Show simple item record

dc.contributor.authorNaseer, Humza
dc.date.accessioned2019-03-08T00:58:15Z
dc.date.available2019-03-08T00:58:15Z
dc.date.issued2018en_US
dc.identifier.urihttp://hdl.handle.net/11343/221356
dc.description© 2018 Dr. Humza Naseer
dc.description.abstractThe modern enterprise uses risk-driven and control-centered security management systems to protect information resources and sustain competitive advantage. Such systems have proven to be quite effective in the prevention of threats such as those exploiting common vulnerabilities. However, they are not very well suited to response against threats that are unpredictable, complex and evolving such as Advanced Persistent Threats. The complex and dynamic nature of these threats demands a sophisticated, timely and agile response capability to collect, integrate and analyse information to direct strategic and operational security measures. Real-time analytics is a specialized business analytics capability that helps organizations to collect, integrate, and analyse business events as they occur. While the ability of real-time analytics to deliver instant business insights has gained much attention in the literature, there has been limited research on how it can help enterprises improve agility in their cybersecurity incident response. This study addresses the aforementioned research gap through investigating the research question: How can organizations improve agility in their cybersecurity incident response process using real-time analytics? Drawing from dynamic capabilities theory, the study collected qualitative data from three large financial organizations and used a process of data comparison that engages in simultaneous analysis and exploration. The results informed a framework of dynamic cybersecurity incident response that explains how organizations using real-time analytics are able to develop higher order real-time analytics-enabled dynamic capabilities in incident response such as real-time situation awareness, dynamic risk assessment, and cyber threat intelligence generation. These dynamic capabilities help organizations to execute dynamic incident response strategies including active defence, continuous monitoring, and active reconnaissance. The real-time analytics enabled dynamic capabilities together with dynamic incident response strategies infuse agile characteristics such as swiftness, flexibility and innovation in the cybersecurity incident response process, which in turn, lead to positive outcomes in enterprise security performance and delivers both strategic and economic benefits. The framework also provides a comprehensive view of the factors that support and hinder the development of dynamic capabilities in the cybersecurity incident response process and execution of dynamic incident response strategies. The details of the framework contribute to the literature on business analytics capabilities, dynamic capabilities, cybersecurity incident response strategies, and business process agility. The findings of the study provide a useful stepping stone for future studies on how to improve agility in cybersecurity incident response process.en_US
dc.rightsTerms and Conditions: Copyright in works deposited in Minerva Access is retained by the copyright owner. The work may not be altered without permission from the copyright owner. Readers may only download, print and save electronic copies of whole works for their own personal non-commercial use. Any use that exceeds these limits requires permission from the copyright owner. Attribution is essential when quoting or paraphrasing from these works.
dc.subjectreal-time analyticsen_US
dc.subjectcybersecurity incident responseen_US
dc.subjectagilityen_US
dc.subjectdynamic capabilitiesen_US
dc.titleA framework of dynamic cybersecurity incident response to improve incident response agilityen_US
dc.typePhD thesisen_US
melbourne.affiliation.departmentComputing and Information Systems
melbourne.affiliation.facultyEngineering
melbourne.thesis.supervisornameMaynard, Sean
melbourne.contributor.authorNaseer, Humza
melbourne.accessrightsOpen Access


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record