Business impact visualization for information security and compliance events

Tannian, Mark

doi:10.31274/etd-180810-3475

Cited by 2 publications

(1 citation statement)

References 59 publications

(62 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A key problem for organizations is the increasing severity and scale of threats that take place. The constitution of a threat event, for instance a hostile cyber-attack, could be so elaborate that it would require connecting hundreds or thousands of data points in a multi-layered organization-wide incident handling effort [3,[11][12][13][14]. Such scrutiny requires conscious care behavior, in which employees deliberate the outcomes of their actions towards their organization's security posture [15,16].…”

Section: Introductionmentioning

confidence: 99%

Organizational Data Breach: Building Conscious Care Behavior in Incident Response

Teoh¹,

Ghani²,

Ahmad³

et al. 2022

Computer Systems Science and Engineering

View full text Add to dashboard Cite

Organizational and end user data breaches are highly implicated by the role of information security conscious care behavior in respective incident responses. This research study draws upon the literature in the areas of information security, incident response, theory of planned behaviour, and protection motivation theory to expand and empirically validate a modified framework of information security conscious care behaviour formation. The applicability of the theoretical framework is shown through a case study labelled as a cyber-attack of unprecedented scale and sophistication in Singapore's history to-date, the 2018 SingHealth data breach. The single in-depth case study observed information security awareness, policy, experience, attitude, subjective norms, perceived behavioral control, threat appraisal and self-efficacy as emerging prominently in the framework's applicability in incident handling. The data analysis did not support threat severity relationship with conscious care behaviour. The findings from the above-mentioned observations are presented as possible key drivers in the shaping information security conscious care behaviour in real-world cyber incident management.

show abstract