Incident Management Capability Metrics Version 0.1

Dorofee, Audrey; Killcrece, Georgia; Ruefle, Robin; Zajicek, Mark T.

doi:10.21236/ada468688

Cited by 11 publications

(8 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is very little material on evaluating the performance of the incident management process itself (the exception being the work by Line et.al [14] and the Software Engineering Institute at Carnegie Mellon University [9]). We believe this paper will be a step towards filling this gap.…”

Section: Discussionmentioning

confidence: 99%

“…Incident management can be divided into five phases; plan and prepare, detection and reporting, assessment and decision, responses, and lessons learnt [7]. Standards and guidelines exist, which allows an organization to adopt a structured approach for incident management, for example NIST SP 800-61 [8], the Incident Management Capability Metrics of SEI [9], and ISO/IEC 27035 [7].…”

Section: Related Work On Incident Management and Metricsmentioning

confidence: 99%

See 1 more Smart Citation

Forewarned is Forearmed: Indicators for Evaluating Information Security Incident Management

Bernsmed

Tøndel

2013

2013 Seventh International Conference on IT Security Incident Management and IT Forensics

View full text Add to dashboard Cite

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Related Work On Incident Management and Metricsmentioning

confidence: 99%

Forewarned is Forearmed: Indicators for Evaluating Information Security Incident Management

Bernsmed

Tøndel

2013

2013 Seventh International Conference on IT Security Incident Management and IT Forensics

View full text Add to dashboard Cite

show abstract

“…With no agreed definition, many organizations adopt different views." NIST breaks incident response down into four broad phases: [102] classified incident management into five major steps: prepare, protect, detect, respond, and sustain. Incident response is not exclusive to administrative level.…”

Section: Figure 6 Nist Security Life Cyclementioning

confidence: 99%

Analytical Review of Cybersecurity for Embedded Systems

Aloseel

Shaw

et al. 2021

IEEE Access

View full text Add to dashboard Cite

To identify the key factors and create the landscape of cybersecurity for embedded systems (CSES), an analytical review of the existing research on CSES has been conducted. The common properties of embedded systems, such as mobility, small size, low cost, independence, and limited power consumption when compared to traditional computer systems, have caused many challenges in CSES. The conflict between cybersecurity requirements and the computing capabilities of embedded systems makes it critical to implement sophisticated security countermeasures against cyber-attacks in an embedded system with limited resources, without draining those resources. In this study, twelve factors influencing CSES have been identified: ( 1) the components; (2) the characteristics; (3) the implementation; (4) the technical domain; (5) the security requirements; (6) the security problems; (7) the connectivity protocols; (8) the attack surfaces; (9) the impact of the cyber-attacks; (10) the security challenges of the ESs; (11) the security solutions; and(12) the players (manufacturers, legislators, operators, and users). A Multiple Layers Feedback Framework of Embedded System Cybersecurity (MuLFESC) with nine layers of protection is proposed, with new metrics of risk assessment. This will enable cybersecurity practitioners to conduct an assessment of their systems with regard to twelve identified cybersecurity aspects. In MuLFESC, the feedback from the systemcomponents layer to the system-operations layer could help implement "Security by Design" in the design stage at the bottom layer. The study provides a clear landscape of CSES and, therefore, could help to find better comprehensive solutions for CSES.INDEX TERMS Characteristics of embedded system, countermeasures, embedded system, cybersecurity of embedded system, MuLFESC, risk assessment.

show abstract

“…As the differences of industries and development phases, there are no unified quantitative criteria or quantified indicator, not even to say corresponding modeling standard or measurement model. At present, only SEI (CMU Software Engineering Institute) assesses incident management capabilities from the following aspect: protection, detection, response and maintenance [ 6 ]. It describes the abovementioned capabilities of enterprises implementing IT service management in a qualitative manner, including the capability of risk assessment, virus protection, information security, network security monitoring, warning indicator, incident report, incident response, incident analysis, program management, network security protection, work staff and security protection system, etc.…”

Section: Introductionmentioning

confidence: 99%

“……,a6 } in a descending order as: D 3 > D 2 > D 1 > D 4 > D 6 > D 5 , thus the final model of first line resolution subprocess can be determined as: a 3 : f(y) = Z 1 x 2 + Z 2 x 8 + Z 3 x11 …”

mentioning

confidence: 99%

IT service incident management model decision based on ELECTRE III

Zhao

Yang

2013

2013 6th International Conference on Information Management, Innovation Management and Industrial Engineering

View full text Add to dashboard Cite

ISO/IEC 20000: 2011 and ITIL v3 provide reference process management strategy for IT service practice. However, because of the variety of IT services, process management is difficult to establish an accurate quantitative process model. Since the core of IT service quantitative management is managing processes quantitatively, it is necessary to establish a quantitative model for process management. However, excessive metrics in process model have increased the complexity and uncertainty of the model. In this paper, real data is measured and collected to establish measurement model set, and ELECTRE III method is used for model decision. Experiment shows that ELECTRE method can meet the decision needs of enterprises for multi-attribute objectives, and the model decision result has a fairly high goodness-of-fit score.

show abstract

Incident Management Capability Metrics Version 0.1

Cited by 11 publications

References 10 publications

Forewarned is Forearmed: Indicators for Evaluating Information Security Incident Management

Forewarned is Forearmed: Indicators for Evaluating Information Security Incident Management

Analytical Review of Cybersecurity for Embedded Systems

IT service incident management model decision based on ELECTRE III

Contact Info

Product

Resources

About