Meeting the global challenges of security incident response

Abstract

Responding to computer security ineidents has become a critical function within an information technology program of any enterprise. These ineidents are threats not only to computing equipment but also to the stability of establishments, such as small to large govermnents or utilities serving large populations. New types of security-related ineidents emerge frequently and massive activities take place across the globe to mitigate the violations of security polieies or recommended security practices. In spite of the concerted efforts from many organizations, complete solutions are still lagging behind. Proactive or predictive research and planning activities are on the rise in many industrialized nations. However, they seem to fall short on coping up with an unexpected global ineident before incurring a substantial damage. What can the global security-aware organizations and communities do? This paper is intended to help set the stage for a panel discussion to be chaired by the first author with the members ofthe IFIP WG9.6111.7, "IT Misuse and the Law". © 2004 by Springer Science+Business Media Dordrecht.