Rethinking security incident response: The integration of agile principles

George Grispos, William Bradley Glisson, Tim Storer

Research output: Contribution to conferencePaperpeer-review

11 Scopus citations

Abstract

In today's globally networked environment, information security incidents can inflict staggering financial losses on organizations. Industry reports indicate that fundamental problems exist with the application of current linear plan-driven security incident response approaches being applied in many organizations. Researchers argue that traditional approaches value containment and eradication over incident learning. While previous security incident response research focused on best practice development, linear plandriven approaches and the technical aspects of security incident response, very little research investigates the integration of agile principles and practices into the security incident response process. This paper proposes that the integration of disciplined agile principles and practices into the security incident response process is a practical solution to strengthening an organization's security incident response posture.

Original languageEnglish (US)
StatePublished - 2014
Externally publishedYes
Event20th Americas Conference on Information Systems, AMCIS 2014 - Savannah, GA, United States
Duration: Aug 7 2014Aug 9 2014

Conference

Conference20th Americas Conference on Information Systems, AMCIS 2014
Country/TerritoryUnited States
CitySavannah, GA
Period8/7/148/9/14

Keywords

  • Agile incident response
  • Agile manifesto
  • Agile principles
  • Incident response
  • Information security

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems
  • Library and Information Sciences

Fingerprint

Dive into the research topics of 'Rethinking security incident response: The integration of agile principles'. Together they form a unique fingerprint.

Cite this