Using the Activity Theory to Identify the Challenges of Designing Elearning Tools based on Machine Learning for Security Operations Centers
Using the Activity Theory to Identify the Challenges of Designing Elearning Tools based on Machine Learning for Security Operations Centers

Summary/Abstract: There is a fast-growing requirement for setting up Security Operation Centers (SOCs), with qualified personnel, mainly due to the increase of demands to protect ITC systems from security breaches, data disruption or unauthorized usage. The 2018 Report of Privacy Rights Clearinghouse mentions that over 8,000 data breaches were reported since 2005, with more than 10 billion records affected. And according to the 2017 study of IBM Security and Ponemon Institute, the average cost of a data breach exceeds 3.6 million US dollars. SOCs have the mission to run in this ”arms race” against cyber attackers (criminals, spies, terrorists, activists) and to be economically viable, as a profit or a cost center. Development of elearning tools for continuous enhancing of the professional competences of the SOC’s personnel is critical for the successful operation of SOCs. Recent studies have applied the framework of the Activity Theory in order to identify the conflicting priorities which need to be handled by different members of SOCs and have suggested ways to mitigate the risks. While automating mundane tasks is one solution, the issue of automating the automation process itself through Machine Learning, especially in the eLearning activities performed inside SOCs was not often addressed. The paper aims to present the challenges of applying the framework of the Activity Theory in designing eLearning tools based on machine learning methods for SOCs. Some well-established Open Source security tools and machine learning packages will be evaluated for their suitability for developing eLearning tools.

• Details
• Contents