Security Incident Response Criteria: A Practitioner's Perspective
نویسندگان
چکیده
Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.
منابع مشابه
Reforming the Incident Management System in the Health System: A Perspective Article
Background: A coordinated disaster response needs a well-organized structure and a locally adapted framework. In light of this, the COVID-19 pandemic offered an opportunity to renovate the response structure, which exhibited deficiencies during the pandemic. Iran shares the experience of an integrated response structure named the Reform Incidents Command System. It includes an integrated approa...
متن کاملTowards Agile Industrial Control Systems Incident Response
The integration of Industrial Control Systems (ICS) with IT systems has increased the ICS’ exposure to cyber threats. We have seen a tremendous increase in the number of security incidents happened to ICS in the past five years. This requires the ICS to provide effective incident response capabilities to counteract security attacks. Previous research on ICS incident response has been focusing o...
متن کاملIncident response teams - Challenges in supporting the organisational security function
Incident response is a critical security function in organisations that aims to manage incidents in a timely and cost-effective manner. This research was motivated by previous case studies that suggested that the practice of incident response frequently did not result in the improvement of strategic security processes such as policy development and risk assessment. An exploratory in-depth case ...
متن کاملOrganisational Learning and Incident Response: Promoting Effective Learning Through The Incident Response Process
Effective response to information security incidents is a critical function of modern organisations. However, recent studies have indicated that organisations have adopted a narrow and technical view of incident response (IR), focusing on the immediate concern of detection and subsequent corrective actions. Although some reflection on the IR process may be involved, it is typically limited to t...
متن کاملHow the Certified Information Systems Security Professional certification supports Digital Forensic processes
This paper explores whether a relationship exists between the Certified Information Systems Security Professional (CISSP) certification and digital forensics. The key findings show that the CISSP Common Body of Knowledge (CBK) covers a wide spectrum of information security practices, processes, and procedures and that the CISSP certification can provide a basic introduction to digital forensic ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1508.02526 شماره
صفحات -
تاریخ انتشار 2015