Information Security Incident Management: Identified Practice in Large Organizations

Author

Hove, Cathrine ; Tarnes, Marte ; Line, Maria B. ; Bernsmed, Karin

Author_Institution

Norwegian Univ. of Sci. & Technol. (NTNU), Trondheim, Norway

fYear

2014

fDate

12-14 May 2014

Firstpage

27

Lastpage

46

Abstract

This paper presents a case study on current practice of information security incident management in three large organizations. Qualitative interviews, document studies, and a survey have been performed. Our analysis shows that the organizations have plans and procedures in place, however, not all of these are well established throughout the organizations. Some challenges were prominent in all three organizations, which were related to communication, information collection and dissemination, employee involvement, and allocation of responsibilities. This paper presents our main findings from the study, including current practice for incident management and more details on the identified challenges, and some recommendations for further studies in this field.

Keywords

organisational aspects; security of data; document studies; employee involvement; information collection; information dissemination; information security incident management; large organizations; qualitative interviews; responsibility allocation; Guidelines; Information security; Interviews; Organizations; Standards organizations; Best practices; Incident management; Information security;

fLanguage

English

Publisher

ieee

Conference_Titel

IT Security Incident Management & IT Forensics (IMF), 2014 Eighth International Conference on

Conference_Location

Munster

Print_ISBN

978-1-4799-4330-2

Type

conf

DOI

10.1109/IMF.2014.9

Filename

6824080