Continuous improvement on maturity and capability of security operation centers


Tezin Türü: Yüksek Lisans

Tezin Yürütüldüğü Kurum: Orta Doğu Teknik Üniversitesi, Enformatik Enstitüsü, Siber Güvenlik Anabilim Dalı, Türkiye

Tezin Onay Tarihi: 2019

Tezin Dili: İngilizce

Öğrenci: EFE SUAT ERDUR

Danışman: Cengiz Acartürk

Özet:

This thesis has been studied to define the importance of maturity and capability assessment, and continuous improvement for Security Operation Centers (SOC). Additionally, it aims contribute to the academic literature to fill the research gap in this specific domain as well. The main focus of this thesis is to combine those two important concepts under same study and define a methodology to provide Security Operation Centers' a self-assessment capability which also evaluates the gaps between current and desired states of the organization and determine the most critical aspects that are suggested to be improved at first. The applicability of the methodology has been supported with a use case scenario. More importantly, it is evaluated using conversational analysis methodology of qualitative analyze approach and evaluation results have been presented at the final part of the thesis report.