The Effect of Big Data Analytics in Enhancing Agility in Cybersecurity Incident Response

Abstract

The ongoing automation of business operations is putting enterprises at risk of cyber attacks more than ever before. Incident response teams are employed by the enterprises for the identification, management, and elimination of cybersecurity attacks along with for the recovery of business operations timely and effectively. In this paper, we argue that to effectively react to the cybersecurity attacks enterprises should build agility in their incident response method and big data analytics performs an effective role in developing agility in incident response. Grounded on twenty-one in depth expert interviews, we develop a framework that explains the salient features and effect of big data analytics in the incident response method at three stages, i.e., manual analysis, basic analysis, and advanced analysis. The agile properties of flexibility, innovation and swiftness are instilled in the incident response method by practicing big data analytics at higher stages of analysis. The results informed that the key features of big data analytics can be firstly utilize to estimate the existing analytical capability and secondly as an assisting tool to enhance incident response method capability.