A case study of a municipality phishing attack measures - towards a socio-technical incident management framework

Abstract

During the Corona-crisis, the number of data breaches and hacking increased rapidly. For some organizations it was difficult to handle both the Corona-crises and such attacks. A decision made to prevent this overload of crisis, happened in Gjøvik municipality, where they closed their email-system and shut down macros in their applications to prevent an overload situation. In this work-in-progress paper, we have analyzed their decision in a combined socio-technical and crisis management context and suggest such framework to do analysis and make right decisions to prevent data breaches and other organizational cyber-crimes from succeeding, but also to prevent an overload of crisis situations at the same time.