Continuous improvement on maturity and capability of Security Operation Centres

ACARTÜRK, CENGİZ; ULUBAY, MURAT; Erdur, Efe

doi:10.1049/ise2.12005

Continuous improvement on maturity and capability of Security Operation Centres

Atıf İçin Kopyala

ACARTÜRK C., ULUBAY M., Erdur E.

IET INFORMATION SECURITY, cilt.15, sa.1, ss.59-75, 2021 (SCI-Expanded)

Yayın Türü: Makale / Tam Makale
Cilt numarası: 15 Sayı: 1
Basım Tarihi: 2021
Doi Numarası: 10.1049/ise2.12005
Dergi Adı: IET INFORMATION SECURITY
Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus, PASCAL, Aerospace Database, Applied Science & Technology Source, Communication Abstracts, Compendex, Computer & Applied Sciences, INSPEC, Metadex, Civil Engineering Abstracts
Sayfa Sayıları: ss.59-75
Orta Doğu Teknik Üniversitesi Adresli: Evet

Özet

This study addresses maturity and capability assessment of Security Operation Centres (SOC). It aims to contribute to continuous improvement for SOCs by proposing a complementary methodology that provides SOCs a self-assessment capability. The method basically involves an assessment of the gaps between the current and the desired states of the organization and facilitates determining critical aspects that have priority. The proposed methodology is based on the define, measure, analyze, improve, and control methodology of the Six Sigma approach and offers a service-oriented improvement process for SOCs. The applicability of the methodology is demonstrated by a case study. We evaluated subject matter experts' reviews using simplified conversation analysis as a qualitative, content-analysis approach.