EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


23955 Cyber crisis management: a decision-support framework for disclosing security incident information
Home Policy Brochure Browse Search User Area Contact Help

Kulikova, O. and Heil, R. and van den Berg, Jan and Pieters, W. (2012) Cyber crisis management: a decision-support framework for disclosing security incident information. In: International Conference on Cyber Security, CyberSecurity 2012, 14-16 Dec 2012, Washington, USA. pp. 103-112. Cyber Security (CyberSecurity), 2012 International Conference . IEEE Computer Society. ISBN 978-1-4799-0219-4

Full text available as:

PDF

376 Kb
Open Access



Official URL: http://dx.doi.org/10.1109/CyberSecurity.2012.20

Exported to Metis

Abstract

The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.

Item Type:Conference or Workshop Paper (Full Paper, Talk)
Research Group:EWI-DIES: Distributed and Embedded Security
Uncontrolled Keywords:Cyber Crisis Management: decision-support, framework, disclosing security,
incident information
ID Code:23955
Status:Published
Deposited On:20 November 2013
Refereed:Yes
International:Yes
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item