Reference Hub

This research has been cited in:

Conference
Intrusion Detection & Incident Response for Information Security: Technologies and Challenges2022 2nd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE)10.1109/ICACITE53722.2022.9823454
Article
Empirical Study on the Influence of Security Control Management and Social Factors in Deterring Information Security MisbehaviourJournal of Physics: Conference Series10.1088/1742-6596/1551/1/012010
Conference
Model-Based Incident Response PlaybooksProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3538976

Socio-Technical SIEM (ST-SIEM): Towards Bridging the Gap in Security Incident Response

Bilal AlSabbagh, Stewart Kowalski

Source Title: International Journal of Systems and Society (IJSS)4(2)

ISSN: 2327-3984|EISSN: 2327-3992|EISBN13: 9781522515760|DOI: 10.4018/IJSS.2017070102

Cite Article Cite Article

MLA

AlSabbagh, Bilal, and Stewart Kowalski. "Socio-Technical SIEM (ST-SIEM): Towards Bridging the Gap in Security Incident Response." IJSS vol.4, no.2 2017: pp.8-21. http://doi.org/10.4018/IJSS.2017070102

APA

AlSabbagh, B. & Kowalski, S. (2017). Socio-Technical SIEM (ST-SIEM): Towards Bridging the Gap in Security Incident Response. International Journal of Systems and Society (IJSS), 4(2), 8-21. http://doi.org/10.4018/IJSS.2017070102

Chicago

AlSabbagh, Bilal, and Stewart Kowalski. "Socio-Technical SIEM (ST-SIEM): Towards Bridging the Gap in Security Incident Response," International Journal of Systems and Society (IJSS) 4, no.2: 8-21. http://doi.org/10.4018/IJSS.2017070102

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

This article discusses the design and specifications of a Socio-Technical Security Information and Event Management System (ST-SIEM). This newly-developed artifact addresses an important limitation identified in today incident response practice—the lack of sufficient context in actionable security information disseminated to constituent organizations. ST-SIEM tackles this limitation by considering the socio-technical aspect of information systems security. This concept is achieved by correlating the technical metrics of security warnings (which are generic in nature, and the sources of which are sometimes unknown) with predefined social security metrics (used for modeling the security culture of constituent organizations). ST-SIEM, accordingly, adapts the risk factor of the triggered security warning based on each constituent organization security culture. Moreover, the artifact features several socio-technical taxonomies with an impact factor to support organizations in classifying, reporting, and escalating actionable security information. The overall project uses design science research as a framework to develop the artifact.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Socio-Technical SIEM (ST-SIEM): Towards Bridging the Gap in Security Incident Response

MLA

APA

Chicago

Export Reference

Abstract

Request Access