با سلام خدمت کاربران در صورتی که با خطای سیستم پرداخت بانکی مواجه شدید از طریق کارت به کارت (6037997535328901 بانک ملی ناصر خنجری ) مقاله خود را دریافت کنید (تا مشکل رفع گردد).
دسته بندی:
امنیت - Security
سال انتشار:
2017
عنوان انگلیسی مقاله:
Challenges in IT security preparedness exercises: A case study
ترجمه فارسی عنوان مقاله:
چالش های تمرین آمادگی برای امنیت اطلاعات: یک مطالعه موردی
منبع:
Sciencedirect - Elsevier - Computers & Security, 67 (2017) 280-290. doi:10.1016/j.cose.2016.11.017
نویسنده:
Maria Bartnes a,b,*, Nils Brede Moe b
چکیده انگلیسی:
The electric power industry is currently implementing major technological changes in order
to achieve the goal of smart grids. However, these changes are expected to increase the sus
ceptibility of the industry to IT security incidents. IT security preparedness exercises are
not commonly performed in the electric power industry, even though this industry is con
sidered part of society’s critical infrastructure. Resolving an IT security incident requires
inter-departmental collaborations between various categories of personnel, and to success
fully achieve this, training is required. The process of preparing a response to incidents
enhances the nature of collaboration, coordination, and communication within an organi
zation. Our objective is to understand the challenges faced when performing IT security
preparedness exercises, as challenges experienced during these exercises affect the re
sponse process during a real incident. By improving the exercises, the response capabilities
would be strengthened accordingly. We have designed a multiple-case study with six teams
in three organizations. We collected data by performing semi-structured interviews, par
ticipant observations, and from process artifacts. We identified six main challenges involving
team composition and external expert involvement, goal definition, documentation, and time
management. In summary, there are many ways of conducting preparedness exercises.There
fore, organizations need to both optimize current exercise practices and experiment with
new ones in order to ensure continuous learning and improvement; hence, they can be ad
equately prepared to respond to IT security incidents.
Keywords: Information security | Incident management | Preparedness exercises | Self-managing teams | Training | Decision-making
قیمت: رایگان
توضیحات اضافی:
تعداد نظرات : 0