{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T01:22:26Z","timestamp":1769217746612,"version":"3.49.0"},"reference-count":81,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2023,12,27]],"date-time":"2023-12-27T00:00:00Z","timestamp":1703635200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Increasingly disruptive cyber-attacks in the maritime domain have led to more efforts being focused on enhancing cyber resilience. From a regulatory perspective, there is a requirement that maritime stakeholders implement measures that would enable the timely detection of cyber events, leading to the adoption of Maritime Security Operation Centers (M-SOCs). At the same time, Remote Operation Centers (ROCs) are also being discussed to enable increased adoption of highly automated and autonomous technologies, which could further impact the attack surface of vessels. The main objective of this research was therefore to better understand both enabling factors and challenges impacting the effectiveness of M-SOC operations. Semi-structured interviews were conducted with nine M-SOC experts. Informed by grounded theory, incident management emerged as the core category. By focusing on the factors that make M-SOC operations a unique undertaking, the main contribution of this study is that it highlights how maritime connectivity challenges and domain knowledge impact the M-SOC incident management process. Additionally, we have related the findings to a future where M-SOC and ROC operations could be converged.<\/jats:p>","DOI":"10.3390\/s24010146","type":"journal-article","created":{"date-parts":[[2023,12,27]],"date-time":"2023-12-27T02:58:12Z","timestamp":1703645892000},"page":"146","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Bridging the Gap: Enhancing Maritime Vessel Cyber Resilience through Security Operation Centers"],"prefix":"10.3390","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9345-6629","authenticated-orcid":false,"given":"Allan","family":"Nganga","sequence":"first","affiliation":[{"name":"Department of Maritime Studies, Western Norway University of Applied Sciences (HVL), 5525 Haugesund, Norway"}]},{"given":"George","family":"Nganya","sequence":"additional","affiliation":[{"name":"School of Education-Sciences, Falmer Campus, University of Brighton, Brighton BN1 9PH, UK"}]},{"given":"Margareta","family":"L\u00fctzh\u00f6ft","sequence":"additional","affiliation":[{"name":"Department of Maritime Studies, Western Norway University of Applied Sciences (HVL), 5525 Haugesund, Norway"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1713-2977","authenticated-orcid":false,"given":"Steven","family":"Mallam","sequence":"additional","affiliation":[{"name":"Fisheries and Marine Institute, Memorial University of Newfoundland (MUN), St. John\u2019s, NL A1C 5S7, Canada"},{"name":"Department of Maritime Operations, University of South-Eastern Norway (USN), 3184 Borre, Norway"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2285-8932","authenticated-orcid":false,"given":"Joel","family":"Scanlan","sequence":"additional","affiliation":[{"name":"Department of Maritime Studies, Western Norway University of Applied Sciences (HVL), 5525 Haugesund, Norway"}]}],"member":"1968","published-online":{"date-parts":[[2023,12,27]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"3453","DOI":"10.1109\/COMST.2018.2855563","article-title":"A survey of iot-enabled cyberattacks: Assessing attack paths to critical infrastructures and services","volume":"20","author":"Stellios","year":"2018","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_2","unstructured":"(2023, December 13). Directive (EU) 2022\/2555. Pub. L. No. 32022L2555. Available online: https:\/\/eur-lex.europa.eu\/eli\/dir\/2022\/2555\/oj."