 A case analysis of information systems and security incident responsesAtif Ahmad, Sean B Maynard and Graeme Shanks International Journal of Information Management, 2015, vol. 35, issue 6, 717-723 Abstract: Our case analysis presents and identifies significant and systemic shortcomings of the incident response practices of an Australian financial organization. Organizational Incident Response Teams accumulate considerable experience in addressing information security failures and attacks. Their first-hand experiences provide organizations with a unique opportunity to draw security lessons and insights towards improving enterprise-wide security management processes. However, previous research shows a distinct lack of communication and collaboration between the functions of incident response and security management, suggesting organizations are not learning from their incident experiences. We subsequently propose a number of lessons learned and a novel security-learning model. Keywords: Information Security Management; Security learning; Incident Response Teams; Organizational learning (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:eee:ininma:v:35:y:2015:i:6:p:717-723 DOI: 10.1016/j.ijinfomgt.2015.08.001 Access Statistics for this article International Journal of Information Management is currently edited by Yogesh K. Dwivedi More articles in International Journal of Information Management from Elsevier |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.