Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements?

Bob Duncan, Mark Whittington, Martin Gilje Jaatun, Alfredo Ramiro Reyes Zuniga

Research output: Chapter in Book/Report/Conference proceedingChapter

42 Downloads (Pure)

Abstract

In this chapter, we consider whether the outsourcing of incident management is a viable technological approach that may be transferable to other cloud security management requirements. We review a viable approach to outsourcing incident response management and consider whether this can be applied to other cloud security approaches, starting with the concept of using proper measurement for a cloud security assurance model. We demonstrate how this approach can be applied, not only to the approach under review, but how it may be applied to address other cloud security requirements.
Original languageEnglish
Title of host publicationEnterprise Security
EditorsVictor Chang, Muthu Ramachandran, Robert J Walters , Gary Wills
PublisherSpringer
Pages19-39
Number of pages22
ISBN (Electronic)978-3-319-54380-2
ISBN (Print)978-3-319-54379-6
DOIs
Publication statusPublished - 2017
EventSecond International Workshop: ES 2015 - Vancouver, BC, Canada
Duration: 30 Nov 20153 Dec 2015

Publication series

NameLecture Notes in Computer Science
PublisherSpringer International Publishing AG
Volume10131
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceSecond International Workshop
CountryCanada
CityVancouver, BC
Period30/11/153/12/15

Fingerprint

outsourcing
incident
management

Keywords

  • cloud
  • requirements
  • measurement
  • assurance
  • outsourcing
  • incident response
  • security

Cite this

Duncan, B., Whittington, M., Jaatun, M. G., & Zuniga, A. R. R. (2017). Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements? In V. Chang, M. Ramachandran, R. J. Walters , & G. Wills (Eds.), Enterprise Security (pp. 19-39). (Lecture Notes in Computer Science; Vol. 10131). Springer . https://doi.org/10.1007/978-3-319-54380-2_2

Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements? / Duncan, Bob; Whittington, Mark; Jaatun, Martin Gilje; Zuniga, Alfredo Ramiro Reyes.

Enterprise Security . ed. / Victor Chang; Muthu Ramachandran; Robert J Walters ; Gary Wills. Springer , 2017. p. 19-39 (Lecture Notes in Computer Science; Vol. 10131).

Research output: Chapter in Book/Report/Conference proceedingChapter

Duncan, B, Whittington, M, Jaatun, MG & Zuniga, ARR 2017, Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements? in V Chang, M Ramachandran, RJ Walters & G Wills (eds), Enterprise Security . Lecture Notes in Computer Science, vol. 10131, Springer , pp. 19-39, Second International Workshop, Vancouver, BC, Canada, 30/11/15. https://doi.org/10.1007/978-3-319-54380-2_2
Duncan B, Whittington M, Jaatun MG, Zuniga ARR. Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements? In Chang V, Ramachandran M, Walters RJ, Wills G, editors, Enterprise Security . Springer . 2017. p. 19-39. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-319-54380-2_2
Duncan, Bob ; Whittington, Mark ; Jaatun, Martin Gilje ; Zuniga, Alfredo Ramiro Reyes. / Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements?. Enterprise Security . editor / Victor Chang ; Muthu Ramachandran ; Robert J Walters ; Gary Wills. Springer , 2017. pp. 19-39 (Lecture Notes in Computer Science).
@inbook{d85a4c0eed3346dfbba3619cbb6dcdac,
title = "Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements?",
abstract = "In this chapter, we consider whether the outsourcing of incident management is a viable technological approach that may be transferable to other cloud security management requirements. We review a viable approach to outsourcing incident response management and consider whether this can be applied to other cloud security approaches, starting with the concept of using proper measurement for a cloud security assurance model. We demonstrate how this approach can be applied, not only to the approach under review, but how it may be applied to address other cloud security requirements.",
keywords = "cloud, requirements, measurement, assurance, outsourcing, incident response, security",
author = "Bob Duncan and Mark Whittington and Jaatun, {Martin Gilje} and Zuniga, {Alfredo Ramiro Reyes}",
year = "2017",
doi = "10.1007/978-3-319-54380-2_2",
language = "English",
isbn = "978-3-319-54379-6",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "19--39",
editor = "Victor Chang and Muthu Ramachandran and {Walters }, {Robert J} and Gary Wills",
booktitle = "Enterprise Security",

}

TY - CHAP

T1 - Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements?

AU - Duncan, Bob

AU - Whittington, Mark

AU - Jaatun, Martin Gilje

AU - Zuniga, Alfredo Ramiro Reyes

PY - 2017

Y1 - 2017

N2 - In this chapter, we consider whether the outsourcing of incident management is a viable technological approach that may be transferable to other cloud security management requirements. We review a viable approach to outsourcing incident response management and consider whether this can be applied to other cloud security approaches, starting with the concept of using proper measurement for a cloud security assurance model. We demonstrate how this approach can be applied, not only to the approach under review, but how it may be applied to address other cloud security requirements.

AB - In this chapter, we consider whether the outsourcing of incident management is a viable technological approach that may be transferable to other cloud security management requirements. We review a viable approach to outsourcing incident response management and consider whether this can be applied to other cloud security approaches, starting with the concept of using proper measurement for a cloud security assurance model. We demonstrate how this approach can be applied, not only to the approach under review, but how it may be applied to address other cloud security requirements.

KW - cloud

KW - requirements

KW - measurement

KW - assurance

KW - outsourcing

KW - incident response

KW - security

U2 - 10.1007/978-3-319-54380-2_2

DO - 10.1007/978-3-319-54380-2_2

M3 - Chapter

SN - 978-3-319-54379-6

T3 - Lecture Notes in Computer Science

SP - 19

EP - 39

BT - Enterprise Security

A2 - Chang, Victor

A2 - Ramachandran, Muthu

A2 - Walters , Robert J

A2 - Wills, Gary

PB - Springer

ER -