False alarms and incorrect rejections in an information security center: correlation with the frequency of incidents

This study examines the actions taken by operators aimed at preventing and combating information security incidents at a banking organization. The work utilizes the theoretical framework of ergonomics and cognitive psychology. The method is workplace ergonomic analysis. Its focus is directed towards...

Full description

Saved in:
Bibliographic Details
Published in:Work (Reading, Mass.) Mass.), 2012-01, Vol.41 (S1), p.2902-2907
Main Authors: Bruno, Thiers, Abrahão, Julia
Format: Article
Language:English
Subjects:
Cognition
Commerce
Computer Security
Decision Making
Ergonomics
Female
Humans
Information Systems
Male
Signal Detection, Psychological
Task Performance and Analysis
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This study examines the actions taken by operators aimed at preventing and combating information security incidents at a banking organization. The work utilizes the theoretical framework of ergonomics and cognitive psychology. The method is workplace ergonomic analysis. Its focus is directed towards examining the cognitive dimension of the work environment with special attention to the occurrence of correlations between variability in incident frequency and the results of sign detection actions. It categorizes 45,142 operator decisions according to the theory of signal detection (Sternberg, 2000). It analyzes the correlation between incident proportions (indirectly associated with the cognitive efforts demanded from the operator) and operator decisions. The study demonstrated the existence of a positive correlation between incident proportions and false positive decisions (false alarms). However, this correlation could not be observed in relation to decisions of the falsenegative type (incorrect rejection).
ISSN:1051-9815
1875-9270
DOI:10.3233/WOR-2012-0542-2902