Loading…
A case analysis of information systems and security incident responses
Our case analysis presents and identifies significant and systemic shortcomings of the incident response practices of an Australian financial organization. Organizational Incident Response Teams accumulate considerable experience in addressing information security failures and attacks. Their first-h...
Saved in:
| Published in: | International journal of information management 2015-12, Vol.35 (6), p.717-723 |
|---|---|
| Main Authors: | , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c376t-44af4806b98ad7245a23168cec430e0e9301c113fd3afa362da6d5d4eee645cf3 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c376t-44af4806b98ad7245a23168cec430e0e9301c113fd3afa362da6d5d4eee645cf3 |
| container_end_page | 723 |
| container_issue | 6 |
| container_start_page | 717 |
| container_title | International journal of information management |
| container_volume | 35 |
| creator | Ahmad, Atif Maynard, Sean B Shanks, Graeme |
| description | Our case analysis presents and identifies significant and systemic shortcomings of the incident response practices of an Australian financial organization. Organizational Incident Response Teams accumulate considerable experience in addressing information security failures and attacks. Their first-hand experiences provide organizations with a unique opportunity to draw security lessons and insights towards improving enterprise-wide security management processes. However, previous research shows a distinct lack of communication and collaboration between the functions of incident response and security management, suggesting organizations are not learning from their incident experiences. We subsequently propose a number of lessons learned and a novel security-learning model. |
| doi_str_mv | 10.1016/j.ijinfomgt.2015.08.001 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1778020438</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S026840121500078X</els_id><sourcerecordid>1778020438</sourcerecordid><originalsourceid>FETCH-LOGICAL-c376t-44af4806b98ad7245a23168cec430e0e9301c113fd3afa362da6d5d4eee645cf3</originalsourceid><addsrcrecordid>eNqFkE1r4zAURUXpQNPO_IYauunG7tOHLWUZQtMZCHTTroVGei4ysZXqOYX8-yqkdDGbWb3FO_fCPYzdcmg48O5haOIQpz6Nb3MjgLcNmAaAX7AFN1rWSoO-ZAsQnakVcHHFromGAmhoxYJtVpV3hJWb3O5IkarUV6e2PLo5pqmiI804UvmHitAfcpyPBfAx4DRXGWmfJkL6yX70bkf46-vesNfN48v6d719fvqzXm1rL3U310q5Xhno_i6NC1qo1gnJO-PRKwkIuJTAPeeyD9L1TnYiuC60QSFip1rfyxt2f-7d5_R-QJrtGMnjbucmTAeyXGsDApQ0Bb37Bx3SIZeZJ4rzdqm1gELpM-VzIsrY232Oo8tHy8Ge_NrBfvu1J78WjC36SnJ1TmLZ-xExW_IRJ48hZvSzDSn-t-MT9ZSISw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1711597720</pqid></control><display><type>article</type><title>A case analysis of information systems and security incident responses</title><source>Library & Information Science Abstracts (LISA)</source><source>Elsevier</source><creator>Ahmad, Atif ; Maynard, Sean B ; Shanks, Graeme</creator><creatorcontrib>Ahmad, Atif ; Maynard, Sean B ; Shanks, Graeme</creatorcontrib><description>Our case analysis presents and identifies significant and systemic shortcomings of the incident response practices of an Australian financial organization. Organizational Incident Response Teams accumulate considerable experience in addressing information security failures and attacks. Their first-hand experiences provide organizations with a unique opportunity to draw security lessons and insights towards improving enterprise-wide security management processes. However, previous research shows a distinct lack of communication and collaboration between the functions of incident response and security management, suggesting organizations are not learning from their incident experiences. We subsequently propose a number of lessons learned and a novel security-learning model.</description><identifier>ISSN: 0268-4012</identifier><identifier>EISSN: 1873-4707</identifier><identifier>DOI: 10.1016/j.ijinfomgt.2015.08.001</identifier><language>eng</language><publisher>Kidlington: Elsevier Ltd</publisher><subject>Australia ; Computer information security ; Cooperation ; Data integrity ; Incident Response Teams ; Information management ; Information Security Management ; Information systems ; Learning ; Management ; Mathematical models ; Organizational learning ; Organizations ; Security learning ; Security management ; Studies</subject><ispartof>International journal of information management, 2015-12, Vol.35 (6), p.717-723</ispartof><rights>2015</rights><rights>Copyright Elsevier Science Ltd. Dec 2015</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c376t-44af4806b98ad7245a23168cec430e0e9301c113fd3afa362da6d5d4eee645cf3</citedby><cites>FETCH-LOGICAL-c376t-44af4806b98ad7245a23168cec430e0e9301c113fd3afa362da6d5d4eee645cf3</cites><orcidid>0000-0003-2044-8163</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27922,27923,34133</link.rule.ids></links><search><creatorcontrib>Ahmad, Atif</creatorcontrib><creatorcontrib>Maynard, Sean B</creatorcontrib><creatorcontrib>Shanks, Graeme</creatorcontrib><title>A case analysis of information systems and security incident responses</title><title>International journal of information management</title><description>Our case analysis presents and identifies significant and systemic shortcomings of the incident response practices of an Australian financial organization. Organizational Incident Response Teams accumulate considerable experience in addressing information security failures and attacks. Their first-hand experiences provide organizations with a unique opportunity to draw security lessons and insights towards improving enterprise-wide security management processes. However, previous research shows a distinct lack of communication and collaboration between the functions of incident response and security management, suggesting organizations are not learning from their incident experiences. We subsequently propose a number of lessons learned and a novel security-learning model.