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"48236","DOI":"10.1109\/ACCESS.2019.2909921","article-title":"Maritime Networking: Bringing Internet to the Sea","volume":"7","author":"Syed","year":"2019","journal-title":"IEEE Access"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"64","DOI":"10.1109\/TITS.2020.3023957","article-title":"Sensors and AI Techniques for Situational Awareness in Autonomous Ships: A Review","volume":"23","author":"Thombre","year":"2022","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"208","DOI":"10.1057\/s41278-022-00214-0","article-title":"Cyber security risk assessment in autonomous shipping","volume":"24","author":"Tusher","year":"2022","journal-title":"Marit. Econ. Logist."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"103811","DOI":"10.1016\/j.compind.2022.103811","article-title":"Digital transformation of maritime logistics: Exploring trends in the liner shipping segment","volume":"145","author":"Raza","year":"2023","journal-title":"Comput. Ind."},{"key":"ref_7","unstructured":"Kranz, M. (2023, December 13). Using Secure IOT for Efficient Smart Port Operations. Available online: https:\/\/www.porttechnology.org\/wp-content\/uploads\/2019\/05\/014-016_2017.pdf."},{"key":"ref_8","unstructured":"Scanlan, J.D., Styles, J.M., Lyneham, D., and Lutzhoft, M.H. (2019, January 21\u201325). New Internet Satellite Constellations to Increase Cyber Risk in Ill-Prepared Industries. Proceedings of the 70th International Astronautical Congress (IAC), Washington, DC, USA."},{"key":"ref_9","first-page":"2677","article-title":"A Survey on Cyber Security Threats in IoT-Enabled Maritime Industry","volume":"24","author":"Ashraf","year":"2023","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_10","unstructured":"DNV (2023, December 12). Maritime Cyber Priority 2023: Staying Secure in an Era of Connectivity. Available online: https:\/\/www.dnv.com\/cybersecurity\/cyber-insights\/maritime-cyber-priority-2023.html."},{"key":"ref_11","first-page":"122","article-title":"Analysis of cyber-attacks in IoT-based critical infrastructures","volume":"8","author":"Das","year":"2019","journal-title":"Int. J. Inf. Secur. Sci."},{"key":"ref_12","unstructured":"Easterly, J. (2023, May 07). The Attack on Colonial Pipeline: What We\u2019ve Learned & What We\u2019ve Done over the Past Two Years. CISA, Available online: https:\/\/www.cisa.gov\/news-events\/news\/attack-colonial-pipeline-what-weve-learned-what-weve-done-over-past-two-years."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1002\/navi.183","article-title":"Hostile Control of Ships via False GPS Signals: Demonstration and Detection","volume":"64","author":"Bhatti","year":"2017","journal-title":"Navigation"},{"key":"ref_14","unstructured":"Kessler, G., and Shepard, S. (2022). Maritime Cybersecurity\u2014A Guide for Leaders and Managers, Digital Ship Ltd."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Svilicic, B., Rudan, I., Jugovi\u0107, A., and Zec, D. (2019). A Study on Cyber Security Threats in a Shipboard Integrated Navigational System. J. Mar. Sci. Eng., 7.","DOI":"10.3390\/jmse7100364"},{"key":"ref_16","unstructured":"Wired (2023, December 10). The Untold Story of NotPetya, the Most Devastating Cyberattack in History. Available online: https:\/\/www.wired.com\/story\/notpetya-cyberattack-ukraine-russia-code-crashed-the-world\/."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"547","DOI":"10.1017\/S0373463319000808","article-title":"Towards a Cyber Secure Shipboard Radar","volume":"73","author":"Svilicic","year":"2020","journal-title":"J. Navig."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"239","DOI":"10.3390\/jcp1020013","article-title":"Marine Network Protocols and Security Risks","volume":"1","author":"Tran","year":"2021","journal-title":"J. Cybersecur. Priv."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"3575","DOI":"10.1109\/TIFS.2023.3282132","article-title":"Attacking (and Defending) the Maritime Radar System","volume":"18","author":"Longo","year":"2023","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Leite Junior, W.C., de Moraes, C.C., de Albuquerque, C.E.P., Machado, R.C.S., and de S\u00e1, A.O. (2021). A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems. Sensors, 21.","DOI":"10.3390\/s21093195"},{"key":"ref_21","unstructured":"Grant, A., Williams, P., Shaw, G., De Voy, M., and Ward, N. (2011, January 24\u201326). Understanding GNSS Availability and How it Impacts Maritime Safety. Proceedings of the International Technical Meeting of the Institute of Navigation, San Diego, CA, USA. Available online: http:\/\/www.ion.org\/publications\/abstract.cfm?jp=p&articleID=9513."