Collaboration Engineering For Incident Response Planning: Process Development and Validation

Kamal, Mehruz; Davis, Alanah; Nabukenya, Josephine; Schoonover, Terrance; Pietron, Leah R.; Vreede, Gert Jan de

doi:10.1109/hicss.2007.128

Cited by 10 publications

(8 citation statements)

References 7 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to Swimlane, 80% to 90 %of all security operations of an incident response can be automated to some extent [117]. The collaborative incident response planning process design discussed in [45] helps practitioners to come up with the repeatable and executable planning process. Some vendors provided a platform that also automates the deployment of security functions through a network infrastructure [29].…”

Section: Orchestrate Security Activitiesmentioning

confidence: 99%

“…One of the major challenges in an organizational security is lack of a fully developed framework for conducting IRP [45], performing coordination and collaboration among incident response [61], seamless implementation and deployment of policies [17]. Some of the challenges mentioned in the reviewed papers include failure to provide clear definition of unwanted traffic and network behaviour [49], significant difficulties in providing clear guidelines to deal with new security mechanisms [31,68,73], failure in providing appropriate training for security management [77], lack of guidelines for conducting incident response planning [45] and severe challenges in enforcing and managing security policies. All these types of challenges result in security staff failing in taking a proactive decision against cybersecurity attacks.…”

Section: Lack Of Regulation and Policy Frameworkmentioning

confidence: 99%

See 1 more Smart Citation

A Multi-Vocal Review of Security Orchestration

2019

View full text Add to dashboard Cite

Organizations use diverse types of security solutions to prevent cyber-attacks. Multiple vendors provide security solutions developed using heterogeneous technologies and paradigms. Hence, it is a challenging rather impossible to easily make security solutions to work an integrated fashion. Security orchestration aims at smoothly integrating multivendor security tools that can effectively and efficiently interoperate to support security staff of a Security Operation Centre (SOC). Given the increasing role and importance of security orchestration, there has been an increasing amount of literature on different aspects of security orchestration solutions. However, there has been no effort to systematically review and analyze the reported solutions. We report a Multivocal Literature Review that has systematically selected and reviewed both academic and grey (blogs, web pages, white papers) literature on different aspects of security orchestration published from January 2007 until July 2017. The review has enabled us to provide a working definition of security orchestration and classify the main functionalities of security orchestration into three main areas -unification, orchestration, and automation. We have also identified the core components of a security orchestration platform and categorized the drivers of security orchestration based on technical and socio-technical aspects. We also provide a taxonomy of security orchestration based on the execution environment, automation strategy, deployment type, mode of task and resource type. This review has helped us to reveal several areas of further research and development in security orchestration. CCS ConceptsGeneral and reference → Survey and overviews; Security and privacy; Software engineering Additional Key Words and PhraseSecurity orchestration, security automation, multivocal literature review, intelligent security assistant.

show abstract

Section: Orchestrate Security Activitiesmentioning

confidence: 99%

Section: Lack Of Regulation and Policy Frameworkmentioning

confidence: 99%

A Multi-Vocal Review of Security Orchestration

2019

View full text Add to dashboard Cite

show abstract

“…Action research also enables testing artifacts by applying them in real-life settings [2], [15], [22]; hence the ColCuRP was tested in four HEIs environments. Action research has also been successfully used in other similar CE studies [1], [12], [16], [17].…”

Section: Research Approachmentioning

confidence: 99%

A Collaborative Curriculum Review: Applicability to Higher Education Institutions

Alunyu¹,

Bwire²,

Arinaitwe³

et al. 2018

Proceedings of the 51st Hawaii International Conference on System Sciences

Self Cite

View full text Add to dashboard Cite

show abstract

“…Secondly, action research allowed us to test the collaboration process by applying it in a real life setting. Moreover, it has been successfully used in other similar research studies [16,17,15].…”

Section: Research Approachmentioning

confidence: 99%

A Repeatable Collaboration Process for Exploring Business Process Improvement Alternatives

Amiyo

Nabukenya

Sol

2012

2012 45th Hawaii International Conference on System Sciences

Self Cite

View full text Add to dashboard Cite

The dynamic nature of organisations has increased demand for business process agility leading to the adoption of continuous Business Process Improvement (BPI). Success of BPI projects calls for continuous process analysis and exploration of several improvement alternatives. These activities are knowledge intensive requiring multi-disciplinary skills. Coupled with the cross-cutting nature of business processes attainment of one's business goal necessitates collaboration among stakeholders in many business process improvement efforts. However the existing tools provide limited to no support for this kind of collaboration, especially in the decision processes involved. In light of this, we designed a repeatable collaboration process (CP) for BPI alternative exploration. The CP consists of two modules aimed at the generation of BPI alternatives and the selection of a BPI alternative respectively. Evaluation results from testing sessions at two organisations show that the CP provides support for the BPI generation and selection process, and is useful for BPI alternative exploration.

show abstract

Collaboration Engineering For Incident Response Planning: Process Development and Validation

Abstract: Abstract

Cited by 10 publications

References 7 publications

A Multi-Vocal Review of Security Orchestration

A Multi-Vocal Review of Security Orchestration

A Collaborative Curriculum Review: Applicability to Higher Education Institutions

A Repeatable Collaboration Process for Exploring Business Process Improvement Alternatives

Contact Info

Product

Resources

About