Cyber crisis management: a decision-support framework for disclosing security incident information

Olga Kulikova, Ronald Heil, Jan van den Berg, Wolter Pieters

Research output: Chapter in Book/Report/Conference proceedingConference contribution

  • 1 Citations

Abstract

The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.
LanguageUndefined
Title of host publicationInternational Conference on Cyber Security, CyberSecurity 2012
Place of PublicationUSA
PublisherIEEE Computer Society
Pages103-112
Number of pages10
ISBN (Print)978-1-4799-0219-4
DOIs
StatePublished - 16 Dec 2012

Publication series

NameCyber Security (CyberSecurity), 2012 International Conference
PublisherIEEE Computer Society

Keywords

  • EWI-23955
  • SCS-Cybersecurity
  • incident information
  • IR-87807
  • Cyber Crisis Management: decision-support
  • Framework
  • METIS-300150
  • disclosing security

Cite this

Kulikova, O., Heil, R., van den Berg, J., & Pieters, W. (2012). Cyber crisis management: a decision-support framework for disclosing security incident information. In International Conference on Cyber Security, CyberSecurity 2012 (pp. 103-112). (Cyber Security (CyberSecurity), 2012 International Conference). USA: IEEE Computer Society. DOI: 10.1109/CyberSecurity.2012.20
Kulikova, Olga ; Heil, Ronald ; van den Berg, Jan ; Pieters, Wolter. / Cyber crisis management: a decision-support framework for disclosing security incident information. International Conference on Cyber Security, CyberSecurity 2012. USA : IEEE Computer Society, 2012. pp. 103-112 (Cyber Security (CyberSecurity), 2012 International Conference).
@inproceedings{519b66b235ec481ea9b14058e29af148,
title = "Cyber crisis management: a decision-support framework for disclosing security incident information",
abstract = "The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.",
keywords = "EWI-23955, SCS-Cybersecurity, incident information, IR-87807, Cyber Crisis Management: decision-support, Framework, METIS-300150, disclosing security",
author = "Olga Kulikova and Ronald Heil and {van den Berg}, Jan and Wolter Pieters",
note = "10.1109/CyberSecurity.2012.20",
year = "2012",
month = "12",
day = "16",
doi = "10.1109/CyberSecurity.2012.20",
language = "Undefined",
isbn = "978-1-4799-0219-4",
series = "Cyber Security (CyberSecurity), 2012 International Conference",
publisher = "IEEE Computer Society",
pages = "103--112",
booktitle = "International Conference on Cyber Security, CyberSecurity 2012",
address = "United States",

}

Kulikova, O, Heil, R, van den Berg, J & Pieters, W 2012, Cyber crisis management: a decision-support framework for disclosing security incident information. in International Conference on Cyber Security, CyberSecurity 2012. Cyber Security (CyberSecurity), 2012 International Conference, IEEE Computer Society, USA, pp. 103-112. DOI: 10.1109/CyberSecurity.2012.20

Cyber crisis management: a decision-support framework for disclosing security incident information. / Kulikova, Olga; Heil, Ronald; van den Berg, Jan; Pieters, Wolter.

International Conference on Cyber Security, CyberSecurity 2012. USA : IEEE Computer Society, 2012. p. 103-112 (Cyber Security (CyberSecurity), 2012 International Conference).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Cyber crisis management: a decision-support framework for disclosing security incident information

AU - Kulikova,Olga

AU - Heil,Ronald

AU - van den Berg,Jan

AU - Pieters,Wolter

N1 - 10.1109/CyberSecurity.2012.20

PY - 2012/12/16

Y1 - 2012/12/16

N2 - The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.

AB - The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.

KW - EWI-23955

KW - SCS-Cybersecurity

KW - incident information

KW - IR-87807

KW - Cyber Crisis Management: decision-support

KW - Framework

KW - METIS-300150

KW - disclosing security

U2 - 10.1109/CyberSecurity.2012.20

DO - 10.1109/CyberSecurity.2012.20

M3 - Conference contribution

SN - 978-1-4799-0219-4

T3 - Cyber Security (CyberSecurity), 2012 International Conference

SP - 103

EP - 112

BT - International Conference on Cyber Security, CyberSecurity 2012

PB - IEEE Computer Society

CY - USA

ER -

Kulikova O, Heil R, van den Berg J, Pieters W. Cyber crisis management: a decision-support framework for disclosing security incident information. In International Conference on Cyber Security, CyberSecurity 2012. USA: IEEE Computer Society. 2012. p. 103-112. (Cyber Security (CyberSecurity), 2012 International Conference). Available from, DOI: 10.1109/CyberSecurity.2012.20