Socio-Technical SIEM (ST-SIEM)-Reference-Cited by-同舟云学术

Socio-Technical SIEM (ST-SIEM)

Published:2017-07 Issue:2 Volume:4 Page:8-21
ISSN:2327-3984
Container-title:International Journal of Systems and Society
language:en
Short-container-title:

Author:

AlSabbagh Bilal¹,Kowalski Stewart²

Affiliation:

1. Department of Computer and Systems Sciences, Stockholm University, Stockholm, Sweden

2. Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Gjøvik, Norway

Abstract

This article discusses the design and specifications of a Socio-Technical Security Information and Event Management System (ST-SIEM). This newly-developed artifact addresses an important limitation identified in today incident response practice—the lack of sufficient context in actionable security information disseminated to constituent organizations. ST-SIEM tackles this limitation by considering the socio-technical aspect of information systems security. This concept is achieved by correlating the technical metrics of security warnings (which are generic in nature, and the sources of which are sometimes unknown) with predefined social security metrics (used for modeling the security culture of constituent organizations). ST-SIEM, accordingly, adapts the risk factor of the triggered security warning based on each constituent organization security culture. Moreover, the artifact features several socio-technical taxonomies with an impact factor to support organizations in classifying, reporting, and escalating actionable security information. The overall project uses design science research as a framework to develop the artifact.

Publisher

IGI Global

Subject

General Engineering

Reference23 articles.

1. Incident response teams – Challenges in supporting the organisational security function

2. AlienVault. (2014). SIEM for Beginners. Retrieved from https://www.alienvault.com/ resource-center/white-papers/siem-for-beginners

3. A cultural adaption model for global cyber security warning systems.;B.Alsabbagh;Proceedings of 5th International Conference on Communications, Networking and Information Technology,2011

4. Developing social metrics for security – Modeling the security culture of IT workers individuals (case study).;B.AlSabbagh;Proceedings of the 5th International Conference on Communications, Computers and Applications (MIC-CCA 2012),2012

5. Alsabbagh, B., & Kowalski, S. (2012b). ST(CS)2 – Featuring socio-technical cyber security warning systems. In Proceedings of Cyber Security, Cyber Warfare and Digital Forensic (CyberSec),2012 International Conference. Kuala Lumpur, Malaysia: IEEE.

Cited by 4 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Evaluating Incident Response in Csirts Using Cube Socio-Technical Systems Analysis;2024

2. Model-Based Incident Response Playbooks;Proceedings of the 17th International Conference on Availability, Reliability and Security;2022-08-23

3. Intrusion Detection & Incident Response for Information Security: Technologies and Challenges;2022 2nd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE);2022-04-28

4. Empirical Study on the Influence of Security Control Management and Social Factors in Deterring Information Security Misbehaviour;Journal of Physics: Conference Series;2020-05-01