More Web Proxy on the site http://driver.im/

research-article

The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study

Authors:

Marc-André Kaufhold,

Christian ReuterAuthors Info & Claims

Proceedings of the ACM on Human-Computer Interaction, Volume 5, Issue CSCW2

Article No.: 478, Pages 1 - 30

https://doi.org/10.1145/3479865

Published: 18 October 2021 Publication History

Abstract

Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.

References

[1]

Atif Ahmad, Justin Hadgkiss, and A. B. Ruighaver. 2012. Incident response teams - Challenges in supporting the organisational security function. Computers and Security, 31, 5, 643--652.

Digital Library

[2]

Bander Ali Saleh Al-rimy, Mohd Aizaini Maarof, and Syed Zainudeen Mohd Shaid. 2018. Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions. Computers and Security, 74, 144--166.

Digital Library

[3]

Firoj Alam, Ferda Ofli, and Muhammad Imran. 2020. Descriptive and visual summaries of disaster events using artificial intelligence techniques: case studies of Hurricanes Harvey, Irma, and Maria. Behaviour & Information Technology (BIT), 39, 3, 288--318.

[4]

Arbeitsgruppe Kritische Infrastrukturen. 2020. The Cyber Relief Agency: Concept for Increasing the Response Capabilities in Major Cyber Incidents., 1--33.

[5]

Michael Aupetit and Muhammad Imran. 2017. Interactive monitoring of critical situational information on social media. In Proceedings of the International Conference on Information Systems for Crisis Response and Management (ISCRAM)., 673--683.

[6]

Riza Azmi, William Tibben, and Khin Than Win. 2016. Motives behind Cyber Security Strategy Development: A Literature Review of National Cyber Security Strategy. ACIS 2016 Proceedings.

[7]

Maria Bada and Jason R. C. Nurse. 2020. Chapter 4 - The social and psychological impact of cyberattacks. In Emerging Cyber Threats and Cognitive Vulnerabilities. Vladlena Benson and John Mcalaney (Eds.). Academic Press, 73--92.

[8]

Shahriar Badsha, Iman Vakilinia, and Shamik Sengupta. 2019. Privacy Preserving Cyber Threat Information Sharing and Learning for Cyber Defense. In 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC). IEEE, 0708--0714.

[9]

Sergei Boeke. 2018. National cyber crisis management: Different European approaches. Governance, 31, 3, 449--464.

[10]

BSI. 2020. Die Lage der IT-Sicherheit in Deutschland 2019. Retrieved from: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2019.pdf?__blob=publicationFile&v=7.

[11]

BSI. 2021. BSI warnt: Kritische Schwachstellen in Exchange-Servern., Press Release. Retrieved from: https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2021/210305_Exchange-Schwachstelle.html;jsessionid=DE068173A2E227CE673422F7675FB3FE.internet481?nn=893136.

[12]

Norbou Buchler, Prashanth Rajivanb, Laura R. Marusicha, Lewis Lightnerc, and Cleotilde Gonzalezb. 2018. Sociometrics and observational assessment of teaming and leadership in a cyber security defense competition. Computers & Security, 73, March, 114--136.

[13]

Carlos Castillo. 2016. Big Crisis Data: Social Media in Disasters and Time-Critical Situations. Cambridge University Press, New York, NY, USA.

[14]

Paul Cichonski, Tom Millar, Tim Grance, and Karen Scarfone. 2012. NIST Special Publication 800--61 Revision 2: Computer Security Incident Handling Guide Recommendations. NIST Special Publication.

[15]

Camille Cobb, Ted McCarthy, Annuska Perkins, Ankitha Bharadwaj, Jared Comis, Brian Do, and Kate Starbird. 2014. Designing for the Deluge: Understanding & Supporting the Distributed, Collaborative Work of Crisis Volunteers. In Proceedings of the Conference on Computer Supported Cooperative Work (CSCW), Baltimore, USA, USA, 888--899.

Digital Library

[16]

Jamie Collier. 2017. Strategies of Cyber Crisis Management: Lessons from the Approaches of Estonia and the United Kingdom. In Ethics and Policies for Cyber Operations. Mariarosaria Taddeo and Ludovica Glorioso (Eds.). Springer International Publishing, Basel, 187--212.

[17]

David Croasdell. 2019. The Role of Transnational Cooperation in Cybersecurity Law Enforcement. In Proceedings of the 52nd Hawaii International Conference on System Sciences., 5598--5607.

