The structure of IT standardization

Oksala, S. P.; Rutkowski, Anthony M.; Spring, Michael B.; O'Donnell, Jon

doi:10.1145/230871.230873

Cited by 14 publications

(2 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The history of standards as its own industry is complex in its own right [166]. The Internet and IT standards are formed by heterogeneous processes involving a wide variety of actors [135]. Security-relevant standards are beginning to be seen as having their own unique requirements, distinct from IT standards generally [106].…”

Section: Scope-publication Venuesmentioning

confidence: 99%

Review of Human Decision-making during Computer Security Incident Analysis

Spring

Illari

2021

Digital Threats

View full text Add to dashboard Cite

We review practical advice on decision-making during computer security incident response. Scope includes standards from the IETF, ISO, FIRST, and the US intelligence community. To focus on human decision-making, the scope is the evidence collection, analysis, and reporting phases of response, which includes human decision-making within and connecting these phases. The results indicate both strengths and gaps. A strength is available advice on how to accomplish many specific tasks. However, there is little guidance on how to prioritize tasks in limited time or how to interpret, generalize, and convincingly report results. Future work should focus on these gaps in explication and specification of decision-making during incident analysis.

show abstract

Section: Scope-publication Venuesmentioning

confidence: 99%

Review of Human Decision-making during Computer Security Incident Analysis

Spring

Illari

2021

Digital Threats

View full text Add to dashboard Cite

show abstract

“…The history of standards as its own industry is complex in its own right (Spring, 2011). The Internet and IT standards are formed by heterogeneous processes by a wide variety of actors (Oksala et al, 1996). Security-relevant standards are beginning to be seen as having their own unique requirements, distinct from IT standards generally (Kuhlmann et al, 2016).…”

Section: Scope-publication Venuesmentioning

confidence: 99%

Review of human decision-making during computer security incident analysis

Spring¹,

Illari²

2019

Preprint

View full text Add to dashboard Cite

We review practical advice on decision-making during computer security incident response. Scope includes standards from the IETF, ISO, FIRST, and the US intelligence community. To focus on human decisionmaking, the scope is the evidence collection, analysis, and reporting phases of response. The results indicate both strengths and gaps. A strength is available advice on how to accomplish many specific tasks. However, there is little guidance on how to prioritize tasks in limited time or how to interpret, generalize, and convincingly report results. Future work should focus on these gaps in explication and specification of decision-making during incident analysis.2 See also:"The question you must accept is not whether security incidents will occur, but rather how quickly they can be identified and resolved." https://www.gartner.com/smarterwithgartner/prepare-for-the-inevitable-security-incident/

show abstract

Conclusion

Russell¹

2014

Open Standards and the Digital Age

View full text Add to dashboard Cite

The structure of IT standardization

Cited by 14 publications

References 11 publications

Review of Human Decision-making during Computer Security Incident Analysis

Review of Human Decision-making during Computer Security Incident Analysis

Review of human decision-making during computer security incident analysis

Conclusion

Contact Info

Product

Resources

About