Re: Work Practices of Cyber Security Professionals

[Muhammad Adnan <muhammad.adnan200 () gmail com>]

Dear Valdis,

> 1) If you're including network admins, you should also make sure to
> get system admins (though you'll be more successful asking elsewhere for
those).

We are also targeting system admins. As I mentioned in my e-mail, "targeted
participants for this survey are those who perform security related
activities as a part of their job". After this sentence, I mentioned a
couple of roles as an example. By those examples I meant "including but not
limited to".

> 2) Having worn at least a partial hat of all those along my career, I'm
> curious what sort of tools will improve work practices for all the groups
> concerned.

The goal of this project is not to improve the work practices for all the
groups concerned. Instead, our aim is to first find out what cyber security
professionals (we are using this term to define anyone who performs
security related activities) do on day-to-day basis and which of  their
activities are relatively significant (i.e. performed frequently and
require more time) than others. Once we establish that, then we will pick a
couple of relatively significant activities from their workflow and build
tools for those activities, following a user-centered design process.

But, to get to that stage we first need to know that cyber security
professionals do, how often they do that, and how much time they spend on
doing that.

Hope that answers you questions. Feel free to ask if you have anymore.

Best wishes,
Adnan





On Tue, Feb 18, 2014 at 2:28 PM, <Valdis.Kletnieks () vt edu> wrote:

> On Mon, 17 Feb 2014 15:27:25 +0000, Muhammad Adnan said:
>
> > I am a university researcher who is investigating the development of new,
> > usable tools that will improve the work practices of cyber security
> > professionals. As a first step to achieve this goal, I am undertaking a
> > survey to gain an in-depth understanding of the day-to-day activities of
> > cyber security professionals. The targeted participants for this survey
> are
> > those who perform security related activities as a part of their job
> (e.g.
> > security analysts, network administrators, penetration testers).
>
> Several comments:
>
> 1) If you're including network admins, you should also make sure to
> get system admins (though you'll be more successful asking elsewhere for
> those).
>
> 2) Having worn at least a partial hat of all those along my careeer, I'm
> curious what sort of tools will improve work practices for all the groups
> concerned.  Probably the only place you'll find much overlap is in record
> keeping - but even there the record keeping that a sysadmin needs to do for
> changelogging their boxes is fairly different from what security analysts
> working an incident and pen testers engaged in a test will need.  There's
> also the problem that many sites have their change logging integrated into
> their version control system or other workflow software already...
>
> Good luck!