","doi-asserted-by":"publisher","unstructured":"D\u2019Amico, A., et al.: Achieving cyber defense situational awareness: A cognitive task analysis of information assurance analysts. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting. 2005. SAGE Publications Sage CA: Los Angeles, CA https:\/\/doi.org\/10.1177\/154193120504900304.","DOI":"10.1177\/154193120504900304"},{"key":"872_CR44","doi-asserted-by":"publisher","unstructured":"Champion, M.A., et al.: Team-based cyber defense analysis. In: 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA. 2012. https:\/\/doi.org\/10.1109\/CogSIMA.2012.6188386.","DOI":"10.1109\/CogSIMA.2012.6188386"},{"key":"872_CR45","doi-asserted-by":"publisher","unstructured":"Lif, P., Gran\u00e5sen, M., Sommestad, T.: Development and validation of technique to measure cyber situation awareness. In: 2017 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA). 2017. IEEE https:\/\/doi.org\/10.1109\/CyberSA.2017.8073388.","DOI":"10.1109\/CyberSA.2017.8073388"},{"key":"872_CR46","doi-asserted-by":"publisher","unstructured":"Lif, P., Sommestad, T., Granasen, D.: Development and evaluation of information elements for simplified cyber-incident reports. In: 2018 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA). 2018. IEEE https:\/\/doi.org\/10.1109\/CyberSA.2018.8551402.","DOI":"10.1109\/CyberSA.2018.8551402"},{"key":"872_CR47","doi-asserted-by":"publisher","unstructured":"Endsley, M.R., E.S. Connors: Foundation and challenges. Cyber defense and situational awareness, 2014: p. 7\u201327 https:\/\/doi.org\/10.1007\/978-3-319-11391-3_2.","DOI":"10.1007\/978-3-319-11391-3_2"},{"key":"872_CR48","doi-asserted-by":"publisher","first-page":"745","DOI":"10.1016\/j.ssci.2019.08.016","volume":"120","author":"A Sharma","year":"2019","unstructured":"Sharma, A., Nazir, S., Ernstsen, J.: Situation awareness information requirements for maritime navigation: a goal directed task analysis. Saf. Sci. 120, 745\u2013752 (2019). https:\/\/doi.org\/10.1016\/j.ssci.2019.08.016","journal-title":"Saf. Sci."},{"key":"872_CR49","doi-asserted-by":"publisher","unstructured":"Connors, E.S., M.R. Endsley, and L. Jones.: Situation awareness in the power transmission and distribution industry. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting. 2007. SAGE Publications Sage CA: Los Angeles, CA https:\/\/doi.org\/10.1177\/154193120705100415.","DOI":"10.1177\/154193120705100415"},{"key":"872_CR50","doi-asserted-by":"publisher","unstructured":"Rummukainen, L., et al.:Situation awareness requirements for a critical infrastructure monitoring operator. In: 2015 IEEE International Symposium on Technologies for Homeland Security (HST). 2015. IEEE https:\/\/doi.org\/10.1109\/THS.2015.7225326.","DOI":"10.1109\/THS.2015.7225326"},{"issue":"2","key":"872_CR51","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1007\/s10207-018-0407-3","volume":"18","author":"A Shah","year":"2019","unstructured":"Shah, A., Ganesan, R., Jajodia, S.: A methodology for ensuring fair allocation of CSOC effort for alert investigation. Int. J. Inf. Secur. 18(2), 199\u2013218 (2019). https:\/\/doi.org\/10.1007\/s10207-018-0407-3","journal-title":"Int. J. Inf. Secur."},{"key":"872_CR52","doi-asserted-by":"publisher","first-page":"27881","DOI":"10.1109\/ACCESS.2022.3157738","volume":"10","author":"D Shahjee","year":"2022","unstructured":"Shahjee, D., Ware, N.: Integrated network and security operation center: a systematic analysis. IEEE Access 10, 27881\u201327898 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3157738","journal-title":"IEEE Access"},{"issue":"7","key":"872_CR53","doi-asserted-by":"publisher","first-page":"1004","DOI":"10.1016\/j.neubiorev.2009.04.001","volume":"33","author":"AC Neubauer","year":"2009","unstructured":"Neubauer, A.C., Fink, A.: Intelligence and neural efficiency. Neurosci. Biobehav. Rev. 33(7), 1004\u20131023 (2009). https:\/\/doi.org\/10.1016\/j.neubiorev.2009.04.001","journal-title":"Neurosci. Biobehav. Rev."},{"key":"872_CR54","doi-asserted-by":"publisher","first-page":"647","DOI":"10.1007\/s10207-020-00523-6","volume":"20","author":"JM Castelo G\u00f3mez","year":"2021","unstructured":"Castelo G\u00f3mez, J.M., et al.: A context-centered methodology for IoT forensic investigations. Int. J. Inf. Secur. 20, 647\u2013673 (2021). https:\/\/doi.org\/10.1007\/s10207-020-00523-6","journal-title":"Int. J. Inf. Secur."},{"key":"872_CR55","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-023-00706-x","author":"L Gonz\u00e1lez-Manzano","year":"2023","unstructured":"Gonz\u00e1lez-Manzano, L., et al.: A technical characterization of APTs by leveraging public resources. Int. J. Inf. Secur. (2023). https:\/\/doi.org\/10.1007\/s10207-023-00706-x","journal-title":"Int. J. Inf. Secur."},{"key":"872_CR56","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3300381","author":"M Gupta","year":"2023","unstructured":"Gupta, M., et al.: From chatgpt to threatgpt: Impact of generative AI in cybersecurity and privacy. IEEE Access (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3300381","journal-title":"IEEE Access"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00872-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-024-00872-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00872-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,14]],"date-time":"2024-09-14T01:05:35Z","timestamp":1726275935000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-024-00872-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,19]]},"references-count":56,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2024,10]]}},"alternative-id":["872"],"URL":"https:\/\/doi.org\/10.1007\/s10207-024-00872-6","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,7,19]]},"assertion":[{"value":"4 June 2024","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"19 July 2024","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The author was employed in a research position at the participating SOC at the time of this study. See Sect.\u00a0 Methodological limitations for more details. The author declares that he had no other known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"All respondents to interviews in this study gave informed consent. This article does not contain any other studies with human participants or animals performed by the author.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Informed consent"}}]}}