Organizational Security Learning from Incident Response
The security-related experiences of Incident Response Teams provide Enterprise Information Security Management with a unique opportunity to draw lessons and insights. However, research has shown that there is often inadequate information-sharing between the security and response functions of organiz...
| Main Authors: | , , , , |
|---|---|
| Format: | Conference Paper |
| Published: |
2018
|
| Online Access: | http://hdl.handle.net/20.500.11937/66469 |
| _version_ | 1848761329162125312 |
|---|---|
| author | Ahmad, A. Baskerville, Richard Webb, J. Maynard, S. Shanks, G. |
| author_facet | Ahmad, A. Baskerville, Richard Webb, J. Maynard, S. Shanks, G. |
| author_sort | Ahmad, A. |
| building | Curtin Institutional Repository |
| collection | Online Access |
| description | The security-related experiences of Incident Response Teams provide Enterprise Information Security Management with a unique opportunity to draw lessons and insights. However, research has shown that there is often inadequate information-sharing between the security and response functions of organizations. In this paper we apply a general theory of organizational learning to interpret findings from a case study of IR practices at a major Australian financial institution, and then propose a learning process model that can be used to bridge IR and ISM functions in organizations. Findings from focus group research carried out for preliminary evaluation of the model are presented, followed by a discussion of the project’s next steps. |
| first_indexed | 2025-11-14T10:29:56Z |
| format | Conference Paper |
| id | curtin-20.500.11937-66469 |
| institution | Curtin University Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-14T10:29:56Z |
| publishDate | 2018 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | curtin-20.500.11937-664692018-04-30T02:40:51Z Organizational Security Learning from Incident Response Ahmad, A. Baskerville, Richard Webb, J. Maynard, S. Shanks, G. The security-related experiences of Incident Response Teams provide Enterprise Information Security Management with a unique opportunity to draw lessons and insights. However, research has shown that there is often inadequate information-sharing between the security and response functions of organizations. In this paper we apply a general theory of organizational learning to interpret findings from a case study of IR practices at a major Australian financial institution, and then propose a learning process model that can be used to bridge IR and ISM functions in organizations. Findings from focus group research carried out for preliminary evaluation of the model are presented, followed by a discussion of the project’s next steps. 2018 Conference Paper http://hdl.handle.net/20.500.11937/66469 restricted |
| spellingShingle | Ahmad, A. Baskerville, Richard Webb, J. Maynard, S. Shanks, G. Organizational Security Learning from Incident Response |
| title | Organizational Security Learning from Incident Response |
| title_full | Organizational Security Learning from Incident Response |
| title_fullStr | Organizational Security Learning from Incident Response |
| title_full_unstemmed | Organizational Security Learning from Incident Response |
| title_short | Organizational Security Learning from Incident Response |
| title_sort | organizational security learning from incident response |
| url | http://hdl.handle.net/20.500.11937/66469 |