scholarly journals Check Your Blind Spot: A New Cyber-Security Metric for Measuring Incident Response Readiness

2017 ◽  
pp. 19-33
Author(s):  
Benjamin Aziz ◽  
Ali Malik ◽  
Jeyong Jung
Keyword(s):  
Cyber Security ◽  
Blind Spot ◽  
Incident Response ◽  
Response Readiness

scholarly journals How integration of cyber security management and incident response enables organizational learning

2019 ◽  
Vol 71 (8) ◽  
pp. 939-953 ◽  
Author(s):  
Atif Ahmad ◽  
Kevin C. Desouza ◽  
Sean B. Maynard ◽  
Humza Naseer ◽  
Richard L. Baskerville
Keyword(s):  
Organizational Learning ◽  
Cyber Security ◽  
Security Management ◽  
Incident Response

scholarly journals Cyber Threat Intelligence and its Role in Proactive Incident Response

2017 ◽  
Author(s):  
Husam Hassan Ambusaidi ◽  
Dr. PRAKASH KUMAR UDUPI
Keyword(s):  
Early Detection ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Incident Response ◽  
Cyber Threats ◽  
Threat Intelligence ◽  
Reliable Source ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

Every day organizations are targeted by different and sophisticated cyber attacks. Most of these organizations are unaware that they are targeted and their networks are compromised. To detect the compromised networks the organizations need a reliable source of cyber threats information.  Many cyber security service vendors provide threat intelligence information to allow early detection of the cyber threats. This research will explore different type of cyber threat intelligence and its role in proactive incident response. The research study the threat intelligence features and how the threat feeds collected and then distributed.  The research studies the role of cyber threat intelligence in early detection of the threats.

scholarly journals Simulation of Workflow and Threat Characteristics for Cyber Security Incident Response Teams

2014 ◽  
Vol 58 (1) ◽  
pp. 427-431 ◽  
Author(s):  
Theodore Reed ◽  
Robert G. Abbott ◽  
Benjamin Anderson ◽  
Kevin Nauer ◽  
Chris Forsythe
Keyword(s):  
Cyber Security ◽  
Incident Response ◽  
Security Incident

scholarly journals Cyber Security Professionals’ Challenges: A Proposed Integrated Platform Solution

2021 ◽  
Vol 3 (2) ◽  
Author(s):  
Mohammed Daffalla Elradi ◽  
Khalid Abass Abdelmaged ◽  
Mutaz Osman Mohammad
Keyword(s):  
Cyber Security ◽  
Management Teams ◽  
Security Threats ◽  
Preliminary Design ◽  
Incident Response ◽  
Cyber Threats ◽  
The People ◽  
Integrated Platform ◽  
Efficiency And Effectiveness ◽  
Threat Management

As cyber threats and attacks are immensely increasing and broadly spreading catastrophically worldwide, cyber security professionals need to cope up with such a highly demanding environment. Security teams, such as Security operation Centre (SOC), Incident Response (IR) and Threat management teams are the people responsible for dealing with cyber security threats and attacks from detection to containment and preventing future incidents; which encompasses some significant challenges that might impose some limitations to the efficiency and effectiveness of activities cyber security professionals conduct, as these processes are time-consuming. In this paper we propose an integrated platform to help cyber security professionals to proactively manage cyber security threats and emerging incidents by providing an automated functionality that can optimize the workflow. The proposed security platform is supposed to diminish the average time taken by cyber security professionals to respond to cyber incidents with an average of 42%. This study can be used as a preliminary design for such an integrated platform.

scholarly journals Observing Cyber Security Incident Response: Qualitative Themes From Field Research

2019 ◽  
Vol 63 (1) ◽  
pp. 437-441 ◽  
Author(s):  
Megan Nyre-Yu ◽  
Robert S. Gutzwiller ◽  
Barrett S. Caldwell
Keyword(s):  
Computer Security ◽  
Cyber Security ◽  
Field Research ◽  
Future Research ◽  
Incident Response ◽  
Organization Learning ◽  
Security Incident ◽  
Technology Advancement ◽  
Contextual Understanding ◽  
Different Levels

Cyber security increasingly focuses on the challenges faced by network defenders. Cultural and security-driven sentiments about external observation, as well as publication concerns, limit the ability of researchers to understand the context surrounding incident response. Context awareness is crucial to inform design and engineering. Furthermore, these perspectives can be heavily influenced by the targeted sector or industry of the research. Together, a lack of broad contextual understanding may be biasing approaches to improving operations, and driving faulty assumptions in cyber teams. A qualitative field study was conducted in three computer security incident response teams (CSIRTs) and included perspectives of government, academia, and private sector teams. Themes emerged and provide insights across multiple aspects of incident response, including information sharing, organization, learning, and automation. The need to focus on vertical integration of issues at different levels of the incident response system is also discussed. Future research will build upon these results, using them to inform technology advancement in CSIR settings.

Sign in / Sign up

Export Citation Format

Share Document