Description

Our understanding of the defense mechanisms against cyber-attacks is, to a great extent, based on preparation and deterrence. There is limited understanding, and in particular, limited evidence on how cyber security responders act to contain and recover from a cyber-attack. The actions of responders, including IT experts, corporate communications staff, and selected managers are critical. To address this gap, this research proposes applying the concept of sense-making, which has been extensively used to analyze human crisis behaviours. In this emerging research, we conduct an investigation into a cyber-attack case to shed light on the contextual and collective activities taken by responders in coping with cyber-attack response. We expect the results to validate or challenge theorizations of cyber security training and competencies from the communication and collaboration perspective. In a practical sense, our research can stimulate organizations to reflect on their own cyber security preparedness from the human perspective.

Share

COinS
 
Aug 10th, 12:00 AM

Sense-making in Cyber Security – Examining Responder Behaviors in Cyber-Attacks

Our understanding of the defense mechanisms against cyber-attacks is, to a great extent, based on preparation and deterrence. There is limited understanding, and in particular, limited evidence on how cyber security responders act to contain and recover from a cyber-attack. The actions of responders, including IT experts, corporate communications staff, and selected managers are critical. To address this gap, this research proposes applying the concept of sense-making, which has been extensively used to analyze human crisis behaviours. In this emerging research, we conduct an investigation into a cyber-attack case to shed light on the contextual and collective activities taken by responders in coping with cyber-attack response. We expect the results to validate or challenge theorizations of cyber security training and competencies from the communication and collaboration perspective. In a practical sense, our research can stimulate organizations to reflect on their own cyber security preparedness from the human perspective.