International Journal of Information Security and Privacy
- International Journal of Information Security and…
In this chapter the authors present a new framework for the study of situation awareness in computer network defense (cyber-SA). While immensely valuable, the research to date on cyber-SA has overemphasized an algorithmic level of analysis to the exclusion of the human actor. Since situation awareness, and therefore cyber-SA, is a human cognitive process and state, it is essential that future cyber-SA research account for the human-in-the-loop. To that end, the framework in this chapter presents a basis for examining cyber-SA at the cognitive, system, work, and enterprise levels of analysis. In describing the framework, the authors present examples of research that are emblematic of each type of analysis.