Abstract
In cyber threat situations, decision-making processes within organizations and between the affected organization and external entities are high-stake. They require human communication entailing technical complexity, time pressure, interdisciplinary factors, and often an insufficient information basis. Communication in cyber threat situations can thus be challenging and has a variety of implications for decision-making. The cyber-physical system is a rapidly changing socio-technical system that is understudied in terms of how cyber events are communicated and acted upon to secure and maintain cyber resilience. The present study is the first to review human-to-human communication in cyber threat situations. Our aims are to outline how human-human communication performance in cybersecurity settings have been studied, to uncover areas where there is potential for developing common standards for information exchange in collaborative settings, and to provide guidance for future research efforts. The review was carried out according to the PRISMA guidelines and articles were searched for on scientific databases. Articles focusing on human-human communication in cyber threat situations published in peer reviewed journals or as conference papers were included. A total of 17 studies were included in the final review. Most of the studies were correlational and exploratory in nature. Very few studies characterize communication in useful goal-related terms. There is a need for more collaboration between cyber defense exercise-organizers and cognitive scientists. Future studies should assess how team mental model-development affects team communication and performance in cyber defense exercises.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Agyepong, E., et al.: Challenges and performance metrics for security operations center analysts: a systematic review. J. Cyber Secur. Technol. 4(3), 1–28 (2020). https://doi.org/10.1080/23742917.2019.1698178
Ahrend, J.M., et al.: On the collaborative practices of cyber threat intelligence analysts to develop and utilize tacit threat and defence knowledge. In: 2016 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) (2016). https://doi.org/10.1109/cybersa.2016.7503279
Barford, P., et al.: Cyber SA: situational awareness for cyber defense. In: Cyber Situational Awareness, pp. 3–13. Springer, Cham (2009). https://doi.org/10.1007/978-1-4419-0140-8_1
Buchler, N., et al.: Mission command in the age of network-enabled operations: social network analysis of information sharing and situation awareness. Front. Psychol. 7, 937 (2016)
Champion, M.A., et al.: Team-based cyber defense analysis. In: 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (2012). https://doi.org/10.1109/cogsima.2012.6188386
ENISA: Proactive detection of network security incidents (2011). https://www.enisa.europa.eu/activities/cert/support/proactive-detection/survey-analysis. Accessed 20 Mar 2021
Finomore, V., et al.: Effects of cyber disruption in a distributed team decision making task. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 57, no. 1, pp. 394–398 (2013)
Forsythe, C., Silva, A., Stevens-Adams, S., Bradshaw, J.: Human dimension in cyber operations research and development priorities. In: Schmorrow, D.D., Fidopiastis, C.M. (eds.) AC 2013. LNCS (LNAI), vol. 8027, pp. 418–422. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39454-6_44
Franke, U., Brynielsson, J.: Cyber situational awareness – a systematic review of the literature. Comput. Secur. 46, 18–31 (2014). https://doi.org/10.1016/j.cose.2014.06.008
Garcia-Granados, F. Bahsi, H.: Cybersecurity knowledge requirements for strategic level decision makers. In: International Conference on Cyber Warfare and Security 2020 (2020). https://doi.org/10.34190/ICCWS.20.102
Hámornik, B.P., Krasznay, C.: A team-level perspective of human factors in cyber security: security operations centers. In: Nicholson, D. (ed.) AHFE 2017. AISC, vol. 593, pp. 224–236. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-60585-2_21
Henshel, D., et al.: Trust as a human factor in holistic cyber security risk assessment. Procedia Manuf. 3, 1117–1124 (2015)
Henshel, D.S., et al.: Predicting proficiency in cyber defense team exercises. In: MILCOM 2016 - 2016 IEEE Military Communications Conference (2016). https://doi.org/10.1109/milcom.2016.7795423
ISO: ISO/IEC27010: Information technology – security techniques –information security management for inter-sector and interorganizational communications (2012)
ITU-T: Recommendation ITU-T x.1500 cybersecurity information exchange techniques (2012)
Jariwala, S., et al.: Influence of team communication and coordination on the performance of teams at the iCTF Competition. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 56, no. 1, pp. 458–462 (2012)
