miun.sePublikationer
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Are You Ready When It Counts?: IT Consulting Firm’s Information Security Incident Management
Mittuniversitetet, Fakulteten för naturvetenskap, teknik och medier, Institutionen för informationssystem och –teknologi.
Mittuniversitetet, Fakulteten för naturvetenskap, teknik och medier, Institutionen för informationssystem och –teknologi.ORCID-id: 0000-0003-4869-5094
2019 (Engelska)Ingår i: Proceedings of the 5th International Conference on Information Systems Security and Privacy (ICISSP), SciTePress, 2019, Vol. 1, s. 26-37Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Information security incidents are increasing both in number and in scope. In consequence, the General Data Protection Regulation and the Directive on security of network and information systems force organisations to report such incidents to a supervision authority. Due to the growing of both the importance of managing incidents and the tendency to outsourcing, this study focuses on IT-consulting firms and highlights their vulnerable position as subcontractors. This study thereby addresses the lack of empirical research on incident management and contributes valuable insights in IT-consulting firms’ experiences with information security incident management. Evidence from interviews and a survey with experts at IT-consulting firms focuses on challenges in managing information security incidents. The analyses identify and clarify both new and known challenges, such as how the recent regulations affect the role of an IT-consulting firm and how the absence of major incidents influences stakeholder awareness. Improvements of IT-consulting firm’s incident management process need to address internal and external communication, the information security awareness of employees and customers and the adequacy of the cost focus.

Ort, förlag, år, upplaga, sidor
SciTePress, 2019. Vol. 1, s. 26-37
Nyckelord [en]
Security Awareness, Information Security Incident Management, IT Consulting, GDPR, NIS Directive
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik
Identifikatorer
URN: urn:nbn:se:miun:diva-35902DOI: 10.5220/0007247500260037Scopus ID: 2-s2.0-85064667686ISBN: 978-989-758-359-9 (tryckt)OAI: oai:DiVA.org:miun-35902DiVA, id: diva2:1300690
Konferens
5th International Conference on Information Systems Security and Privacy (ICISSP), Prague, Czech Republic, 23-25 February, 2019
Tillgänglig från: 2019-03-29 Skapad: 2019-03-29 Senast uppdaterad: 2019-07-08Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltextScopus

Personposter BETA

Große, Christine

Sök vidare i DiVA

Av författaren/redaktören
Große, Christine
Av organisationen
Institutionen för informationssystem och –teknologi
Systemvetenskap, informationssystem och informatik

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 238 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf