Security Incident Recognition and Reporting (SIRR): An Industrial Perspective
نویسندگان
چکیده
Reports and press releases highlight that security incidents continue to plague organizations. While researchers and practitioners’ alike endeavor to identify and implement realistic security solutions to prevent incidents from occurring, the ability to initially identify a security incident is paramount when researching a security incident lifecycle. Hence, this research investigates the ability of employees in a Global Fortune 500 financial organization, through internal electronic surveys, to recognize and report security incidents to pursue a more holistic security posture. The research contribution is an initial insight into security incident perceptions by employees in the financial sector as well as serving as an initial guide for future security incident recognition and reporting initiatives.
منابع مشابه
Security Incident Response Criteria: A Practitioner's Perspective
Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. T...
متن کاملTowards Agile Industrial Control Systems Incident Response
The integration of Industrial Control Systems (ICS) with IT systems has increased the ICS’ exposure to cyber threats. We have seen a tremendous increase in the number of security incidents happened to ICS in the past five years. This requires the ICS to provide effective incident response capabilities to counteract security attacks. Previous research on ICS incident response has been focusing o...
متن کاملChallenges of information security incident learning: An industrial case study in a Chinese healthcare organization.
Security incidents can have negative impacts on healthcare organizations, and the security of medical records has become a primary concern of the public. However, previous studies showed that organizations had not effectively learned lessons from security incidents. Incident learning as an essential activity in the "follow-up" phase of security incident response lifecycle has long been addresse...
متن کاملInvestigation of Incident Reporting System in Iranian Hospitals: A National Survey
Background and Aims: Incident reporting is a possible alternative for learning from errors. One of the barriers in this way is a deficit in, common standards for collecting, interpreting, and presenting data. In this research accordance with Iranchr('39')s incident reporting system with minimal information Model for Patient Safety Incident Reporting Systems (MIMPS)of WHO were compared. Methods:...
متن کاملIncident Analysis & Digital Forensics in SCADA and Industrial Control Systems
SCADA and industrial control systems have been traditionally isolated in physically protected environments. However, developments such as standardisation of data exchange protocols and increased use of IP, emerging wireless sensor networks and machine-to-machine communication mean that in the near future related threat vectors will require consideration too outside the scope of traditional SCAD...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1706.06818 شماره
صفحات -
تاریخ انتشار 2017