Cyber crisis management: a decision-support framework for disclosing security incident information

Olga Kulikova; Ronald Heil; Jan van den Berg; Wolter Pieters

doi:10.1109/CyberSecurity.2012.20

Cyber crisis management: a decision-support framework for disclosing security incident information

Olga Kulikova
, Ronald Heil
, Jan van den Berg
, Wolter Pieters

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

16 Citations (Scopus)

2930 Downloads (Pure)

Abstract

The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.

Original language	Undefined
Title of host publication	International Conference on Cyber Security, CyberSecurity 2012
Place of Publication	USA
Publisher	IEEE
Pages	103-112
Number of pages	10
ISBN (Print)	978-1-4799-0219-4
DOIs	https://doi.org/10.1109/CyberSecurity.2012.20
Publication status	Published - 16 Dec 2012
Event	International Conference on Cyber Security, CyberSecurity 2012, Washington, USA: International Conference on Cyber Security, CyberSecurity 2012 - USA Duration: 16 Dec 2012 → …

Publication series

Name	Cyber Security (CyberSecurity), 2012 International Conference
Publisher	IEEE Computer Society

Conference

Conference	International Conference on Cyber Security, CyberSecurity 2012, Washington, USA
City	USA
Period	16/12/12 → …

Keywords

EWI-23955
SCS-Cybersecurity
incident information
IR-87807
Cyber Crisis Management: decision-support
Framework
METIS-300150
disclosing security

Access to Document

10.1109/CyberSecurity.2012.20

Wolter_Pieters

Cite this

@inproceedings{519b66b235ec481ea9b14058e29af148,

title = "Cyber crisis management: a decision-support framework for disclosing security incident information",

abstract = "The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.",

keywords = "EWI-23955, SCS-Cybersecurity, incident information, IR-87807, Cyber Crisis Management: decision-support, Framework, METIS-300150, disclosing security",

author = "Olga Kulikova and Ronald Heil and \{van den Berg\}, Jan and Wolter Pieters",

note = "10.1109/CyberSecurity.2012.20 ; International Conference on Cyber Security, CyberSecurity 2012, Washington, USA ; Conference date: 16-12-2012",

year = "2012",

month = dec,

day = "16",

doi = "10.1109/CyberSecurity.2012.20",

language = "Undefined",

isbn = "978-1-4799-0219-4",

series = "Cyber Security (CyberSecurity), 2012 International Conference",

publisher = "IEEE",

pages = "103--112",

booktitle = "International Conference on Cyber Security, CyberSecurity 2012",

address = "United States",

}

Kulikova, O, Heil, R, van den Berg, J & Pieters, W 2012, Cyber crisis management: a decision-support framework for disclosing security incident information. in International Conference on Cyber Security, CyberSecurity 2012. Cyber Security (CyberSecurity), 2012 International Conference, IEEE, USA, pp. 103-112, International Conference on Cyber Security, CyberSecurity 2012, Washington, USA, USA, 16/12/12. https://doi.org/10.1109/CyberSecurity.2012.20

Cyber crisis management: a decision-support framework for disclosing security incident information. / Kulikova, Olga; Heil, Ronald; van den Berg, Jan et al.
International Conference on Cyber Security, CyberSecurity 2012. USA: IEEE, 2012. p. 103-112 (Cyber Security (CyberSecurity), 2012 International Conference).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Cyber crisis management: a decision-support framework for disclosing security incident information

AU - Kulikova, Olga

AU - Heil, Ronald

AU - van den Berg, Jan

AU - Pieters, Wolter

N1 - 10.1109/CyberSecurity.2012.20

PY - 2012/12/16

Y1 - 2012/12/16

N2 - The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.

AB - The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced. Together, they create a set of challenges for a company when deciding to whom, when, what, and how to share cyber security incident information. We further propose a decision-support framework that provides step-by-step guidance for organizations to address these challenges, and develop an appropriate incident disclosure strategy.

KW - EWI-23955

KW - SCS-Cybersecurity

KW - incident information

KW - IR-87807

KW - Cyber Crisis Management: decision-support

KW - Framework

KW - METIS-300150

KW - disclosing security

U2 - 10.1109/CyberSecurity.2012.20

DO - 10.1109/CyberSecurity.2012.20

M3 - Conference contribution

SN - 978-1-4799-0219-4

T3 - Cyber Security (CyberSecurity), 2012 International Conference

SP - 103

EP - 112

BT - International Conference on Cyber Security, CyberSecurity 2012

PB - IEEE

CY - USA

T2 - International Conference on Cyber Security, CyberSecurity 2012, Washington, USA

Y2 - 16 December 2012

ER -