Anthology
Information Technology Consulting Firms’ Readiness for Managing Information Security Incidents
Information saknas
Research Areas
Information saknas
Publication Details
Författarlista: Große, Christine
Författare: Springer Publishing Company
Publikationsår: 2020
Boktitel (om del i bok): Information Systems Security and Privacy
Startsida: 48
End page: 73
Antal sidor: 26
ISBN: 978-3-030-49442-1;978-3-030-49443-8
Sammanfattning
Because of the increase in the number and scope of information security incidents, proper management has recently gained importance for public and private organizations. Further challenges in this area have resulted from new regulations, such as the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS), as well as a tendency to outsource vital services to subcontractors. This study addresses the lack of empirical studies in the field and focuses on information security incident management at information technology (IT) consulting firms.Specifically, it examines challenges due to their exposed position and newregulations. The contribution of the paper is twofold. First, it provides valuable insight into the experiences and challenges of Swedish IT consulting firms.Second, it proposes criteria for classifying an information security incident that can equip decision-makers with a solid and assessable basis for incident management. The results emphasize further improvements in employee awareness, incident classification, and systemic governance, thereby integrating corporate policy making, information security incident management, and information system leadership.
Projects
Information saknas
Keywords
Information saknas
Documents
Information saknas