The Influence Of Security Operation Center Capability And User Awareness On Information Security Performance (Preliminary Study On The Banking Industry In Indonesia)

Information Security is currently becoming a major issue in IT implementation, especially in the banking industry. With the increase of advanced and more sophisticated attacks, and the growth of security incidents and related losses, a better Information Security approach is needed. Empirically, User Awareness has been proven as a component for successful Information Security. Recently, a Security Operation Center (SOC), whose main function is to Identify, Manage, and Remediate attacks, was promoted as a solution to enhance a companys Information Security posture. However, there is no research data that focuses on the change of Information Security through the implementation of SOC. Therefore, research on whether and how SOCs might affect Information Security performance is needed, and that is what differentiates this research from others. As this research evaluates the influence of SOC and User Awareness on overall Information Security Performance.An Exploratory study is conducted, whose units of analysis are banks in Indonesia. A Balanced Scorecard perspective is used as guidance for indicators to measure the impact on Information Security Performance, which will cover technical, financial, and other related indicators. Data gathered from questionnaires are analysed using Partial Least Squares Structural Equation Modeling (PLS-SEM). It was found that both SOC and User Awareness have both apositive and substantialimpact on the performance of Information Security. The end result justifies that investment in SOC will benefit the banking industry specifically, and other industries in general, for improving Information Security Performance.