A key challenge for human cybersecurity operators is to develop an understanding of what is happening within, and
to, their network. This understanding, or situation awareness, provides the cognitive basis for human operators to take
action within their environments. Yet developing situation awareness of cyberspace (cyber-SA) is understood to be
extremely difficult given the scope of the operating environment, the highly dynamic nature of the environment and the
absence of physical constraints that serve to bound the cognitive task23. As a result, human cybersecurity operators are
often "flying blind" regarding understanding the source, nature, and likely impact of malicious activity on their
networked assets. In recent years, many scholars have dedicated their attention to finding ways to improve cyber-SA in
human operators. In this paper we present our findings from our ongoing research of how cybersecurity analysts develop
and maintain cyber-SA. Drawing from over twenty interviews of analysts working in the military, government,
industrial, and educational domains, we find that cyber-SA to be distributed across human operators and technological
artifacts operating in different functional areas.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.