Anthology

Information Technology Consulting Firms’ Readiness for Managing Information Security Incidents

Authors/Editors

Information saknas



Research Areas

Information saknas


Publication Details

Författarlista: Große, Christine

Författare: Springer Publishing Company

Publikationsår: 2020

Boktitel (om del i bok): Information Systems Security and Privacy

Startsida: 48

End page: 73

Antal sidor: 26

ISBN: 978-3-030-49442-1;978-3-030-49443-8

DOI: http://dx.doi.org/10.1007/978-3-030-49443-8_3

URL: https://www.springerprofessional.de/en/information-technology-consulting-firms-readiness-for-managing-i/18125308


Sammanfattning

Because of the increase in the number and scope of information security incidents, proper management has recently gained importance for public and private organizations. Further challenges in this area have resulted from new regulations, such as the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS), as well as a tendency to outsource vital services to subcontractors. This study addresses the lack of empirical studies in the field and focuses on information security incident management at information technology (IT) consulting firms.Specifically, it examines challenges due to their exposed position and newregulations. The contribution of the paper is twofold. First, it provides valuable insight into the experiences and challenges of Swedish IT consulting firms.Second, it proposes criteria for classifying an information security incident that can equip decision-makers with a solid and assessable basis for incident management. The results emphasize further improvements in employee awareness, incident classification, and systemic governance, thereby integrating corporate policy making, information security incident management, and information system leadership.


Projects

Information saknas


Keywords

Information saknas


Documents

Information saknas


Senast uppdaterat 2020-20-08 vid 06:36