2017
DOI: 10.1016/j.diin.2017.07.006
|View full text |Cite
|
Sign up to set email alerts
|

Enhancing security incident response follow-up efforts with lightweight agile retrospectives

Abstract: Security incidents detected by organizations are escalating in both scale and complexity. As a result, security incident response has become a critical mechanism for organizations in an effort to minimize the damage from security incidents. The final phase within many security incident response approaches is the feedback/follow-up phase. It is within this phase that an organization is expected to use information collected during an investigation in order to learn from an incident, improve its security incident… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
39
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
3
3
2
1

Relationship

1
8

Authors

Journals

citations
Cited by 22 publications
(39 citation statements)
references
References 17 publications
(48 reference statements)
0
39
0
Order By: Relevance
“…Healthcare Incident Learning Incident learning happens in the "follow-up" phase of the incident response process [21]. This information should feed relevant knowledge and changes into the security management process to inform the creation of further reference material on how to respond to similar incidents [21,36,37]. In particular, such activities feed information back to the "preparedness" phase to determine if additional tools, increased security budgets, improved training programs and alterations to the incident response procedures are required.…”
Section: Discussionmentioning
confidence: 99%
“…Healthcare Incident Learning Incident learning happens in the "follow-up" phase of the incident response process [21]. This information should feed relevant knowledge and changes into the security management process to inform the creation of further reference material on how to respond to similar incidents [21,36,37]. In particular, such activities feed information back to the "preparedness" phase to determine if additional tools, increased security budgets, improved training programs and alterations to the incident response procedures are required.…”
Section: Discussionmentioning
confidence: 99%
“…The rise in internet users appears to correlate with an escalation in cyber-crimes, which creates a risk for the organization's information security [2]. Detecting and responding to security incidents interest both industry and academicians [3][4][5][6]. According to a report by Forrester's, government, retail, and technology industries constituted 95% of the breached records in 2016, which included personal identifying information [7].…”
Section: Introductionmentioning
confidence: 99%
“…The evolving atmosphere in cloud computing encourages organizations to consider cloud environments from a security perspective along with ways to improve incident response situations [24][25][26][27]. Trends in adoption of containers and increasing security prompts the hypothesis that introspection tools can be used as a data collection tool for an early warning system, as well as a forensic analysis tool, within a containerized system.…”
Section: Introductionmentioning
confidence: 99%