In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » International Conference on Human Aspects of Information Security & Assurance (HAISA 2007)
International Conference on Human Aspects of Information Security & Assurance (HAISA 2007) |
Title: Toward Viable Information Security Reporting Systems
Author(s): Finn Olav Sveen, Jose Sarriegi, Eliot Rich, Jose Gonzalez
Reference: pp114-127
Keywords: Information Security, Reporting Systems, Security Management, Human Factors, Incidents
Abstract: Reporting and resolution of information security incidents is the basis for continuous improvement of security through learning. Incidents have varying degrees of impact, financial risk and learning opportunity for the organization. This variability naturally leads to classification of information security incidents into low and high priority for review and action. However, this classification carries with it some insidious aspects. First, high priority incidents are more costly to mitigate and as a consequence also more “uncomfortable” to report. Reporters may face reprimands, ridicule, extra workload and various other recriminations. This favors reporting of low priority incident at the expense of important high priority incidents. Incentives tied to reporting, a common policy used to stimulate reporting, may reinforce the problem. In essence, reporters face incentives and disincentives based on effects on throughput but have limited knowledge of what is important or not to the organization’s security. Second, if a highly successful incident reporting policy is developed, the organization may become victim of its own success, as a growing volume of reports put increasingly higher pressure on incident handling resources. Continuously hiring more personnel is unsustainable in the long run. Developing and continuously improving automated tools for incident response promises more leverage.
Download count: 1002
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.