Security incident response criteria: A practitioner's perspective

George Grispos, William Bradley Glisson, Tim Storer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Scopus citations

Abstract

Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.

Original languageEnglish (US)
Title of host publication2015 Americas Conference on Information Systems, AMCIS 2015
PublisherAmericas Conference on Information Systems
ISBN (Electronic)9780996683104
StatePublished - 2015
Externally publishedYes
Event21st Americas Conference on Information Systems, AMCIS 2015 - Fajardo, Puerto Rico
Duration: Aug 13 2015Aug 15 2015

Publication series

Name2015 Americas Conference on Information Systems, AMCIS 2015

Other

Other21st Americas Conference on Information Systems, AMCIS 2015
Country/TerritoryPuerto Rico
CityFajardo
Period8/13/158/15/15

Keywords

  • Cybercrime
  • Security incident response
  • Security incident response criteria (SIRC)

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems

Cite this