Security incident response criteria: A practitioner's perspective

George Grispos; William Bradley Glisson; Tim Storer

Security incident response criteria: A practitioner's perspective

George Grispos, William Bradley Glisson, Tim Storer

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.

Original language	English (US)
Title of host publication	2015 Americas Conference on Information Systems, AMCIS 2015
Publisher	Americas Conference on Information Systems
ISBN (Electronic)	9780996683104
State	Published - 2015
Externally published	Yes
Event	21st Americas Conference on Information Systems, AMCIS 2015 - Fajardo, Puerto Rico Duration: Aug 13 2015 → Aug 15 2015

Publication series

Name	2015 Americas Conference on Information Systems, AMCIS 2015

Other

Other	21st Americas Conference on Information Systems, AMCIS 2015
Country/Territory	Puerto Rico
City	Fajardo
Period	8/13/15 → 8/15/15

Keywords

Cybercrime
Security incident response
Security incident response criteria (SIRC)

ASJC Scopus subject areas

Computer Science Applications
Information Systems

Cite this

Security incident response criteria: A practitioner's perspective. / Grispos, George; Glisson, William Bradley; Storer, Tim.
2015 Americas Conference on Information Systems, AMCIS 2015. Americas Conference on Information Systems, 2015. (2015 Americas Conference on Information Systems, AMCIS 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

@inproceedings{57753a103b4c4870b0095b244b51f58e,

title = "Security incident response criteria: A practitioner's perspective",

abstract = "Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.",

keywords = "Cybercrime, Security incident response, Security incident response criteria (SIRC)",

author = "George Grispos and Glisson, {William Bradley} and Tim Storer",

note = "Funding Information: This work was supported by the A.G. Leventis Foundation. Any opinions, findings, conclusions or recommendations expressed in this paper are those of the authors and do not reflect the views of the A.G. Leventis Foundation.; 21st Americas Conference on Information Systems, AMCIS 2015 ; Conference date: 13-08-2015 Through 15-08-2015",

year = "2015",

language = "English (US)",

series = "2015 Americas Conference on Information Systems, AMCIS 2015",

publisher = "Americas Conference on Information Systems",

booktitle = "2015 Americas Conference on Information Systems, AMCIS 2015",

}

TY - GEN

T1 - Security incident response criteria

T2 - 21st Americas Conference on Information Systems, AMCIS 2015

AU - Grispos, George

AU - Glisson, William Bradley

AU - Storer, Tim

N1 - Funding Information: This work was supported by the A.G. Leventis Foundation. Any opinions, findings, conclusions or recommendations expressed in this paper are those of the authors and do not reflect the views of the A.G. Leventis Foundation.

PY - 2015

Y1 - 2015

N2 - Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.

AB - Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.

KW - Cybercrime

KW - Security incident response

KW - Security incident response criteria (SIRC)

UR - http://www.scopus.com/inward/record.url?scp=84963499975&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84963499975&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84963499975

T3 - 2015 Americas Conference on Information Systems, AMCIS 2015

BT - 2015 Americas Conference on Information Systems, AMCIS 2015

PB - Americas Conference on Information Systems

Y2 - 13 August 2015 through 15 August 2015

ER -

Security incident response criteria: A practitioner's perspective

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Other files and links

Cite this