The ground-breaking research used brain scanners to examine the impact of network defence on the brain.
The ground-breaking research used brain scanners to examine the impact of network defence on the brain.
The ability to pay attention for significantly long periods of time has been identified by researchers at Edith Cowan University (ECU) as the weakest link in any cyber company’s ability to beat hackers.
That’s according to ECU’s Dr Oliver Guidetti whose research used brain scanners and a simulated cyber security console to test the network defender's vigilance capabilities – which refers to how well a person is able to concentrate for long periods of time.
Dr Guidetti’s most recent cyber study is the first in a series documenting this new research examining the impact of network defence on the brain.
“As cyber threats and hacking attacks all around the world continue to rise by the second, it is critical we learn more about the cognitive, or mental load that is being placed upon our network defence analysts,” Dr Guidetti explained.
“The human brain is wired to detect threats, such as tigers or snakes, but cyber threats that can look like a single number in a sequence of millions of digits, and an analyst has to stare into that screen of numbers for hours at a time to notice it.”
Vigilance testing, typically performed on airline pilots or baggage handlers to check their mental alertness as they work, has shifted to the cyber industry, which he said is putting analysts under increasing pressure, for increasing periods of time.
Cyber simulation
The study worked by analysing changes in the brain of network defenders, as they performed two versions of a simulated cyber security task.
“The only difference between the two types of cyber simulation, was the behaviour of certain software elements,” Dr Guidetti explained.
“We found a specific type of response in the brain corresponded to each of those two types of cyber simulation, and more importantly, whether or not network defenders got better, or worse, at detecting cyber threats over time.”
Cyber stress
Dr Guidetti said his study showed that prolonged monitoring of security systems in order to identify a threat put a significant mental stress on the analyst that was significant enough to be observable using a wearable brain scanner.
“Cyber threat detection is a tedious, monotonous task that requires analysts to sustain high levels of attention for prolonged periods of time,” Dr Guidetti said.
“It can literally be like looking for a needle in a haystack.”
The study found cyber vigilance tests need to be updated more regularly keep up with technological evolution.
The ever-increasing mental burden put on analysts identified in this study has prompted a call for the cyber security sector to update its ability to vigilance test defence analysts.
“The main challenge previous cyber vigilance tasks faced was that there exists no single, common software console in cyber security that a cyber vigilance task could be based on,” Dr Guidetti said.
“We got around this by designing our simulation based on cyber-cognitive vulnerabilities – which are software elements that make paying attention harder or easier.”
The rapid pace of technological evolution in network defence means that cyber vigilance tasks can become obsolete just as quickly.
“This means cyber vigilance tasks need to be updated more regularly, in order to keep with the times,” Dr Guidetti stressed.
“Understanding these challenges that we outlined in this first cyber study is imperative in advancing human factors research in cyber security.”
Dr Oliver Guidetti’s research paper A review of cyber vigilance tasks for network defense was co-authored by ECU Professor Craig Speelman.
