Abstract
The bibliometric analysis plays a crucial role in understanding the evolution of research trends and knowledge in various fields. This study applies bibliometric analysis to explore the growth of the research paradigm on agility in fintech literature, using co-citation analysis and bibliographic coupling of selected articles. Based on this bibliometric analysis, the evolution of research on agility in the fintech domain has been prepared, focusing on the literature related to fintech agility between 1984 and 2022. In this study, the authors also address the limitations of individual analyses from Scopus and Web of Science (WOS) and propose a comprehensive approach by merging the two research databases. The results reveal significant disparities between authors, publication influences, and keyword occurrences between the WOS and merged databases.
TopIntroduction
A Security Operations Center (SOC) represents a sophisticated infrastructure pivotal in providing comprehensive oversight and situational awareness for an enterprise, bolstering security by swiftly detecting anomalies, threats, and potential intrusion attempts through continuous monitoring. It is a centralized hub where all IT-generated events converge for analysis by a team of skilled security analysts. When searching for “SOC” on Google, one is likely to encounter images depicting rooms adorned with large screens, actively displaying data and graphs—a visual representation of a typical SOC setup. However, the intricacies of a SOC extend beyond mere visualizations and encompass a diverse array of components and processes. The concept of SOC has evolved over the past fifteen years as a strategic defense mechanism against increasingly sophisticated cyber-attacks. SOCs vary in scale and scope, ranging from smaller, internally managed setups to expansive operations staffed by numerous analysts operating around the clock. Most SOCs operate as managed services, as establishing and maintaining an in-house SOC entails considerable expenses. While imperative for organizational security in today's landscape, financial barriers often deter small enterprises from establishing their own SOC (Taqafi et al., 2023).
Information security management is not a cornerstone of the information systems and technology strategy. In that case, the systems' availability and quality might be compromised, making it impossible to reach the strategic goals specified by Senior Management. This is significant proof since Information Security Management is a course of study in the Master's program in Strategic Management of Information Systems and Technologies. With the skills honed in a Master's program, one may portray security operations centers as a technical component and a whole management solution. Security management will take a new turn, integrating technological and managerial expertise (Muniz, 2021).
The purpose of this study is to argue that a SOC is the best managerial response to the issue of cyber protection. To accomplish the overarching goal, it is essential to attend to the first particular purpose, which is to present security operations. This includes explaining why a SOC was created and what services it offers. The second particular goal is to describe the process-people-technology triangle that helps with SOC management via their interaction and synergy. Lastly, a third particular aim will be created to detail the steps to take when developing a SOC.
This chapter is structured into six main sections to comprehensively understand Security Operations Centers (SOCs) and their maturity assessment. Beginning with exploring the background, Section 2 delves into the various functions, challenges, benefits, and types of SOCs, setting the stage for a deeper examination. Section 3 outlines the methodology employed in developing the proposed maturity framework, elucidating the research approach and data collection methods. Section 4 presents the theoretical framework underpinning the SOC maturity model, offering insights into its conceptual foundation. The paper's focal point, Section 5, introduces the proposed SOC maturity framework, elucidating its components and domains in detail. Finally, Section 6 encapsulates the findings and implications drawn from the study, providing a conclusive overview of the research outcomes and potential avenues for future exploration.
Key Terms in this Chapter
Incident Response: The process of detecting, analyzing, and responding to cybersecurity incidents to minimize damage and recover from attacks.
Maturity Model: A framework for evaluating the maturity level of processes within an organization, helping to identify strengths, weaknesses, and areas for improvement.
Automation: The use of technology to perform tasks without human intervention, increasing the efficiency and effectiveness of security operations.
Compliance: Adherence to laws, regulations, standards, and guidelines relevant to cybersecurity and data protection.
SIEM (Security Information and Event Management): A system that collects, aggregates, and analyzes log data from various sources to detect security threats and incidents.
Vulnerability Management: The process of identifying, evaluating, and mitigating vulnerabilities in an organization's IT infrastructure to prevent potential security breaches.
Advanced Analytics: The use of artificial intelligence and machine learning techniques to analyze data and detect anomalies or patterns that indicate potential security threats.
Security Operations Center (SOC): A centralized unit within an organization that continuously monitors, detects, and responds to cybersecurity threats and incidents.
Threat Intelligence: Information about potential or current attacks on an organization's systems, which helps in proactive threat identification and response.
Threat Hunting: The proactive search for threats and vulnerabilities within an organization’s IT environment that may have bypassed existing security measures.