4.5 Article

Information security incident management: Current practice as reported in the literature

COMPUTERS & SECURITY (2014)

Get Full Text
Add to Collection

Journal

COMPUTERS & SECURITY
Volume 45, Issue -, Pages 42-57

Publisher

ELSEVIER ADVANCED TECHNOLOGY
DOI: 10.1016/j.cose.2014.05.003

Keywords

Information security; Incident management; Incident response; ISO/IEC 27035; Systematic review

Categories

Computer Science, Information Systems

Funding

  1. Research Council of Norway [201557]

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

This paper reports results of a systematic literature review on current practice and experiences with incident management, covering a wide variety of organisations. Identified practices are summarised according to the incident management phases of ISO/IEC 27035. The study shows that current practice and experience seem to be in line with the standard. We identify some inspirational examples that will be useful for organisations looking to improve their practices, and highlight which recommended practices generally are challenging to follow. We provide suggestions for addressing the challenges, and present identified research needs within information security incident management. (C) 2014 Elsevier Ltd. All rights reserved.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.5
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available
Webinars Posters Questions Hubs Funding Journals Papers Connect Collections Reviewers About Us FAQs Mobile App Privacy Policy Terms of Use
© Peeref 2019-2024. All rights reserved.