Journal article

Cybersecurity Incident Response in Organizations: An Exploratory Case Study and Process Model of Situation Awareness

Atif Ahmad, Sean B Maynard, Kevin C Desouza, James Kotsias, Monica T Whitty, Richard L Baskerville

Computers & Security | Elsevier BV | Published : 2021

DOI: 10.1016/j.cose.2020.102122

Abstract

Organized, sophisticated and persistent cyber-threat-actors pose a significant challenge to large, high-value organizations. They are capable of disrupting and destroying cyber infrastructures, denying organizations access to IT services, and stealing sensitive information including intellectual property, trade secrets and customer data. Past research points to Situation Awareness as critical to effective response. However, most research has focused on the technological perspective with comparatively less focus on the practice perspective. We therefore present an in-depth case study of a leading financial organization with a well-resourced and mature incident response capability that has evo..

View full abstract

Related Projects (1)

Project icon

Enhancing information security management through organisational learning

This project aims to help organisations to protect their information resources from complex and evolving information security threats. This ..

Grants

Awarded by Australian Research Council

Funding Acknowledgements

This work is supported by the Australian Research Council through the Discovery Projects scheme (DP160102277) "Enhancing Information Security Management through Organizational Learning".

Citation metrics

1Scopus

Keywords

Science & Technology
Computer Science, Information Systems
Process Model
Information Security Management
Technology
Incident Response
Cybersecurity
Cybersecurity Management
Situation Awareness
Information
Computer Science
Teams
Case Study