[18]

John S. II Davis, Benjamin Boudreaux, Jonathan William Welburn, Cordaye Ogletree, Geoffrey McGovern, and Michael S. Chase. 2017. Stateless Attribution: Toward International Accountability in Cyberspace. RAND Corporation.

[19]

Lise Ann St. Denis, Amanda Lee Hughes, and Leysia Palen. 2012. Trial by Fire: The Deployment of Trusted Digital Volunteers in the 2011 Shadow Lake Fire. In Proceedings of the International Conference on Information Systems for Crisis Response and Management (ISCRAM). L. Rothkrantz, J. Ristvej, and Z. Franco (Eds.). ISCRAM, Vancouver, Canada, 1--10.

[20]

Deutscher Bundestag. 2009. Gesetz zur -nderung des Grundgesetzes (Artikel 91c, 91d, 104b, 109, 109a, 115, 143d). Berlin. Retrived from: https://www.it-planungsrat.de/SharedDocs/Downloads/DE/ITPlanungsrat/Staatsvertrag/Gesetz_zur_Aenderung_des_Grundgesetzes.pdf?__blob=publicationFile&v=5.

[21]

André Duvillard and Melanie Friedli. 2018. Nationale Cyber-Strategie: Einbezug der lokalen Ebene in einem föderalen Staat. In Cybersecurity Best Practices. Springer Fachmedien Wiesbaden, 117--123.

[22]

Jesse M. Ehrenfeld. 2017. WannaCry, Cybersecurity and Health Information Technology: A Time to Act. Journal of Medical Systems, 41, 7, 10916.

[23]

ENISA. 2018. Cyber Europe 2018: After Action Report. December. Retrived from: https://www.enisa.europa.eu/publications/cyber-europe-2018-after-action-report.

[24]

ENISA. 2021. CSIRTs by Country - Interactive Map. Retrived from: https://www.enisa.europa.eu/topics/csirts-in-europe/csirt-inventory/certs-by-country-interactive-map.

[25]

Ramian Fathi, Dennis Thom, Steffen Koch, Thomas Ertl, and Frank Fiedrich. 2020. VOST: A case study in voluntary digital participation for collaborative emergency management. Information Processing and Management, 57, 4, 102174.

[26]

Federal Office for Information Security. 2019. The State of IT Security in Germany 2018., IT-Security Situation. Retrieved from: https://www.bsi.bund.de/EN/Publications/SecuritySituation/SecuritySituation_node.html.

[27]

Claire La Fleur, Blaine Hoffman, C. Benjamin Gibson, and Norbou Buchler. 2021. Team performance in a series of regional and national US cybersecurity defense competitions: Generalizable effects of training and functional role specialization. Computers and Security, 104, 102229.

Digital Library

[28]

Ulrik Franke and Joel Brynielsson. 2014. Cyber situational awareness - A systematic review of the literature. Computers and Security 46, 18--31. Elsevier Ltd, 18--31.

[29]

Kira Gedris, Kayla Bowman, Aatish Neupane, Amanda Lee Hughes, Elizabeth Bonsignore, Ryan W. West, Jon Balzotti, and Derek L. Hansen. 2021. Simulating Municipal Cybersecurity Incidents: Recommendations from Expert Interviews Kira. In Proceedings of the 54th Hawaii International Conference on System Sciences 2021., 2036--2045.

[30]

Jochen Gläser and Grit Laudel. 2010. Experteninterviews und qualitative Inhaltsanalyse. VS Verlag für Sozialwissenschaften, Wiesbaden.

[31]

Annemijn F. van Gorp. 2014. Integration of Volunteer and Technical Communities into the Humanitarian Aid Sector: Barriers to Collaboration. In Proceedings of the International Conference on Information Systems for Crisis Response and Management (ISCRAM), May., 620--629.

[32]

George Grispos, William Glisson, and Tim Storer. 2019. How Good is Your Data? Investigating the Quality of Data Generated During Security Incident Response Investigations. Proceedings of the 52nd Hawaii International Conference on System Sciences, 6, 7156--7165.

[33]

Christian Heath and Paul Luff. 1992. Collaboration and control. Crisis management and multimedia technology in London Underground Line Control Rooms. Computer Supported Cooperative Work (CSCW), 1, 1--2, 69--94.

