Cyber crisis management: a decision-support framework for disclosing security incident information

Olga Kulikova, Ronald Heil, Jan van den Berg, Wolter Pieters

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    9 Citations (Scopus)
    1860 Downloads (Pure)


    The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.
    Original languageUndefined
    Title of host publicationInternational Conference on Cyber Security, CyberSecurity 2012
    Place of PublicationUSA
    PublisherIEEE Computer Society
    Number of pages10
    ISBN (Print)978-1-4799-0219-4
    Publication statusPublished - 16 Dec 2012
    EventInternational Conference on Cyber Security, CyberSecurity 2012, Washington, USA: International Conference on Cyber Security, CyberSecurity 2012 - USA
    Duration: 16 Dec 2012 → …

    Publication series

    NameCyber Security (CyberSecurity), 2012 International Conference
    PublisherIEEE Computer Society


    ConferenceInternational Conference on Cyber Security, CyberSecurity 2012, Washington, USA
    Period16/12/12 → …


    • EWI-23955
    • SCS-Cybersecurity
    • incident information
    • IR-87807
    • Cyber Crisis Management: decision-support
    • Framework
    • METIS-300150
    • disclosing security

    Cite this