Effective cyber defense depends upon intrusion detection, i.e., the process of monitoring, detecting, and reacting appropriately to cyber activity threatening network security. Intrusion detection requires the execution of multiple unique, interdependent network analysis tasks. The current study aimed to expand understanding of cyber defense by separately assessing task induced workload and stress for two key network analyst tasks, triage analysis and escalation analysis, which are the first and second lines of cyber defense, respectively. In separate studies, participants assumed the role of either a triage analyst or an escalation analyst, performed associated intrusion detection duties in simulated cyber task environments, and reported task induced workload and stress. Findings suggest that, even though triage and escalation analysts are both engaged in cyber defense, their tasks result in differentiable workload and stress profiles. This highlights the need for further human factors research examining operator performance and state across network analyst roles.
Or read it online.