},{"key":"ref_22","first-page":"149","article-title":"An Attack on an Integrated Navigation System","volume":"3","author":"Lund","year":"2018","journal-title":"Necesse"},{"key":"ref_23","unstructured":"Oruc, A. (2020, January 5\u20139). Claims of State-Sponsored Cyberattack in the Maritime Industry. Proceedings of the 15th International Naval Engineering Conference & Exhibition, Online."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Androjna, A., Perkovi\u010d, M., Pavic, I., and Mi\u0161kovi\u0107, J. (2021). AIS Data Vulnerability Indicated by a Spoofing Case-Study. Appl. Sci., 11.","DOI":"10.3390\/app11115015"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"280","DOI":"10.1177\/1557234X11410391","article-title":"Information Environment, Fatigue, and Culture in the Maritime Domain","volume":"7","author":"Grech","year":"2011","journal-title":"Rev. Hum. Factors Ergon."},{"key":"ref_26","unstructured":"IMO (2023, December 12). Maritime Cyber Risk Management in Safety Management Systems. IMO. 2017. p. 1. Available online: https:\/\/wwwcdn.imo.org\/localresources\/en\/OurWork\/Security\/Documents\/ResolutionMSC.428(98).pdf."},{"key":"ref_27","unstructured":"(2023, December 12). Guidelines on Maritime Cyber Risk Management. IMO. 2021. pp. 1\u20136. Available online: https:\/\/wwwcdn.imo.org\/localresources\/en\/OurWork\/Facilitation\/Facilitation\/MSC-FAL.1-Circ.3-Rev.1.pdf."},{"key":"ref_28","unstructured":"BIMCO (2023, December 09). The Guidelines on Cyber Security Onboard Ships. Available online: https:\/\/www.bimco.org\/about-us-and-our-members\/publications\/the-guidelines-on-cyber-security-onboard-ships."},{"key":"ref_29","unstructured":"DNV (2023, December 10). DNV-RP-0496: Cyber Security Resilience Management for Ships and Mobile Offshore Units in Operation. Available online: https:\/\/www.dnv.com\/cybersecurity\/recommended-practices\/index.html."},{"key":"ref_30","unstructured":"Bureau_Veritas (2023, December 05). NR659 Rules on Cyber Security for the Classification of Marine Units. Available online: https:\/\/marine-offshore.bureauveritas.com\/nr659-rules-cyber-security-classification-marine-units."},{"key":"ref_31","unstructured":"IACS (2023, December 10). UR E26-Cyber Resilience of Ships. 2022. p. 32. Available online: https:\/\/iacs.org.uk\/resolutions\/unified-requirements\/ur-e."},{"key":"ref_32","unstructured":"IACS (2023, December 10). UR E27 Cyber Resilience of On-board Systems and Equipment. 2022. p. 14. Available online: https:\/\/iacs.org.uk\/resolutions\/unified-requirements\/ur-e\/ur-e27-rev1."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1109\/MSP.2014.103","article-title":"The operational role of security information and event management systems","volume":"12","author":"Bhatt","year":"2014","journal-title":"IEEE Secur. Priv."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Jacq, O., Boudvin, X., Brosset, D., Kermarrec, Y., and Simonin, J. (2018, January 24\u201326). Detecting and Hunting Cyberthreats in a Maritime Environment: Specification and Experimentation of a Maritime Cybersecurity Operations Centre. Proceedings of the 2018 2nd Cyber Security in Networking Conference, CSNet 2018, Paris, France.","DOI":"10.1109\/CSNET.2018.8602669"},{"key":"ref_35","unstructured":"Heering, D., Maennel, O.M., and Venables, A.N. (2021). Developments in Maritime Technology and Engineering, CRC Press."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1109\/MCOMSTD.101.2000073","article-title":"Developing Maritime Digital Competencies","volume":"5","author":"Hopcraft","year":"2021","journal-title":"IEEE Commun. Stand. Mag."},{"key":"ref_37","unstructured":"(2023, December 13). International Convention on Standards of Training, Certification and Watchkeeping for Seafarers, 1978 (1984). Available online: https:\/\/www.imo.org\/en\/OurWork\/HumanElement\/Pages\/STCW-Convention.aspx."