期刊
COMPUTERS & SECURITY
卷 45, 期 -, 页码 42-57出版社
ELSEVIER ADVANCED TECHNOLOGY
DOI: 10.1016/j.cose.2014.05.003
关键词
Information security; Incident management; Incident response; ISO/IEC 27035; Systematic review
资金
- Research Council of Norway [201557]
This paper reports results of a systematic literature review on current practice and experiences with incident management, covering a wide variety of organisations. Identified practices are summarised according to the incident management phases of ISO/IEC 27035. The study shows that current practice and experience seem to be in line with the standard. We identify some inspirational examples that will be useful for organisations looking to improve their practices, and highlight which recommended practices generally are challenging to follow. We provide suggestions for addressing the challenges, and present identified research needs within information security incident management. (C) 2014 Elsevier Ltd. All rights reserved.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据