</description><subject>Australia</subject><subject>Computer information security</subject><subject>Cooperation</subject><subject>Data integrity</subject><subject>Incident Response Teams</subject><subject>Information management</subject><subject>Information Security Management</subject><subject>Information systems</subject><subject>Learning</subject><subject>Management</subject><subject>Mathematical models</subject><subject>Organizational learning</subject><subject>Organizations</subject><subject>Security learning</subject><subject>Security management</subject><subject>Studies</subject><issn>0268-4012</issn><issn>1873-4707</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2015</creationdate><recordtype>article</recordtype><sourceid>F2A</sourceid><recordid>eNqFkE1r4zAURUXpQNPO_IYauunG7tOHLWUZQtMZCHTTroVGei4ysZXqOYX8-yqkdDGbWb3FO_fCPYzdcmg48O5haOIQpz6Nb3MjgLcNmAaAX7AFN1rWSoO-ZAsQnakVcHHFromGAmhoxYJtVpV3hJWb3O5IkarUV6e2PLo5pqmiI804UvmHitAfcpyPBfAx4DRXGWmfJkL6yX70bkf46-vesNfN48v6d719fvqzXm1rL3U310q5Xhno_i6NC1qo1gnJO-PRKwkIuJTAPeeyD9L1TnYiuC60QSFip1rfyxt2f-7d5_R-QJrtGMnjbucmTAeyXGsDApQ0Bb37Bx3SIZeZJ4rzdqm1gELpM-VzIsrY232Oo8tHy8Ge_NrBfvu1J78WjC36SnJ1TmLZ-xExW_IRJ48hZvSzDSn-t-MT9ZSISw</recordid><startdate>20151201</startdate><enddate>20151201</enddate><creator>Ahmad, Atif</creator><creator>Maynard, Sean B</creator><creator>Shanks, Graeme</creator><general>Elsevier Ltd</general><general>Elsevier Science Ltd</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>E3H</scope><scope>F2A</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-2044-8163</orcidid></search><sort><creationdate>20151201</creationdate><title>A case analysis of information systems and security incident responses</title><author>Ahmad, Atif ; Maynard, Sean B ; Shanks, Graeme</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c376t-44af4806b98ad7245a23168cec430e0e9301c113fd3afa362da6d5d4eee645cf3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2015</creationdate><topic>Australia</topic><topic>Computer information security</topic><topic>Cooperation</topic><topic>Data integrity</topic><topic>Incident Response Teams</topic><topic>Information management</topic><topic>Information Security Management</topic><topic>Information systems</topic><topic>Learning</topic><topic>Management</topic><topic>Mathematical models</topic><topic>Organizational learning</topic><topic>Organizations</topic><topic>Security learning</topic><topic>Security management</topic><topic>Studies</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Ahmad, Atif</creatorcontrib><creatorcontrib>Maynard, Sean B</creatorcontrib><creatorcontrib>Shanks, Graeme</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>Library & Information Sciences Abstracts (LISA)</collection><collection>Library & Information Science Abstracts (LISA)</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>International journal of information management</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Ahmad, Atif</au><au>Maynard, Sean B</au><au>Shanks, Graeme</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A case analysis of information systems and security incident responses</atitle><jtitle>International journal of information management</jtitle><date>2015-12-01</date><risdate>2015</risdate><volume>35</volume><issue>6</issue><spage>717</spage><epage>723</epage><pages>717-723</pages><issn>0268-4012</issn><eissn>1873-4707</eissn><abstract>Our case analysis presents and identifies significant and systemic shortcomings of the incident response practices of an Australian financial organization. Organizational Incident Response Teams accumulate considerable experience in addressing information security failures and attacks. Their first-hand experiences provide organizations with a unique opportunity to draw security lessons and insights towards improving enterprise-wide security management processes. However, previous research shows a distinct lack of communication and collaboration between the functions of incident response and security management, suggesting organizations are not learning from their incident experiences. We subsequently propose a number of lessons learned and a novel security-learning model.</abstract><cop>Kidlington</cop><pub>Elsevier Ltd</pub><doi>10.1016/j.ijinfomgt.2015.08.001</doi><tpages>7</tpages><orcidid>https://orcid.org/0000-0003-2044-8163</orcidid></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0268-4012 |
| ispartof | International journal of information management, 2015-12, Vol.35 (6), p.717-723 |
| issn | 0268-4012 1873-4707 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_1778020438 |
| source | Library & Information Science Abstracts (LISA); Elsevier |
| subjects | Australia Computer information security Cooperation Data integrity Incident Response Teams Information management Information Security Management Information systems Learning Management Mathematical models Organizational learning Organizations Security learning Security management Studies |
| title | A case analysis of information systems and security incident responses |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-14T03%3A58%3A15IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20case%20analysis%20of%20information%20systems%20and%20security%20incident%20responses&rft.jtitle=International%20journal%20of%20information%20management&rft.au=Ahmad,%20Atif&rft.date=2015-12-01&rft.volume=35&rft.issue=6&rft.spage=717&rft.epage=723&rft.pages=717-723&rft.issn=0268-4012&rft.eissn=1873-4707&rft_id=info:doi/10.1016/j.ijinfomgt.2015.08.001&rft_dat=%3Cproquest_cross%3E1778020438%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c376t-44af4806b98ad7245a23168cec430e0e9301c113fd3afa362da6d5d4eee645cf3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=1711597720&rft_id=info:pmid/&rfr_iscdi=true |