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Petersen, R., Santos, D., Smith, M.C., Wetzel, K.A., and Witte, G. (2020). NIST Special Publication 800-181 Revision 1 Workforce Framework for Cybersecurity (NICE Framework), U.S. Department of Commerce.","DOI":"10.6028\/NIST.SP.800-181r1"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Raimondi, M., Longo, G., Merlo, A., Armando, A., and Russo, E. (2022, January 27\u201329). Training the Maritime Security Operations Centre Teams. Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience (CSR), Rhodes, Greece.","DOI":"10.1109\/CSR54599.2022.9850324"},{"key":"ref_40","first-page":"21","article-title":"Sector-Specific Training\u2014A Federated Maritime Scenario","volume":"Volume 1689","author":"Iosifidis","year":"2022","journal-title":"Multimedia Communications, Services and Security, Proceedings of the 11th International Conference, MCSS 2022, Krak\u00f3w, Poland, 3\u20134 November 2022"},{"key":"ref_41","unstructured":"Wartsila (2023, December 10). Debunking Maritime Myths of Digital Transformation. Available online: https:\/\/www.wartsila.com\/docs\/default-source\/voyage\/myths-of-digital-transformation.pdf?utm_source=web&utm_medium=pdf&utm_term=voyage&utm_content=cta-link."},{"key":"ref_42","unstructured":"Parsons, D. (2023, December 10). The State of OT\/ICS Cybersecurity in 2022 and Beyond. Available online: https:\/\/www.sans.org\/white-papers\/state-ics-ot-cybersecurity-2022-beyond\/."},{"key":"ref_43","unstructured":"Digital Ship (2023, December 13). LEO Connectivity Transforming Maritime Communications. Available online: https:\/\/thedigitalship.com\/news\/maritime-satellite-communications\/item\/8510-leo-connectivity-transforming-maritime-communications-says-iec-telecom."},{"key":"ref_44","unstructured":"Sj\u00f8fartsdirektoratet (2023, December 10). Vessel Types. Available online: https:\/\/www.sdir.no\/en\/shipping\/vessels\/vessel-types\/."},{"key":"ref_45","unstructured":"Crowley, C., Filkins, B., and Pescatore, J. (2023, December 10). SANS 2023 SOC Survey. Available online: https:\/\/www.sans.org\/white-papers\/2023-sans-soc-survey\/."},{"key":"ref_46","unstructured":"IMO (2023, December 13). Resolution A.915(22)-Revised Maritime Policy and Requirements for a Future Global Navigation Satellite System (Gnss). Available online: https:\/\/wwwcdn.imo.org\/localresources\/en\/KnowledgeCentre\/IndexofIMOResolutions\/AssemblyDocuments\/A.915(22).pdf."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"266","DOI":"10.1080\/16258312.2019.1631714","article-title":"Autonomous ships: A review, innovative applications and future maritime business models","volume":"20","author":"Munim","year":"2019","journal-title":"Supply Chain. Forum Int. J."},{"key":"ref_48","unstructured":"Hanssen, L., and Sofie, L. (2023, December 10). Identification of Information Requirements in ROC Operations Room. In 53. Institutt for Energiteknikk. Available online: https:\/\/ife.brage.unit.no\/ife-xmlui\/handle\/11250\/2727713."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"104908","DOI":"10.1016\/j.ssci.2020.104908","article-title":"A novel cyber-risk assessment method for ship systems","volume":"131","author":"Bolbot","year":"2020","journal-title":"Saf. Sci."},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"106329","DOI":"10.1016\/j.ssci.2023.106329","article-title":"Supporting human supervision in autonomous collision avoidance through agent transparency","volume":"169","author":"Mallam","year":"2024","journal-title":"Saf. Sci."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Biondo, A., Conti, M., and Lain, D. (2018, January 18\u201321). Back to the Epilogue: Evading Control Flow Guard via Unaligned Targets. Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, USA.","DOI":"10.14722\/ndss.2018.23318"},{"key":"ref_52","unstructured":"Larsen, H. (2023, December 13). Cyber Security Alerts in Remote Operation Center [NTNU]. Available online: https:\/\/ntnuopen.ntnu.no\/ntnu-xmlui\/handle\/11250\/3050123."