A Security Operation Centre (SOC) is a powerful and versatile infrastructure for cybersecurity due to the capabilities of monitoring and improving the security posture of an organization. While they found great diffusion in companies to defend IT/OT infrastructures, their employment in the maritime domain is still narrow but required. Nevertheless, SOC analysts working in traditional SOCs may be unprepared to operate proficiently in the maritime environment due to its context-specific features. They require specific training to fully exploit these newfound requirements. In this work, we leverage the NICE framework to outline the profile definition of a SOC operator in terms of required knowledge and skills. This profile allowed us to define the requirements of a training program tailored for maritime SOC operators. Moreover, we show how this program can be fulfilled with targeted hands-on exercises. An example exercise set in a representative scenario highlights that we are able to train the specific skills with metrics for evaluating their proficiency.
Training the Maritime Security Operations Centre Teams / Raimondi, M.; Longo, G.; Merlo, A.; Armando, A.; Russo, E.. - (2022), pp. 388-393. (Intervento presentato al convegno 2nd IEEE International Conference on Cyber Security and Resilience, CSR 2022 tenutosi a Rhodes; Greece) [10.1109/CSR54599.2022.9850324].
Training the Maritime Security Operations Centre Teams
Longo G.
;
2022
Abstract
A Security Operation Centre (SOC) is a powerful and versatile infrastructure for cybersecurity due to the capabilities of monitoring and improving the security posture of an organization. While they found great diffusion in companies to defend IT/OT infrastructures, their employment in the maritime domain is still narrow but required. Nevertheless, SOC analysts working in traditional SOCs may be unprepared to operate proficiently in the maritime environment due to its context-specific features. They require specific training to fully exploit these newfound requirements. In this work, we leverage the NICE framework to outline the profile definition of a SOC operator in terms of required knowledge and skills. This profile allowed us to define the requirements of a training program tailored for maritime SOC operators. Moreover, we show how this program can be fulfilled with targeted hands-on exercises. An example exercise set in a representative scenario highlights that we are able to train the specific skills with metrics for evaluating their proficiency.| File | Dimensione | Formato | |
|---|---|---|---|
|
Raimondi_Training_2022.pdf
accesso aperto
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.25 MB
Formato
Adobe PDF
|
1.25 MB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
