Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements?

Bob Duncan; Mark Whittington; Martin Gilje Jaatun; Alfredo Ramiro Reyes Zuniga

doi:10.1007/978-3-319-54380-2_2

Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements?

Bob Duncan, Mark Whittington, Martin Gilje Jaatun, Alfredo Ramiro Reyes Zuniga

Research output: Chapter in Book/Report/Conference proceeding › Chapter

46 Downloads (Pure)

Abstract

In this chapter, we consider whether the outsourcing of incident management is a viable technological approach that may be transferable to other cloud security management requirements. We review a viable approach to outsourcing incident response management and consider whether this can be applied to other cloud security approaches, starting with the concept of using proper measurement for a cloud security assurance model. We demonstrate how this approach can be applied, not only to the approach under review, but how it may be applied to address other cloud security requirements.

Original language	English
Title of host publication	Enterprise Security
Editors	Victor Chang, Muthu Ramachandran, Robert J Walters , Gary Wills
Publisher	Springer
Pages	19-39
Number of pages	22
ISBN (Electronic)	978-3-319-54380-2
ISBN (Print)	978-3-319-54379-6
DOIs	https://doi.org/10.1007/978-3-319-54380-2_2
Publication status	Published - 2017
Event	Second International Workshop: ES 2015 - Vancouver, BC, Canada Duration: 30 Nov 2015 → 3 Dec 2015

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer International Publishing AG
Volume	10131
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	Second International Workshop
Country/Territory	Canada
City	Vancouver, BC
Period	30/11/15 → 3/12/15

Keywords

cloud
requirements
measurement
assurance
outsourcing
incident response
security

Access to Document

10.1007/978-3-319-54380-2_2Licence: Unspecified

Accepted Manuscript
The final publication is available at link.springer.com
Accepted author manuscript, 263 KBLicence: Unspecified

Cite this

Duncan, B., Whittington, M., Jaatun, M. G., & Zuniga, A. R. R. (2017). Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements? In V. Chang, M. Ramachandran, R. J. Walters , & G. Wills (Eds.), Enterprise Security (pp. 19-39). (Lecture Notes in Computer Science; Vol. 10131). Springer . https://doi.org/10.1007/978-3-319-54380-2_2

Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements? / Duncan, Bob; Whittington, Mark; Jaatun, Martin Gilje et al.
Enterprise Security . ed. / Victor Chang; Muthu Ramachandran; Robert J Walters ; Gary Wills. Springer , 2017. p. 19-39 (Lecture Notes in Computer Science; Vol. 10131).

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Duncan, B, Whittington, M, Jaatun, MG & Zuniga, ARR 2017, Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements? in V Chang, M Ramachandran, RJ Walters & G Wills (eds), Enterprise Security . Lecture Notes in Computer Science, vol. 10131, Springer , pp. 19-39, Second International Workshop, Vancouver, BC, Canada, 30/11/15. https://doi.org/10.1007/978-3-319-54380-2_2

@inbook{d85a4c0eed3346dfbba3619cbb6dcdac,

title = "Could the Outsourcing of Incident Response Management provide a Blueprint for Managing Other Cloud Security Requirements?",

abstract = "In this chapter, we consider whether the outsourcing of incident management is a viable technological approach that may be transferable to other cloud security management requirements. We review a viable approach to outsourcing incident response management and consider whether this can be applied to other cloud security approaches, starting with the concept of using proper measurement for a cloud security assurance model. We demonstrate how this approach can be applied, not only to the approach under review, but how it may be applied to address other cloud security requirements.",

keywords = "cloud, requirements, measurement, assurance, outsourcing, incident response, security",

author = "Bob Duncan and Mark Whittington and Jaatun, {Martin Gilje} and Zuniga, {Alfredo Ramiro Reyes}",

year = "2017",

doi = "10.1007/978-3-319-54380-2_2",

language = "English",

isbn = "978-3-319-54379-6",

series = "Lecture Notes in Computer Science",

publisher = "Springer ",

pages = "19--39",

editor = "Victor Chang and Muthu Ramachandran and {Walters }, {Robert J} and Gary Wills",

booktitle = "Enterprise Security",

note = "Second International Workshop : ES 2015 ; Conference date: 30-11-2015 Through 03-12-2015",