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"012021","DOI":"10.1088\/1742-6596\/1357\/1\/012021","article-title":"Enabling Technologies for Maritime Autonomous Surface Ships","volume":"1357","author":"Heffner","year":"2019","journal-title":"J. Phys. Conf. Ser."},{"key":"ref_54","unstructured":"Kim, T., and Schr\u00f6der-Hinrichs, J.-U. (2021). New Maritime Business. WMU Studies in Maritime Affairs, Springer."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"107324","DOI":"10.1016\/j.ress.2020.107324","article-title":"Risk assessment of the operations of maritime autonomous surface ships","volume":"207","author":"Chang","year":"2021","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"294","DOI":"10.25046\/aj040537","article-title":"Spectrum Requirements for Control and Non-payload Communication of Maritime Autonomous Surface Ship","volume":"4","author":"Namgung","year":"2019","journal-title":"Adv. Sci. Technol. Eng. Syst."},{"key":"ref_57","doi-asserted-by":"crossref","unstructured":"Chen, S., Xiong, X., Wen, Y., Jian, J., and Huang, Y. (2023). State Compensation for Maritime Autonomous Surface Ships\u2019 Remote Control. J. Mar. Sci. Eng., 11.","DOI":"10.3390\/jmse11020450"},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"7285","DOI":"10.1109\/TITS.2023.3258365","article-title":"Enabling Real-Time Remote Monitoring of Ships by Lossless Protocol Transformations","volume":"24","author":"Longo","year":"2023","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_59","unstructured":"Bolbot, V., Theotokatos, G., Boulougouris, E., and Vassalos, D. (2019, January 17\u201318). Safety related cyber-attacks identification and assessment for autonomous inland ships. Proceedings of the International Seminar on Safety and Security of Autonomous Vessels, Helsinki, Finland. Available online: https:\/\/www.researchgate.net\/publication\/335977458."},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"H\u00f6yhty\u00e4, M., and Martio, J. (2020). Integrated Satellite\u2013Terrestrial Connectivity for Autonomous Ships: Survey and Future Research Directions. Remote Sens., 12.","DOI":"10.3390\/rs12152507"},{"key":"ref_61","doi-asserted-by":"crossref","first-page":"67","DOI":"10.1007\/s00773-021-00815-z","article-title":"Towards approval of autonomous ship systems by their operational envelope","volume":"27","author":"Nordahl","year":"2022","journal-title":"J. Mar. Sci. Technol."},{"key":"ref_62","first-page":"698","article-title":"Implementing operational envelopes for improved resilience of autonomous maritime transport","volume":"60","author":"Holte","year":"2022","journal-title":"Adv. Transp. AHFE"},{"key":"ref_63","doi-asserted-by":"crossref","unstructured":"Fj\u00f8rtoft, K.E., and R\u00f8dseth, J. (2020, January 1\u20135). Using the Operational Envelope to Make Autonomous Ships Safer. Proceedings of the 30th European Safety and Reliability Conference and the 15th Probabilistic Safety Assessment and Management Conference, Venice, Italy.","DOI":"10.3850\/978-981-14-8593-0_3496-cd"},{"key":"ref_64","unstructured":"Creswell, J.W. (2018). Qualitative Inquiry & Research Design, Sage Publications, Inc.. [4th ed.]."},{"key":"ref_65","unstructured":"Microsoft (2023, December 13). Microsoft Teams (1.6). Available online: https:\/\/www.microsoft.com\/en-us\/microsoft-teams\/group-chat-software."},{"key":"ref_66","unstructured":"Zoom (2023, December 13). Zoom Video Communications. Available online: https:\/\/zoom.us\/."},{"key":"ref_67","unstructured":"Microsoft (2023, December 13). Microsoft Word 365 (2023). Available online: https:\/\/www.microsoft.com\/en-us\/microsoft-365\/free-office-online-for-the-web."},{"key":"ref_68","unstructured":"Microsoft (2023, December 10). Microsoft Excel 365. Available online: https:\/\/www.microsoft.com\/en-us\/microsoft-365\/excel."},{"key":"ref_69","unstructured":"Charmaz, K. (2014). Constructing Grounded Theory, Sage Publishing."},{"key":"ref_70","doi-asserted-by":"crossref","first-page":"591","DOI":"10.1177\/1049732316665344","article-title":"Code Saturation Versus Meaning Saturation: How Many Interviews Are Enough?","volume":"27","author":"Hennink","year":"2017","journal-title":"Qual. Health Res."