Description
Our understanding of the defense mechanisms against cyber-attacks is, to a great extent, based on preparation and deterrence. There is limited understanding, and in particular, limited evidence on how cyber security responders act to contain and recover from a cyber-attack. The actions of responders, including IT experts, corporate communications staff, and selected managers are critical. To address this gap, this research proposes applying the concept of sense-making, which has been extensively used to analyze human crisis behaviours. In this emerging research, we conduct an investigation into a cyber-attack case to shed light on the contextual and collective activities taken by responders in coping with cyber-attack response. We expect the results to validate or challenge theorizations of cyber security training and competencies from the communication and collaboration perspective. In a practical sense, our research can stimulate organizations to reflect on their own cyber security preparedness from the human perspective.
Recommended Citation
Tapanainen, Tommi, "Sense-making in Cyber Security – Examining Responder Behaviors in Cyber-Attacks" (2017). AMCIS 2017 Proceedings. 29.
https://aisel.aisnet.org/amcis2017/InformationSystems/Presentations/29
Sense-making in Cyber Security – Examining Responder Behaviors in Cyber-Attacks
Our understanding of the defense mechanisms against cyber-attacks is, to a great extent, based on preparation and deterrence. There is limited understanding, and in particular, limited evidence on how cyber security responders act to contain and recover from a cyber-attack. The actions of responders, including IT experts, corporate communications staff, and selected managers are critical. To address this gap, this research proposes applying the concept of sense-making, which has been extensively used to analyze human crisis behaviours. In this emerging research, we conduct an investigation into a cyber-attack case to shed light on the contextual and collective activities taken by responders in coping with cyber-attack response. We expect the results to validate or challenge theorizations of cyber security training and competencies from the communication and collaboration perspective. In a practical sense, our research can stimulate organizations to reflect on their own cyber security preparedness from the human perspective.