[34]

Otto Hellwig. 2015. Organisation, Rahmenbedingungen und Kommunikation bei CERTs. In Sicherheit in Cyber-Netzwerken. Edith Huber (Ed.). Springer VS, Wiesbaden, 559--574.

[35]

Alan R. Hevner. 2007. A Three Cycle View of Design Science Research. Scandinavian Journal of Information Systems, 19, 2, 87--92.

[36]

Starr Roxanne Hiltz, Amanda Lee Hughes, Muhammad Imran, Linda Plotnick, Robert Power, and Murray Turoff. 2020. Exploring the usefulness and feasibility of software requirements for social media use in emergency management. International Journal of Disaster Risk Reduction (IJDDR), 42, January, 101367.

[37]

Cathrine Hove, Marte Tarnes, Maria B. Line, and Karin Bernsmed. 2014. Information security incident management: Identified practice in large organizations. Proceedings - 8th International Conference on IT Security Incident Management and IT Forensics, IMF 2014, 27--46.

Digital Library

[38]

Edith Huber. 2015. Sicherheit in Cyber-Netzwerken. Springer Fachmedien Wiesbaden, Wiesbaden.

[39]

Muhammad Imran, Carlos Castillo, Fernando Diaz, and Sarah Vieweg. 2015. Processing Social Media Messages in Mass Emergency: A Survey 47, 4. ACM, New York, NY

Digital Library

[40]

Muhammad Imran, Patrick Meier, and Kees Boersma. 2018. The use of social media for crisis management: a privacy by design approach. In Big Data, Surveillance and Crisis Management. Routledge.

[41]

Marios Ioannou, Eliana Stavrou, and Maria Bada. 2019. Cybersecurity Culture in Computer Security Incident Response Teams: Investigating difficulties in communication and coordination. In 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security).

[42]

IT-Planungsrat. 2013. Leitlinie für die Informationssicherheit in der öffentlichen Verwaltung- Hauptdokument. Retrived from: https://www.it-planungsrat.de/SharedDocs/Downloads/DE/Entscheidungen/10_Sitzung/Leitlinie_Informationssicherheit_Hauptdokument.html.

[43]

IT-Planungsrat. 2016. Kooperation der CERTs im Verwaltungs-CERT-Verbund (VCV). Berlin. Retrived from: https://www.it-planungsrat.de/SharedDocs/Downloads/DE/Fachkongress/4FK2016/2Mai_FI_Cybersicherheit_01--1_VCV.pdf?__blob=publicationFile&v=2.

[44]

Robert Kaiser. 2014. Qualitative Experteninterviews. Konzeptionelle Grundlagen und praktische Durchführung. Springer VS, Wiesbaden

[45]

Hanna Kallio, Anna Maija Pietilä, Martin Johnson, and Mari Kangasniemi. 2016. Systematic methodological review: developing a framework for a qualitative semi-structured interview guide. Journal of Advanced Nursing, 72, 12, 2954--2965.

[46]

Marc-André Kaufhold. 2021. Information Refinement Technologies for Crisis Informatics: User Expectations and Design Principles for Social Media and Mobile Apps. Springer Vieweg, Wiesbaden

[47]

Marc-André Kaufhold et al. 2021. CYWARN: Strategy and Technology Development for Cross-Platform Cyber Situational Awareness and Actor-Specific Cyber Threat Communication. In Workshop-Proceedings Mensch und Computer 2021., 1--9.

[48]

Marc-André Kaufhold, Nicola Rupp, Christian Reuter, and Matthias Habdank. 2019. Mitigating Information Overload in Social Media during Conflicts and Crises: Design and Evaluation of a Cross-Platform Alerting System. Behaviour & Information Technology (BIT), 39, 3, 319--342.

[49]

Himanshu Khurana, Jim Basney, Mehedi Bakht, Mike Freemon, Von Welch, and Randy Butler. 2009. Palantir: a framework for collaborative incident response and investigation. In Proceedings of the 8th Symposium on Identity and Trust on the Internet - IDtrust '09. ACM Press, New York, New York, USA, 38.

Digital Library

[50]

Georgia Killcrece, Klaus-Peter Kossakowski, Robin Ruefle, and Mark Zajicek. 2003. State of the Practice of Computer Security Incident Response Teams (CSIRTs). Pittsburgh, PA, USA.

