SOTER: a playbook for cyber security incident management
SOTER, a cyber security incident management playbook, is developed to provide a comprehensive model to manage cyber security incidents, particularly for the cyber security operations centre. The proposed playbook is adaptive, cross-sectorial, and process driven. Each key components of the incident m...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Institute of Electrical and Electronics Engineers
2022
|
| Subjects: | |
| Online Access: | https://repository.londonmet.ac.uk/5358/1/TEM%20paper%20on%20SOTER_Camera_Ready%20Version_1.5_Nov2019.pdf |
| _version_ | 1804072454314786816 |
|---|---|
| author | Onwubiko, Cyril Ouazzane, Karim |
| author_facet | Onwubiko, Cyril Ouazzane, Karim |
| author_sort | Onwubiko, Cyril |
| collection | LMU |
| description | SOTER, a cyber security incident management playbook, is developed to provide a comprehensive model to manage cyber security incidents, particularly for the cyber security operations centre. The proposed playbook is adaptive, cross-sectorial, and process driven. Each key components of the incident management playbook are outlined and discussed. Further, a lexicon based on equivalence mapping is developed and used to map existing cyber security incident vocabulary and taxonomy into a common and consistent lexicon to aid understanding among incident management stakeholder communities – national, government and private sectors. A versatile workbook model has been explored which proves to be adaptable to serve a wide range of cases for successfully managing government and private sector security operations centre. Cyber security incident sharing partnership, formalism for metric and measurements of cyber security incident parameters, and cyber security incident classification and prioritisation schemes are presented, and finally, cyber security incident ‘plays’ and playbook templates are discussed. |
| first_indexed | 2024-07-09T03:59:24Z |
| format | Article |
| id | oai:repository.londonmet.ac.uk:5358 |
| institution | London Metropolitan University |
| language | English |
| last_indexed | 2024-07-09T03:59:24Z |
| publishDate | 2022 |
| publisher | Institute of Electrical and Electronics Engineers |
| record_format | eprints |
| spelling | oai:repository.londonmet.ac.uk:53582022-11-07T15:44:30Z http://repository.londonmet.ac.uk/5358/ SOTER: a playbook for cyber security incident management Onwubiko, Cyril Ouazzane, Karim 000 Computer science, information & general works SOTER, a cyber security incident management playbook, is developed to provide a comprehensive model to manage cyber security incidents, particularly for the cyber security operations centre. The proposed playbook is adaptive, cross-sectorial, and process driven. Each key components of the incident management playbook are outlined and discussed. Further, a lexicon based on equivalence mapping is developed and used to map existing cyber security incident vocabulary and taxonomy into a common and consistent lexicon to aid understanding among incident management stakeholder communities – national, government and private sectors. A versatile workbook model has been explored which proves to be adaptable to serve a wide range of cases for successfully managing government and private sector security operations centre. Cyber security incident sharing partnership, formalism for metric and measurements of cyber security incident parameters, and cyber security incident classification and prioritisation schemes are presented, and finally, cyber security incident ‘plays’ and playbook templates are discussed. Institute of Electrical and Electronics Engineers 2022-12 Article PeerReviewed text en cc_by_nc_nd_4 https://repository.londonmet.ac.uk/5358/1/TEM%20paper%20on%20SOTER_Camera_Ready%20Version_1.5_Nov2019.pdf Onwubiko, Cyril and Ouazzane, Karim (2022) SOTER: a playbook for cyber security incident management. IEEE Transactions on Engineering Management, 69 (6). pp. 3771-3791. ISSN 0018-9391 https://doi.org/10.1109/TEM.2020.2979832 10.1109/TEM.2020.2979832 |
| spellingShingle | 000 Computer science, information & general works Onwubiko, Cyril Ouazzane, Karim SOTER: a playbook for cyber security incident management |
| title | SOTER: a playbook for cyber security incident management |
| title_full | SOTER: a playbook for cyber security incident management |
| title_fullStr | SOTER: a playbook for cyber security incident management |
| title_full_unstemmed | SOTER: a playbook for cyber security incident management |
| title_short | SOTER: a playbook for cyber security incident management |
| title_sort | soter a playbook for cyber security incident management |
| topic | 000 Computer science, information & general works |
| url | https://repository.londonmet.ac.uk/5358/1/TEM%20paper%20on%20SOTER_Camera_Ready%20Version_1.5_Nov2019.pdf |
| work_keys_str_mv | AT onwubikocyril soteraplaybookforcybersecurityincidentmanagement AT ouazzanekarim soteraplaybookforcybersecurityincidentmanagement |