| dc.contributor.author | Smith, R | |
| dc.contributor.author | Janicke, H | |
| dc.contributor.author | He, Y | |
| dc.contributor.author | Ferra, F | |
| dc.contributor.author | Albakri, A | |
| dc.date.accessioned | 2023-12-19T11:55:11Z | |
| dc.date.available | 2023-12-19T11:55:11Z | |
| dc.date.issued | 2021-10 | |
| dc.identifier.issn | 0167-4048 | |
| dc.identifier.uri | https://qmro.qmul.ac.uk/xmlui/handle/123456789/93044 | |
| dc.description.abstract | Cyber incident response within Industrial Control Systems (ICS) is characterised by high levels of uncertainty and unpredictability and requires a multi-disciplined team that encompasses personnel business operations, Operational Technology (OT), IT, security operations and media engagement to be effective. Such teams require a dynamic decision framework to allow ICS operators to maintain services during the recovery of full operating capability. There is empirical evidence that static incident response playbooks do not provide enough flexibility in their definition to support situations outside of the scope of their initial definition, and that they have been ignored when cyber incidents have occurred. A thematic analysis of semi-structured interviews with ICS incident response professional identified three main areas of concern: communication, information sharing between knowledge areas, and achieving external buy-in. | en_US |
| dc.format.extent | 102398 - ? | |
| dc.publisher | Elsevier | en_US |
| dc.relation.ispartof | Computers & Security | |
| dc.rights | This is a pre-copyedited, author-produced version accepted for publication in Computers & Security following peer review. The version of record is available at https://www.sciencedirect.com/science/article/pii/S0167404821002224?via%3Dihub | |
| dc.subject | Generic health relevance | en_US |
| dc.title | The Agile Incident Response for Industrial Control Systems (AIR4ICS) framework | en_US |
| dc.type | Article | en_US |
| dc.rights.holder | © 2021 Elsevier Ltd. All rights reserved. | |
| dc.identifier.doi | 10.1016/j.cose.2021.102398 | |
| pubs.notes | Not known | en_US |
| pubs.volume | 109 | en_US |
| rioxxterms.funder | Default funder | en_US |
| rioxxterms.identifier.project | Default project | en_US |
