Start Date

10-12-2017 12:00 AM

Description

The security-related experiences of Incident Response Teams provide Enterprise Information Security Management with a unique opportunity to draw lessons and insights. However, research has shown that there is often inadequate information-sharing between the security and response functions of organizations. In this paper we apply a general theory of organizational learning to interpret findings from a case study of IR practices at a major Australian financial institution, and then propose a learning process model that can be used to bridge IR and ISM functions in organizations. Findings from focus group research carried out for preliminary evaluation of the model are presented, followed by a discussion of the project’s next steps.

Share

COinS
 
Dec 10th, 12:00 AM

Organizational Security Learning from Incident Response

The security-related experiences of Incident Response Teams provide Enterprise Information Security Management with a unique opportunity to draw lessons and insights. However, research has shown that there is often inadequate information-sharing between the security and response functions of organizations. In this paper we apply a general theory of organizational learning to interpret findings from a case study of IR practices at a major Australian financial institution, and then propose a learning process model that can be used to bridge IR and ISM functions in organizations. Findings from focus group research carried out for preliminary evaluation of the model are presented, followed by a discussion of the project’s next steps.