SOTER: a playbook for cyber security incident management

Onwubiko, Cyril and Ouazzane, Karim (2022) SOTER: a playbook for cyber security incident management. IEEE Transactions on Engineering Management, 69 (6). pp. 3771-3791. ISSN 0018-9391

TEM paper on SOTER_Camera_Ready Version_1.5_Nov2019.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives 4.0.

Download (1MB) | Preview
Official URL:

Abstract / Description

SOTER, a cyber security incident management playbook, is developed to provide a comprehensive model to manage cyber security incidents, particularly for the cyber security operations centre. The proposed playbook is adaptive, cross-sectorial, and process driven. Each key components of the incident management playbook are outlined and discussed. Further, a lexicon based on equivalence mapping is developed and used to map existing cyber security incident vocabulary and taxonomy into a common and consistent lexicon to aid understanding among incident management stakeholder communities – national, government and private sectors. A versatile workbook model has been explored which proves to be adaptable to serve a wide range of cases for successfully managing government and private sector security operations centre. Cyber security incident sharing partnership, formalism for metric and measurements of cyber security incident parameters, and cyber security incident classification and prioritisation schemes are presented, and finally, cyber security incident ‘plays’ and playbook templates are discussed.

Item Type: Article
Additional Information: © 20XX IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Uncontrolled Keywords: SOTER; cyber incident management playbook; cybersecurity incident response; Cybersecurity Operations Center (CSOC); cybersecurity; incident response management
Subjects: 000 Computer science, information & general works
Department: School of Computing and Digital Media
Depositing User: Bal Virdee
Date Deposited: 03 Dec 2019 09:16
Last Modified: 07 Nov 2022 15:44


Downloads per month over past year

Downloads each year

Actions (login required)

View Item View Item