Indicators for ICT security incident management

Pandey, Bimal Raj

dc.contributor.advisor	Knapskog, Svein Johan	nb_NO
dc.contributor.advisor	Line, Maria B.	nb_NO
dc.contributor.author	Pandey, Bimal Raj	nb_NO
dc.date.accessioned	2014-12-19T14:15:17Z
dc.date.available	2014-12-19T14:15:17Z
dc.date.created	2013-04-15	nb_NO
dc.date.issued	2013	nb_NO
dc.identifier	616125	nb_NO
dc.identifier	ntnudaim:7495	nb_NO
dc.identifier.uri	http://hdl.handle.net/11250/262759
dc.description.abstract	Managing the different types and the nature of information security incidents has become a challenging task. However, the use of security incident indicators can improve the capabilities of the incident management process. Indicators are not only needed to assess and monitor the quality of incident management capabilities by quantifying overall processes, but also to provide an early warning and notification of incident occurrences. Though some research work has been initiated for development of measurements and indicators in information security incident management, use of those have been relatively sparse. Also, varied profiles of organizations, changing nature of threats and frequent update and advancement in technology have made it difficult to establish a set of common measurements and indicators. However, there exists significant amount of research, development and implementation of indicators in the safety field. It would be of significant interest to investigate whether safety performance indicators could be adapted to the field of security incident management. In this thesis, a literature study has been performed in the field of safety performance indicators. This study provided us with some results, indicating that effective safety performance indicators could be adapted to the security incident management field. Effective indicators have been adapted to different phases of security incident management through a defined methodology. Those indicators are analysed in detail with their usage, scope, pros and cons in different phases of the incident management process. This thesis also includes a scenario describing the use and implementation of such indicators. It was found that safety indicators could be adapted to the plan, prepare and protect phase, the respond phase and the review phase of an incident management process, and they have been effective to measure the efficiency as well as the capabilities of corresponding phases. For the detection phase, however, it was found that the safety indicators could only be adapted with great difficulties.	nb_NO
dc.language	eng	nb_NO
dc.publisher	Institutt for telematikk	nb_NO
dc.title	Indicators for ICT security incident management	nb_NO
dc.type	Master thesis	nb_NO
dc.source.pagenumber	114	nb_NO
dc.contributor.department	Norges teknisk-naturvitenskapelige universitet, Fakultet for informasjonsteknologi, matematikk og elektroteknikk, Institutt for telematikk	nb_NO

Tilhørende fil(er)

Filnavn:: 616125_FULLTEXT01.pdf
Størrelse:: 1.388Mb
Format:: PDF

Åpne

Filnavn:: 616125_COVER01.pdf
Størrelse:: 184.0Kb
Format:: PDF

Åpne

Denne innførselen finnes i følgende samling(er)

Institutt for informasjonssikkerhet og kommunikasjonsteknologi [2522]

Vis enkel innførsel