A Repeatable Collaboration Process for Incident Response Planning

A Repeatable Collaboration Process for Incident Response Planning

Alanah Davis (University of Nebraska at Omaha, USA), Gert-Jan de Vreede (University of Nebraska at Omaha, USA) and Leah R. Pietron (University of Nebraska at Omaha, USA)
DOI: 10.4018/978-1-60566-326-5.ch012
OnDemand PDF Download:
$37.50

Abstract

This chapter presents a repeatable collaboration process as an approach for developing a comprehensive Incident Response Plan for an organization or team. Despite the process of incident response planning being an essential ingredient in security planning procedures in organizations, extensive literature reviews have not yielded any collaborative processes for such a crucial activity. As such, this chapter will discuss the background of incident response planning as well as Collaboration Engineering, which is an approach to design repeatable collaborative work practices. We then present a collaboration process for incident response planning that was designed using Collaboration Engineering principles, followed by a discussion of the application process in three cases. The presented process is applicable across organizations in various sectors and domains, and consist of codified “best facilitation practices” that can be easily transferred to and adopted by security managers. The chapter describes the process in detail and highlights research results obtained during initial applications of the process.
Chapter Preview
Top

Background

There is a significant amount of research in the area of IT contingency planning and, as a part of that, incident response planning. However, based on our research of existing literature we conclude that no collaborative process has been presented for security practitioners. The background in this chapter will first discuss relevant research related to incident response planning. Then we discuss the Collaboration Engineering approach that was used to design the repeatable incident response planning process.

Complete Chapter List

Search this Book:
Reset
Editorial Advisory Board
Table of Contents
Foreword
Merrill Warkentin
Preface
Kenneth J. Knapp
Acknowledgment
Kenneth J. Knapp
Chapter 1
Jaziar Radianti, Jose J. Gonzalez
This chapter discusses the possible growth of black markets (BMs) for software vulnerabilities and factors affecting their spread. It is difficult... Sample PDF
Dynamic Modeling of the Cyber Security Threat Problem: The Black Market for Vulnerabilities
$37.50
Chapter 2
Somak Bhattacharya, Samresh Malhotra, S. K. Ghosh
As networks continue to grow in size and complexity, automatic assessment of the security vulnerability becomes increasingly important. The typical... Sample PDF
An Attack Graph Based Approach for Threat Identification of an Enterprise Network
$37.50
Chapter 3
Robert F. Mills, Gilbert L. Peterson, Michael R. Grimaila
The purpose of this chapter is to introduce the insider threat and discuss methods for preventing, detecting, and responding to the threat. Trusted... Sample PDF
Insider Threat Prevention, Detection and Mitigation
$37.50
Chapter 4
Richard T. Gordon, Allison S. Gehrke
This chapter describes a methodology for assessing security infrastructure effectiveness utilizing formal mathematical models. The goal of this... Sample PDF
An Autocorrelation Methodology for the Assessment of Security Assurance
$37.50
Chapter 5
Ken Webb
This chapter results from a qualitative research study finding that a heightened risk for management has emerged from a new security environment... Sample PDF
Security Implications for Management from the Onset of Information Terrorism
$37.50
Chapter 6
Yves Barlette, Vladislav V. Fomin
This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A... Sample PDF
The Adoption of Information Security Management Standards: A Literature Review
$37.50
Chapter 7
Peter R. Marksteiner
Information overload is an increasingly familiar phenomenon, but evolving United States military doctrine provides a new analytical approach and a... Sample PDF
Data Smog, Techno Creep and the Hobbling of the Cognitive Dimension
$37.50
Chapter 8
John W. Bagby
The public expects that technologies used in electronic commerce and government will enhance security while preserving privacy. These expectations... Sample PDF
Balancing the Public Policy Drivers in the Tension between Privacy and Security
$37.50
Chapter 9
Indira R. Guzman, Kathryn Stam, Shaveta Hans, Carole Angolano
The goal of our study is to contribute to a better understanding of role conflict, skill expectations, and the value of information technology (IT)... Sample PDF
Human Factors in Security: The Role of Information Security Professionals within Organizations
$37.50
Chapter 10
Nikolaos Bekatoros HN, Jack L. Koons III, Mark E. Nissen
The US Government is moving apace to develop doctrines and capabilities that will allow the Department of Defense (DoD) to exploit Cyberspace for... Sample PDF
Diagnosing Misfits, Inducing Requirements, and Delineating Transformations within Computer Network Operations Organizations
$37.50
Chapter 11
Rodger Jamieson, Stephen Smith, Greg Stephens, Donald Winchester
This chapter outlines components of a strategy for government and a conceptual identity fraud enterprise management framework for organizations to... Sample PDF
An Approach to Managing Identity Fraud
$37.50
Chapter 12
Alanah Davis, Gert-Jan de Vreede, Leah R. Pietron
This chapter presents a repeatable collaboration process as an approach for developing a comprehensive Incident Response Plan for an organization or... Sample PDF
A Repeatable Collaboration Process for Incident Response Planning
$37.50
Chapter 13
Dean A. Jones, Linda K Nozick, Mark A. Turnquist, William J. Sawaya
A pandemic influenza outbreak could cause serious disruption to operations of several critical infrastructures as a result of worker absenteeism.... Sample PDF
Pandemic Influenza, Worker Absenteeism and Impacts on Critical Infrastructures: Freight Transportation as an Illustration
$37.50
Chapter 14
Preeti Singh, Pranav Singh, Insu Park, JinKyu Lee
We live in a digital era where the global community relies on Information Systems to conduct all kinds of operations, including averting or... Sample PDF
Information Sharing: A Study of Information Attributes and their Relative Significance During Catastrophic Events
$37.50
Chapter 15
Gregory B. White, Mark L. Huson
The protection of cyberspace is essential to ensure that the critical infrastructures a nation relies on are not corrupted or disrupted. Government... Sample PDF
An Overview of the Community Cyber Security Maturity Model
$37.50
Chapter 16
Doug White, Alan Rea
In this chapter the authors present essential server security components and develop a set of logical steps to build hardened servers. The authors... Sample PDF
Server Hardening Model Development: A Methodology-Based Approach to Increased System Security
$37.50
Chapter 17
Jeff Teo
Computer attacks of all sorts are commonplace in today’s interconnected, globalized society. A computer worm, written and released in one part of... Sample PDF
Trusted Computing: Evolution and Direction
$37.50
Chapter 18
Miguel Jose Hernandez y Lopez, Carlos Francisco Lerma Resendez
This chapter discusses the basic aspects of Honeypots, how they are implemented in modern computer networks, as well as their practical uses and... Sample PDF
Introduction, Classification and Implementation of Honeypots
$37.50
About the Contributors