},{"key":"ref_71","unstructured":"Devo (2023, December 10). 2022 Devo SOC Performance Report. Available online: https:\/\/www.devo.com\/resources\/analyst-research\/2022-devo-soc-performance-report\/."},{"key":"ref_72","unstructured":"Kim, A., Kang, M.H., Luo, J.Z., and Velasquez, A. (2023, December 13). A Framework for Event Prioritization in Cyber Network Defense. Available online: https:\/\/apps.dtic.mil\/sti\/citations\/ADA608707."},{"key":"ref_73","unstructured":"Knerler, K., Parker, I., and Zimmerman, C. (2023, December 13). 11 Strategies of a World-Class Cybersecurity Operations Center. Available online: https:\/\/www.mitre.org\/sites\/default\/files\/2022-04\/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf."},{"key":"ref_74","unstructured":"Alahmadi, B., Axon, L., and Martinovic, I. (2022, January 10\u201312). 99% False Positives: A Qualitative Study of SOC Analysts\u2019 Perspectives on Security Alarms. Proceedings of the 31st USENIX Security Symposium (USENIX Security 22), Boston, MA, USA. Available online: https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/alahmadi."},{"key":"ref_75","doi-asserted-by":"crossref","unstructured":"Roy, J. (2008, January 16\u201320). Anomaly detection in the maritime domain. Proceedings of the SPIE 6945, Optics and Photonics in Global Homeland Security IV, Orlando, FL, USA.","DOI":"10.1117\/12.776230"},{"key":"ref_76","unstructured":"Van Laere, J., and Nilsson, M. (2009, January 6\u20139). Evaluation of a workshop to capture knowledge from subject matter experts in maritime surveillance. Proceedings of the 12th International Conference on Information Fusion, Seattle, WA, USA. Available online: https:\/\/ieeexplore.ieee.org\/document\/5203817\/."},{"key":"ref_77","doi-asserted-by":"crossref","unstructured":"Agyepong, E., Cherdantseva, Y., Reinecke, P., and Burnap, P. (2020, January 15\u201319). Towards a Framework for Measuring the Performance of a Security Operations Center Analyst. Proceedings of the International Conference on Cyber Security and Protection of Digital Services, Cyber Security, Dublin, Ireland.","DOI":"10.1109\/CyberSecurity49315.2020.9138872"},{"key":"ref_78","unstructured":"Basyurt, A., Fromm, J., Kuehn, P., Kaufhold, M.-A., and Mirbabaie, M. (2023, December 10). Help Wanted\u2014Challenges in Data Collection, Analysis and Communication of Cyber Threats in Security Operation Centers. Wirtschaftsinformatik 2022 Proceedings. Available online: https:\/\/aisel.aisnet.org\/wi2022\/it_for_development\/it_for_development\/20."},{"key":"ref_79","doi-asserted-by":"crossref","first-page":"224","DOI":"10.1007\/978-3-319-60585-2_21","article-title":"A team-level perspective of human factors in cyber security: Security operations centers","volume":"593","author":"Krasznay","year":"2018","journal-title":"Adv. Intell. Syst. Comput."},{"key":"ref_80","first-page":"316","article-title":"Security Operations Center Roles and Skills: A Comparison of Theory and Practice","volume":"Volume 13383","author":"Reisser","year":"2022","journal-title":"Data and Applications Security and Privacy XXXVI, Proceedings of the 36th Annual IFIP WG 11.3 Conference, DBSec 2022, Newark, NJ, USA, 18\u201320 July 2022"},{"key":"ref_81","doi-asserted-by":"crossref","first-page":"42021","DOI":"10.1109\/ACCESS.2020.2976076","article-title":"Capturing Tacit Knowledge in Security Operation Centers","volume":"8","author":"Cho","year":"2020","journal-title":"IEEE Access"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/1\/146\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T21:42:30Z","timestamp":1760132550000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/1\/146"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,12,27]]},"references-count":81,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,1]]}},"alternative-id":["s24010146"],"URL":"https:\/\/doi.org\/10.3390\/s24010146","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,12,27]]}}}