Abstract

Despite substantial cybersecurity investments, cyber-attacks continue to escalate, making effective incident response critical for organizational resilience and long-term viability. This study addresses a key gap in incident response research by examining how organizational information security paradigms fundamentally shape response practices during cyber incidents. This research investigates why organizations respond as they do and how their underlying security beliefs influence critical decision-making under pressure. Using secondary data relating to a global financial organization's SOC, the research analyses stakeholder behaviours across incident response phases using the NIST SP8-61 framework as an analytical lens. The findings reveal how embedded security paradigms create tensions between formal protocols and organizational realities, uncovering critical socio-technical dynamics, decision-making challenges, and executive involvement gaps that existing frameworks fail to address. This study bridges organizational behaviour theory with cybersecurity practice, offering actionable insights for aligning security paradigms with response capabilities to enhance organizational resilience and viability against evolving cyber-threats.

Download

Share

COinS