Organisational Learning and Incident Response: Promoting Effective Learning Through the Incident Response Process

Effective response to information security incidents is a critical function of modern organisations. However, recent studies have indicated that organisations have adopted a narrow and technical view of Incident Response (IR), focusing on the immediate concern of detection and subsequent corrective actions. Although some reflection on the IR process may be involved, it is typically limited to technical issues and does not leverage opportunities to learn about the organisational security threat environment and to adapt incident response capabilities. Given the science of incident response is rooted in practice, it is not surprising that the same criticisms can be applied to much of IR literature.

Provided by: University of Melbourne Topic: Security Date Added: Dec 2010 Format: PDF

Find By Topic