Security incident response criteria: A practitioner's perspective

George Grispos, William Bradley Glisson, Tim Storer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Scopus citations


Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.

Original languageEnglish (US)
Title of host publication2015 Americas Conference on Information Systems, AMCIS 2015
PublisherAmericas Conference on Information Systems
ISBN (Electronic)9780996683104
StatePublished - 2015
Externally publishedYes
Event21st Americas Conference on Information Systems, AMCIS 2015 - Fajardo, Puerto Rico
Duration: Aug 13 2015Aug 15 2015

Publication series

Name2015 Americas Conference on Information Systems, AMCIS 2015


Other21st Americas Conference on Information Systems, AMCIS 2015
Country/TerritoryPuerto Rico


  • Cybercrime
  • Security incident response
  • Security incident response criteria (SIRC)

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems

Cite this