Information security incident management: Identified practice in large organizations

被引:24
作者
Hove, Cathrine [1 ]
Tarnes, Marte [1 ]
Line, Maria B. [1 ]
Bernsmed, Karin [1 ,2 ]
机构
[1] Norwegian Univ Sci & Technol NTNU, Dept Telemat, N-7491 Trondheim, Norway
[2] SINTEF ICT, N-7465 Trondheim, Norway
来源
2014 8TH INTERNATIONAL CONFERENCE ON IT SECURITY INCIDENT MANAGEMENT & IT FORENSICS (IMF 2014) | 2014年
关键词
Best practices; Information security; Incident management; FRAMEWORK;
D O I
10.1109/IMF.2014.9
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper presents a case study on current practice of information security incident management in three large organizations. Qualitative interviews, document studies, and a survey have been performed. Our analysis shows that the organizations have plans and procedures in place, however, not all of these are well established throughout the organizations. Some challenges were prominent in all three organizations, which were related to communication, information collection and dissemination, employee involvement, and allocation of responsibilities. This paper presents our main findings from the study, including current practice for incident management and more details on the identified challenges, and some recommendations for further studies in this field.
引用
收藏
页码:27 / 46
页数:20
相关论文
共 24 条
[1]  
[Anonymous], SECURITY INCIDENT HA
[2]  
[Anonymous], 270352011 ISOIEC
[3]  
[Anonymous], SAFETY SCI
[4]  
[Anonymous], ESSENTIAL GUIDE GUAL
[5]  
[Anonymous], 2010, GOOD PRACT GUID INC
[6]  
[Anonymous], 11 WORKSH EC INF SEC
[7]  
[Anonymous], COMPUTERS SECURITY
[8]  
[Anonymous], 2009, CASE STUDY RES DESIG
[9]  
[Anonymous], BAS COLL GOOD PRACT
[10]  
[Anonymous], NIST SPECIAL PUBLICA
123