Jøsok, Ø., Knox, B.J., Helkala, K., Lugo, R.G., Sütterlin, S., Ward, P.: Exploring the hybrid space. In: Schmorrow, D.D.D., Fidopiastis, C.M.M. (eds.) AC 2016. LNCS (LNAI), vol. 9744, pp. 178–188. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39952-2_18
Jøsok, Ø., Knox, B.J., Helkala, K., Wilson, K., Sütterlin, S., Lugo, R.G., Ødegaard, T.: Macrocognition applied to the hybrid space: team environment, functions and processes in cyber operations. In: Schmorrow, D.D., Fidopiastis, C.M. (eds.) AC 2017. LNCS (LNAI), vol. 10285, pp. 486–500. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58625-0_35
Jøsok, Ø., et al.: Self-regulation and cognitive agility in cyber operations. Front. Psychol. 10, 875 (2019)
Kácha, P.: Idea: security event taxonomy mapping. In: 18th International Conference on Circuits, Systems, Communications and Computers, 2014 (2014)
Knox, B.J., et al.: Socio-technical communication: the hybrid space and the OLB model for science-based cyber education. Mil. Psychol. 30(4), 350–359 (2018)
Knox, B.J., Lugo, R.G., Jøsok, Ø., Helkala, K., Sütterlin, S.: Towards a cognitive agility index: the role of metacognition in human computer interaction. In: Stephanidis, C. (ed.) HCI 2017. CCIS, vol. 713, pp. 330–338. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58750-9_46
Knox, B.J., et al.: Cognisance as a human factor in military cyber defence education. IFAC-PapersOnLine 52(19), 163–168 (2019)
Knox, B.J., et al.: Slow education and cognitive agility: improving military cyber cadet cognitive performance for better governance of cyberpower. Int. J. Cyber Warfare Terrorism (IJCWT) 9(1), 48–66 (2019)
Lugo, R., et al.: Team workload demands influence on cyber detection performance. In: 13th International Conference on Naturalistic Decision Making 2017, pp. 223–225 (2017)
Mermoud, A., et al.: Incentives for human agents to share security information: a model and an empirical test. In: 2018 Workshop on the Economics of Information Security (WEIS), Innsbruck (2018)
Moher, D., et al.: Preferred reporting items for systematic reviews and meta-analyses: the PRISMA statement. J. Clin. Epidemiol. 62(10), 1006–1012 (2009). https://doi.org/10.1016/j.jclinepi.2009.06.005
Muniz, J., et al.: Security Operations Center: Building, Operating, and Maintaining Your SOC. Cisco Press, Indianapolis (2015)
Pala, A., Zhuang, J.: Information sharing in cybersecurity: a review. Decis. Anal. (2019). https://doi.org/10.1287/deca.2018.0387
Percia David, D., et al.: Knowledge absorption for cyber-security: the role of human beliefs. Comput. Hum. Behav. 106, 106255 (2020). https://doi.org/10.1016/j.chb.2020.106255
Skopik, F., et al.: A problem shared is a problem halved: a survey on the dimensions of collective cyber defense through security information sharing. Comput. Secur. 60, 154–176 (2016). https://doi.org/10.1016/j.cose.2016.04.003
Staheli, D., et al.: Collaborative data analysis and discovery for cyber security. In: SOUPS 2016: Twelfth Symposium on Usable Privacy and Security (2016)
Steinke, J., et al.: Improving cybersecurity incident response team effectiveness using teams-based research. IEEE Secur. Priv. 13(4), 20–29 (2015). https://doi.org/10.1109/msp.2015.71
Tikk-Ringas, E., et al.: Cyber security as a field of military education and study. Joint Forces Q. 75(4), 57–60 (2014)
Tounsi, W., Rais, H.: A survey on technical threat intelligence in the age of sophisticated cyber attacks. Comput. Secur. 72, 212–233 (2018)
Varga, S., et al.: Information requirements for national level cyber situational awareness. In: 2018 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM) (2018)
Whitman, M.E., Mattord, H.J.: Principles of Information Security, 4th edn. Course Technology, Boston (2012)
Zachary, W., et al.: Context as a cognitive process: an integrative framework for supporting decision making. In: The 8th International Conference on Semantic Technologies for Intelligence, Defense, and Security (STIDS 2013) (2013)
Zanenga, P.: Knowledge eyes: Nature and emergence in society, culture, and economy. In: 2014 International Conference on Engineering, Technology and Innovation (ICE) (2014)
Funding
This study was conducted as part of the Advancing Cyber Defense by Improved Communication of Recognized Cyber Threat Situations (ACDICOM; project number 302941) project. ACDICOM is funded by the Norwegian Research Council.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Ask, T.F., Lugo, R.G., Knox, B.J., Sütterlin, S. (2021). Human-Human Communication in Cyber Threat Situations: A Systematic Review. In: Stephanidis, C., et al. HCI International 2021 - Late Breaking Papers: Cognition, Inclusion, Learning, and Culture. HCII 2021. Lecture Notes in Computer Science(), vol 13096. Springer, Cham. https://doi.org/10.1007/978-3-030-90328-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-90328-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90327-5
Online ISBN: 978-3-030-90328-2
eBook Packages: Computer ScienceComputer Science (R0)