Lists
Lists
Onwubiko, Cyril and Ouazzane, Karim (2022) SOTER: a playbook for cyber security incident management. IEEE Transactions on Engineering Management, 69 (6). pp. 3771-3791. ISSN 0018-9391
|
Text
TEM paper on SOTER_Camera_Ready Version_1.5_Nov2019.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial No Derivatives 4.0. Download (1MB) | Preview |
Abstract / Description
SOTER, a cyber security incident management playbook, is developed to provide a comprehensive model to manage cyber security incidents, particularly for the cyber security operations centre. The proposed playbook is adaptive, cross-sectorial, and process driven. Each key components of the incident management playbook are outlined and discussed. Further, a lexicon based on equivalence mapping is developed and used to map existing cyber security incident vocabulary and taxonomy into a common and consistent lexicon to aid understanding among incident management stakeholder communities – national, government and private sectors. A versatile workbook model has been explored which proves to be adaptable to serve a wide range of cases for successfully managing government and private sector security operations centre. Cyber security incident sharing partnership, formalism for metric and measurements of cyber security incident parameters, and cyber security incident classification and prioritisation schemes are presented, and finally, cyber security incident ‘plays’ and playbook templates are discussed.
| Item Type: | Article |
|---|---|
| Additional Information: | © 20XX IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
| Uncontrolled Keywords: | SOTER; cyber incident management playbook; cybersecurity incident response; Cybersecurity Operations Center (CSOC); cybersecurity; incident response management |
| Subjects: | 000 Computer science, information & general works |
| Department: | School of Computing and Digital Media |
| Depositing User: | Bal Virdee |
| Date Deposited: | 03 Dec 2019 09:16 |
| Last Modified: | 07 Nov 2022 15:44 |
| URI: | https://repository.londonmet.ac.uk/id/eprint/5358 |
Downloads
Downloads per month over past year
Downloads each year
Actions (login required)
 |
View Item |