Title :
Dynamic cyber-incident response
Author :
Mepham, Kevin ; Ghinea, Gheorghita ; Louvieris, Panos ; Clewley, Natalie
Author_Institution :
Defence & Cyber-Security Res. Group, Brunel Univ., Uxbridge, UK
Abstract :
Traditional cyber-incident response models have not changed significantly since the early days of the Computer Incident Response with even the most recent incident response life cycle model advocated by the US National Institute of Standards and Technology (Cichonski, Millar, Grance, & Scarfone, 2012) bearing a striking resemblance to the models proposed by early leaders in the field e.g. Carnegie-Mellon University (West-Brown, et al., 2003) and the SANS Institute (Northcutt, 2003). Whilst serving the purpose of producing coherent and effective response plans, these models appear to be created from the perspectives of Computer Security professionals with no referenced academic grounding. They attempt to defend against, halt and recover from a cyber-attack as quickly as possible. However, other actors inside an organisation may have priorities which conflict with these traditional approaches and may ultimately better serve the longer-term goals and objectives of an organisation.
Keywords :
security of data; US National Institute of Standards and Technology; academic grounding; computer incident response; computer security; cyber-attack; dynamic cyber-incident response; Bibliographies; Communities; Computational modeling; Computer security; Educational institutions; NIST; Cyber Incident Response Active Passive Risk;
Conference_Titel :
Cyber Conflict (CyCon 2014), 2014 6th International Conference On
Conference_Location :
Tallinn
Print_ISBN :
978-9949-9544-0-7
DOI :
10.1109/CYCON.2014.6916399
