Abstract
Cyber security increasingly focuses on the challenges faced by network defenders. Cultural and securitydriven sentiments about external observation, as well as publication concerns, limit the ability of researchers to understand the context surrounding incident response. Context awareness is crucial to inform design and engineering. Furthermore, these perspectives can be heavily influenced by the targeted sector or industry of the research. Together, a lack of broad contextual understanding may be biasing approaches to improving operations, and driving faulty assumptions in cyber teams. A qualitative field study was conducted in three computer security incident response teams (CSIRTs) and included perspectives of government, academia, and private sector teams. Themes emerged and provide insights across multiple aspects of incident response, including information sharing, organization, learning, and automation. The need to focus on vertical integration of issues at different levels of the incident response system is also discussed. Future research will build upon these results, using them to inform technology advancement in CSIR settings.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 437-431 |
| Number of pages | 7 |
| Journal | Proceedings of the Human Factors and Ergonomics Society |
| Volume | 63 |
| Issue number | 1 |
| DOIs | |
| State | Published - 2019 |
| Externally published | Yes |
| Event | 63rd International Annual Meeting of the Human Factors and Ergonomics Society, HFES 2019 - Seattle, United States Duration: Oct 28 2019 → Nov 1 2019 |
ASJC Scopus subject areas
- Human Factors and Ergonomics