Abstract
Security incident management is of increasing importance given the growth in cybersecurity threats and regulatory attention. We provide what is, to the best of our knowledge, the first large-scale study of security incident management, consisting of a survey with more than 500 security incident management practitioners grounded by interviews with practitioners in 10 organizations, including companies and educational institutions. We find that some aspects of incident management workftows are consistent across organizations and incident management teams (e.g., collaboration and prioritization), but that the complexity of incident management generally grows with organization size, in that practitioners encounter a wider variety and volume of incidents, collaboration partners and tools. These variations suggest several ways in which tools can better support efficient incident management.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
