Environmental Factors that Hinder an Organization’s Ability to Learn from Cyber Incidents: A Case Study on SolarWinds
Files
Date
2024-01-03
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Narrator
Transcriber
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
7397
Ending Page
Alternative Title
Abstract
This research focuses on identifying the environmental factors that impact an organization's ability, or lack thereof, to learn from cyber incidents: an organized and structural approach to address cybersecurity breaches with the aim of mitigating harm by minimizing the associated costs and the time required for recovery. The results of our research, based on an in-depth analysis of the data collected from interviews with 12 cybersecurity professionals on how their organization handled the massive SolarWinds attack, show that the practice of incident response often involves short-term and tactical steps as opposed to strategic initiatives, such as reframing of cyber policies, risk assessment processes, and proactive investment, which are more long-term in nature. We present the challenges that inhibit organizations’ capacity to strategically learn from cyber incidents related to internal environment, as well as micro- and macro-environment and provide a discussion on how organizations could overcome these challenges.
Description
Keywords
Cyber Operations, Defense, and Forensics, case study., cyber attack, cybersecurity, incident response, solarwinds
Citation
Extent
10 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 57th Hawaii International Conference on System Sciences
Related To (URI)
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Local Contexts
Collections
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.