National Cyber Security Sensor Networks and the Human in the Loop

Abstract:

Organisations recently started to exchange security relevant information on cyber incidents to timely mitigate the effects of newly discovered malware and other forms of cyberattacks. Moreover, state actors take over their role as information brokers through national cyber security centres and distribute warnings on new attack vectors and vital recommendations on how to mitigate them. Although many of these initiatives are effective to some degree, they also suffer from considerable limitations. When going beyond pure technical indicators, extensive human involvement is required to manually review, vet, enrich, analyse, and distribute security information until relevant information reaches a decision maker. Recent research therefore proposes the automatic collection, analysis, and preparation of security data to effectively overcome limiting scalability factors. While this seems to work at an organisational level, the elevation of these approaches to a cross-organisational and even national level is not straightforward. This paper investigates where and why the human factor seems irreplaceable and sheds light on the limitations of autonomous cyber security sensor networks at the national level.


AUTHORS

Photo of Dr. Florian Skopik

Center for Digital Safety & Security AIT Austrian Institute of Technology Vienna,
Austria

Dr. Florian Skopik is Senior Scientist and Team Lead of the ICT Security Research Group at the Austrian Institute of Technology (AIT), where he coordinates national and largescale international research projects, as well as the overall research direction of the team. His research topics include critical infrastructure protection, smart grid security, and national cyber security and defense. Due to this research focus, the ICT Security Research Team works in close collaboration with national authorities, such as the Ministry of the Interior and the Ministry of Defense. He published more than 100 scientific  conference papers and journal articles and holds some 30 industry-recognized security certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISA/IEC 62443 Security Specialist, and CCNP Security. In 2017 he finished a professional degree in Advanced Computer Security at Stanford  University.  Mr.  Skopik  is  a  member  of various conference program committees and editorial boards, as well as standardization groups, such as ETSI TC Cyber and OASIS CTI. He frequently serves as a reviewer for numerous high-profile journals, including Elsevier’s  Computers  &  Security.  He  is  registered subject  matter  expert  of  ENISA  (ENISA  M-CEI-17- T01) in the areas of new ICTs and emerging application areas as well as Critical Information Infrastructure Protection (CIIP) and CSIRTs cooperation. As an invited reviewer, he evaluates research project proposals for numerous nation-al research funding agencies, including the Austrian agency for international mobility and cooperation in education (OEAD), the Czech Science Foundation,   and   the  European  Science  Foundation (ESF), as well as the EC’s Horizon 2020 programme. Mr. Skopik is an IEEE Senior Member, a member of the Association for Computing Machinery (ACM), of (ISC)2, of ISACA, and of the International Society of Automation (ISA).

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com