loading
Papers

Research.Publish.Connect.

Paper

Authors: Maja Nyman and Christine Große

Affiliation: Department of Information Systems and Technology, Mid Sweden University, Holmgatan 10, Sundsvall, Sweden

ISBN: 978-989-758-359-9

Keyword(s): Security Awareness, Information Security Incident Management, IT Consulting, GDPR, NIS Directive.

Abstract: Information security incidents are increasing both in number and in scope. In consequence, the General Data Protection Regulation and the Directive on security of network and information systems force organisations to report such incidents to a supervision authority. Due to the growing of both the importance of managing incidents and the tendency to outsourcing, this study focuses on IT-consulting firms and highlights their vulnerable position as subcontractors. This study thereby addresses the lack of empirical research on incident management and contributes valuable insights in IT-consulting firms’ experiences with information security incident management. Evidence from interviews and a survey with experts at IT-consulting firms focuses on challenges in managing information security incidents. The analyses identify and clarify both new and known challenges, such as how the recent regulations affect the role of an IT-consulting firm and how the absence of major incidents influences s takeholder awareness. Improvements of IT-consulting firm’s incident management process need to address internal and external communication, the information security awareness of employees and customers and the adequacy of the cost focus. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.85.245.126

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Nyman, M. and Große, C. (2019). Are You Ready When It Counts? IT Consulting Firm’s Information Security Incident Management.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 26-37. DOI: 10.5220/0007247500260037

@conference{icissp19,
author={Maja Nyman. and Christine Große.},
title={Are You Ready When It Counts? IT Consulting Firm’s Information Security Incident Management},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={26-37},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007247500260037},
isbn={978-989-758-359-9},
}

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Are You Ready When It Counts? IT Consulting Firm’s Information Security Incident Management
SN - 978-989-758-359-9
AU - Nyman, M.
AU - Große, C.
PY - 2019
SP - 26
EP - 37
DO - 10.5220/0007247500260037

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.