miun.sePublikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Are You Ready When It Counts?: IT Consulting Firm’s Information Security Incident Management
Mittuniversitetet, Fakulteten för naturvetenskap, teknik och medier, Institutionen för informationssystem och –teknologi.
Mittuniversitetet, Fakulteten för naturvetenskap, teknik och medier, Institutionen för informationssystem och –teknologi.ORCID-id: 0000-0003-4869-5094
2019 (engelsk)Inngår i: Proceedings of the 5th International Conference on Information Systems Security and Privacy (ICISSP), SciTePress, 2019, Vol. 1, s. 26-37Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Information security incidents are increasing both in number and in scope. In consequence, the General Data Protection Regulation and the Directive on security of network and information systems force organisations to report such incidents to a supervision authority. Due to the growing of both the importance of managing incidents and the tendency to outsourcing, this study focuses on IT-consulting firms and highlights their vulnerable position as subcontractors. This study thereby addresses the lack of empirical research on incident management and contributes valuable insights in IT-consulting firms’ experiences with information security incident management. Evidence from interviews and a survey with experts at IT-consulting firms focuses on challenges in managing information security incidents. The analyses identify and clarify both new and known challenges, such as how the recent regulations affect the role of an IT-consulting firm and how the absence of major incidents influences stakeholder awareness. Improvements of IT-consulting firm’s incident management process need to address internal and external communication, the information security awareness of employees and customers and the adequacy of the cost focus.

sted, utgiver, år, opplag, sider
SciTePress, 2019. Vol. 1, s. 26-37
Emneord [en]
Security Awareness, Information Security Incident Management, IT Consulting, GDPR, NIS Directive
HSV kategori
Identifikatorer
URN: urn:nbn:se:miun:diva-35902DOI: 10.5220/0007247500260037Scopus ID: 2-s2.0-85064667686ISBN: 978-989-758-359-9 (tryckt)OAI: oai:DiVA.org:miun-35902DiVA, id: diva2:1300690
Konferanse
5th International Conference on Information Systems Security and Privacy (ICISSP), Prague, Czech Republic, 23-25 February, 2019
Tilgjengelig fra: 2019-03-29 Laget: 2019-03-29 Sist oppdatert: 2019-07-08bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fulltekstScopus

Personposter BETA

Große, Christine

Søk i DiVA

Av forfatter/redaktør
Große, Christine
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 258 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf