Date of Award
PhD in Business
Department of Information and Process Management
Janis L. Gogan
W. Alec Cram
This dissertation investigates managerial and strategic aspects of InfoSec incident preparation and response. This dissertation is presented in four chapters:
Chapter 1: an introduction
Chapter 2: a systematic literature review
Chapter 3: two field-based case studies of InfoSec incident response processes
Chapter 4: a repertory grid study identifying characteristics of effective individual incident responders.
Together these chapters demonstrate that the lenses of the Resource Based View, Theory of Complementary Resources, and Accounting Control Theory, can be combined to classify and analyze the resources organizations use during incident response. I find that incident response is maturing as a discipline and organizations rely on both defined procedures and improvisation when incidents occur. Most importantly there is no “one size fits all” approach to incident response. Incident responder characteristics include general skills (good communicators and problem solvers) and character attributes (such as an interest in “doing the right thing”).The combination of characteristics that make an individual successful in a particular incident response role is affected by other resources available to support InfoSec incident response.
McLaughlin, Mark-David J., "A Resource View of Information Security Incident Response". 2018. 2.