Suchergebnisse

Response plans developed thoroughly are suggestive of a successful action, but there is a gap in the literature with respect to the way concerted efforts among organizations are planned and change during crises. Using organizational network data extracted from the South Korean government's MERS response manuals, we examined the changes in the response coordination network planned during the epidemic's distinct stages. The greatest difference in predicting tie formation was found in the networks planned before the event and revised during the outbreak. Local and governmental actors tend to form more ties consistently in the revised manuals. Two actors that are intended to transfer medical and/or personnel resources tend to form more ties across all stages. These findings suggest that transferring material and/or human resources are key activities in the epidemic response and planners tend to increase the connection of local and governmental actors over time.

Purpose — The purpose of this study is to examine security incident response practices of IT security practitioners as a diagnostic work process, including the preparation phase, detection, and analysis of anomalies. Design/methodology/approach — The data set consisted of 16 semi-structured interviews with IT security practitioners from 7 organizational types (e.g., academic, government, private). The interviews were analyzed using qualitative description with constant comparison and inductive analysis of the data to analyze diagnostic work during security incident response. Findings — Our analysis shows that security incident response is a highly collaborative activity, which may involve practitioners developing their own tools to perform specific tasks. Our results also show that diagnosis during incident response is complicated by practitioners' need to rely on tacit knowledge, as well as usability issues with security tools. Research limitations/implications — Due to the nature of semi-structured interviews, not all participants discussed security incident response at the same level of detail. More data are required to generalize and refine our findings. Originality/value — The contribution of our work is twofold. First, using empirical data, we analyze and describe the tasks, skills, strategies, and tools that security practitioners use to diagnose security incidents. Our findings enhance the research community's understanding of the diagnostic work during security incident response. Second, we identify opportunities for future research directions related to improving security tools.

At present, the Colombian government shares information on threats or vulnerabilities in the area of cybersecurity and cyberdefense, from other government agencies or departments, on an ad-hoc basis but not in real time, with the surveillance entities of the Government of the Republic of Colombia such as the Joint Command of Cybernetic Operations (CCOCI) and the Cybernetic Emergencies Response Team of Colombia (ColCERT). This research presents the MS-CSIRT (Management System Computer Security Incident Response Teams) methodology, that is used to unify the guidelines of a CSIRT towards a joint communication command in cybersecurity for the surveillance of Information Technology (IT), Technological Operations (TO), Internet Connection Sharing (ICS) or Internet of Things (IoT) infrastructures. This methodology evaluates the level of maturity, by means of a roadmap, to establish a CSIRT as a reference framework for government entities and as a guide for the areas of information security, IT and TO to strengthen the growth of the industry 4.0. This allows the organizations to draw a line of cybersecurity policy with scope, objectives, controls, metrics, procedures and use cases for the correct coordination between ColCERT and CCOCI, as support entities in cybersecurity, and the different companies (ICS, IoT, gas and energy, mining, maritime, agroindustrial, among others) or government agencies that use this methodology.

Purpose
This paper aims to investigate the different patterns of organizational behavioural responses to major incidents and develop an original classification of these patterns.


Design/methodology/approach
An extensive literature review was made to investigate the different patterns of behavioural responses to major incidents and then to develop an original classification of these patterns. Several sources of information, such as case studies, technical reports, academic journal articles and organizational internal reports were used.


Findings
Organizations respond differently to major incidents. This was clear from the different behavioural patterns investigated and identified. Behavioural patterns determine levels of resilience and ability of organizations to overcome and ultimately survive major incidents.


Practical implications
To promote effective and organized behavioural response patterns to major incidents and improve consistency of responses across the organization, relevant authorities should demonstrate to all private and public enterprises the significance of effective behavioural responses, thus enabling them to better respond to various potential emergencies.


Originality/value
A number of models of human behaviour have been introduced in the literature to understand how people respond to emergency situations. They each take a different perspective on human behaviour but no single theory has emerged as the leading paradigm. This highlights the complexity of understanding human behaviour in such situations and the need for a better classification of behavioural patterns. To the author's knowledge, this is one of very few studies to investigate, identify and categorize behavioural response patterns to major incidents. This research is expected to be of a substantial value for those interested in improving organizational behaviour during major incidents, as well as those interested in improving organizational resilience.

"The ways in which organizations make use of information available to them to make decisions and manage activity is an essential topic of investigation for human factors. When the information is uncertain, incomplete or subject to change, then decision making and activity management can become challenging. Under such circumstances, it has become commonplace to use the concept of sensemaking as the lens through which to view organizational behavior. This book offers a unique perspective on sensemaking through its consideration of the variety of ways in which Incident Response is managed by the Police. As an incident moves from the initial call handling to subsequent mobilization of response to first officer attending, a wide range of information is acquired, processed and shared, and the organization (and individuals who work within it) face challenges of making sense of the situation to which they are responding"--Provided by publisher

"The ways in which organizations make use of information available to them to make decisions and manage activity is an essential topic of investigation for human factors. When the information is uncertain, incomplete or subject to change, then decision making and activity management can become challenging. Under such circumstances, it has become commonplace to use the concept of sensemaking as the lens through which to view organizational behavior. This book offers a unique perspective on sensemaking through its consideration of the variety of ways in which Incident Response is managed by the Police. As an incident moves from the initial call handling to subsequent mobilization of response to first officer attending, a wide range of information is acquired, processed and shared, and the organization (and individuals who work within it) face challenges of making sense of the situation to which they are responding"--Provided by publisher.

Climate change is having a significant effect on disasters worldwide. In response, societies have attempted to mitigate the consequences by developing standardised arrangements, known as incident command systems. Many of these systems have a military heritage using hierarchical command-and-control principles that are authoritative by nature and fit well within bureaucratic organisations. While emergency services agencies have embraced these incident command systems, other agencies have not, thereby making the multi-agency response to disasters challenging. This research investigated current incident command systems to develop an improved framework that includes all agencies and improves the multi-agency response to emergencies and disasters. A multi-modal qualitative research approach was undertaken using a literature review, semi-structured interviews with informants and a policy analysis of recent disaster reviews and inquires. This combined data informed the development of 4 options for improvements to the multi-agency response and consolidated the issues into 5 domains. These domains and options for improvement were presented to a panel of experts at the strategic level of emergency and disaster management by way of a 2-round modified Delphi study. This paper reports on the final phase of the research; the policy analysis and modified Delphi study. The most significant outcome of this research was a new level of understanding of strengths and weakness of the incident command system. This contributed to the development of a new conceptual framework based on modifications to the incident command system principles.