Journal article

Cybersecurity Incident Response in Organizations: An Exploratory Case Study and Process Model of Situation Awareness

Atif Ahmad, Sean B Maynard, Kevin C Desouza, James Kotsias, Monica T Whitty, Richard L Baskerville

Computers & Security | Elsevier BV | Published : 2021

DOI: 10.1016/j.cose.2020.102122

Abstract

Organized, sophisticated and persistent cyber-threat-actors pose a significant challenge to large, high-value organizations. They are capable of disrupting and destroying cyber infrastructures, denying organizations access to IT services, and stealing sensitive information including intellectual property, trade secrets and customer data. Past research points to Situation Awareness as critical to effective response. However, most research has focused on the technological perspective with comparatively less focus on the practice perspective. We therefore present an in-depth case study of a leading financial organization with a well-resourced and mature incident response capability that has evo..

View full abstract

Related Projects (2)

Project icon

Enhancing information security management through organisational learning

This project aims to help organisations to protect their information resources from complex and evolving information security threats. This ..

Project icon

Executive Learning In Cyber Security: Video-Enhanced Storytelling for Online Education

Grants

Awarded by Australian Research Council

Funding Acknowledgements

This work is supported by the Australian Research Council through the Discovery Projects scheme (DP160102277) "Enhancing Information Security Management through Organizational Learning".

Citation metrics

19Web of Science
28Scopus
32Dimensions

Keywords

Technology
Computer Science, Information Systems
Cybersecurity
Information
Process Model
Information Security Management
Incident Response
Science & Technology
Teams
Case Study
Cybersecurity Management
Computer Science
Situation Awareness