Humza Naseer, Kevin Desouza, Sean B. Maynard, Atif Ahmad
{"title":"Enabling cybersecurity incident response agility through dynamic capabilities: the role of real-time analytics","authors":"Humza Naseer, Kevin Desouza, Sean B. Maynard, Atif Ahmad","doi":"10.1080/0960085x.2023.2257168","DOIUrl":null,"url":null,"abstract":"We explore how organisations enable agility in their cybersecurity incident response (IR) process by developing dynamic capabilities using real-time analytics (RTA). Drawing on RTA practices in the IR process at three large financial organisations, we develop a framework to explain how IR teams respond to the rapidly evolving cyber threat environment by developing RTA-based microfoundations that underpin the building of sensing, seizing, and transforming dynamic IR capabilities. These dynamic IR capabilities in turn help organisations to enable agility in their IR processes by leveraging swift, flexible, and innovative IR strategies, including active threat reconnaissance, active threat defence, and pervasive learning. Our findings have implications for the discourse on cybersecurity because we demystify the black box of IR agility, for our understanding of the use of RTA to enable agility in IR, and for the discourse on dynamic capabilities.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":"10 1","pages":"0"},"PeriodicalIF":7.3000,"publicationDate":"2023-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"European Journal of Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/0960085x.2023.2257168","RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
We explore how organisations enable agility in their cybersecurity incident response (IR) process by developing dynamic capabilities using real-time analytics (RTA). Drawing on RTA practices in the IR process at three large financial organisations, we develop a framework to explain how IR teams respond to the rapidly evolving cyber threat environment by developing RTA-based microfoundations that underpin the building of sensing, seizing, and transforming dynamic IR capabilities. These dynamic IR capabilities in turn help organisations to enable agility in their IR processes by leveraging swift, flexible, and innovative IR strategies, including active threat reconnaissance, active threat defence, and pervasive learning. Our findings have implications for the discourse on cybersecurity because we demystify the black box of IR agility, for our understanding of the use of RTA to enable agility in IR, and for the discourse on dynamic capabilities.
期刊介绍:
The European Journal of Information Systems offers a unique European perspective on the theory and practice of information systems for a global readership. We actively seek first-rate articles that offer a critical examination of information technology, covering its effects, development, implementation, strategy, management, and policy.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
