How Good is Your Data? Investigating the Quality of Data Generated During Security Incident Response Investigations

Files

0712.pdf (412.11 KB)

Date

2019-01-08

Authors

Contributor

Advisor

Department

Instructor

Depositor

Speaker

Researcher

Consultant

Interviewer

Narrator

Transcriber

Annotator

Journal Title

Journal ISSN

Volume Title

Publisher

Volume

Number/Issue

Starting Page

Ending Page

Alternative Title

Abstract

An increasing number of cybersecurity incidents prompts organizations to explore alternative security solutions, such as threat intelligence programs. For such programs to succeed, data needs to be collected, validated, and recorded in relevant datastores. One potential source supplying these datastores is an organization’s security incident response team. However, researchers have argued that these teams focus more on eradication and recovery and less on providing feedback to enhance organizational security. This prompts the idea that data collected during security incident investigations may be of insufficient quality for threat intelligence analysis. While previous discussions focus on data quality issues from threat intelligence sharing perspectives, minimal research examines the data generated during incident response investigations. This paper presents the results of a case study identifying data quality challenges in a Fortune 500 organization’s incident response team. Furthermore, the paper provides the foundation for future research regarding data quality concerns in security incident response.

Description

Keywords

Cyber Threat Intelligence and Analytics, Software Technology, Case Study, Data Quality, Incident Learning, Security Incident Response, Threat Intelligence

Citation

URI

http://hdl.handle.net/10125/60152

Extent

10 pages

Format

Geographic Location

Time Period

Related To

Proceedings of the 52nd Hawaii International Conference on System Sciences

Related To (URI)

Table of Contents

Rights

Attribution-NonCommercial-NoDerivatives 4.0 International

Rights Holder

Local Contexts

Collections

Cyber Threat Intelligence and Analytics
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.