[51]

Rick Van der Kleij, Geert Kleinhuis, and Heather Young. 2017. Computer security incident response team effectiveness: A needs assessment. Frontiers in Psychology, 8, DEC, 1--8.

[52]

Laura Kocksch, Matthias Korn, Andreas Poller, and Susann Wagenknecht. 2018. Caring for IT security: Accountabilities, moralities, and oscillations in IT security practices. Proceedings of the ACM on Human-Computer Interaction (CSCW), 2.

Digital Library

[53]

Farzan Kolini and Lech Janczewski. 2017. Clustering and Topic Modelling: A New Approach for Analysis of National Cyber security Strategies. PACIS 2017 Proceedings.

[54]

Klaus-Peter Kossakowski. 2000. Information technology incident response capabilities. Hamburg.

[55]

Klaus-Peter Kossakowski and Caroline Neufert. 2012. CERT-Dienstleistungen für Land und Kommunen in Hessen. Wiesbaden.

[56]

Marko Krstic, Milan Cabarkapa, and Aleksandar Jevremovic. 2019. Machine Learning Applications in Computer Emergency Response Team Operations. 27th Telecommunications Forum, TELFOR 2019, 13--16.

[57]

Philipp Kuehn, Thea Riebe, Lynn Apelt, Max Jansen, and Christian Reuter. 2020. Sharing of Cyber Threat Intelligence between States. S+F (Security and Peace), 38, 1, 22--28.

[58]

Sophia B. Liu. 2014. Crisis Crowdsourcing Framework: Designing Strategic Configurations of Crowdsourcing for the Emergency Management Domain. Computer Supported Cooperative Work (CSCW), 23, 4--6, 389--443.

[59]

Philipp Mayring. 2000. Qualitative Content Analysis. Forum: Qualitative Social Research, 1, 2.

[60]

D. Mendonca, G. E. Beroggi, and W. A. Wallace. 2001. Decision support for improvisation during emergency response operations. International journal of emergency management, 1, 1, 30--38.

[61]

David Mendonça, Theresa Jefferson, and John Harrald. 2007. Collaborative adhocracies and Mix-and-Match Technologic in emergency management. Communications of the ACM, 50, 3, 44--49.

Digital Library

[62]

Sarandis Mitropoulos, Dimitrios Patsos, and Christos Douligeris. 2006. On Incident Handling and Response: A state-of-the-art approach. Computers and Security, 25, 5, 351--370.

Digital Library

[63]

NIS Directive. 2016. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. OJ L, 194, 19.7, 2016. Retrived from: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016L1148.

[64]

Alexandra Olteanu, Sarah Vieweg, and Carlos Castillo. 2015. What to Expect When the Unexpected Happens: Social Media Communications Across Crises. In Proceedings of the 18th ACM Conference on Computer Supported Cooperative Work & Social Computing. ACM, New York, USA, 994--1009.

Digital Library

[65]

Teresa Onorati, Paloma Díaz, and Belen Carrion. 2018. From social networks to emergency operation centers: A semantic visualization approach. Future Generation Computer Systems.

Digital Library

[66]

Keshnee Padayachee and Elias Worku. 2018. Shared situational awareness in information security incident management. 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017, 479--483.

[67]

Leysia Palen and Kenneth M. Anderson. 2016. Crisis informatics: New data for extraordinary times. Science, 353, 6296, 224--225.

[68]

Spyridon Papastergiou, Haralambos Mouratidis, and Eleni Maria Kalogeraki. 2019. Cyber security incident handling, warning and response system for the european critical information infrastructures (cyberSANE). Communications in Computer and Information Science, 1000, 476--487.

[69]

Theresa A. Pardo, Anthony M. Cresswell, Sharon S. Dawes, and G. Brian Burke. 2004. Modeling the social & technical processes of interorganizational information integration. Proceedings of the Hawaii International Conference on System Sciences, 37, C, 1905--1912.

[70]

Theresa A. Pardo, Anthony M. Cresswell, Fiona Thompson, and Jing Zhang. 2006. Knowledge sharing in cross-boundary information system development in the public sector. Information Technology and Management, 7, 4, 293--313.

[71]

Richard D. Pethia and Kenneth R. van Wyk. 1990. Computer Emergency Response - An International Problem. Pittsburgh, Pa.: CERT Coordination Center., Software Engineering Institute, Carnegie Mellon University.

[72]

Gabriel Pimenta Rodrigues, Robson de Oliveira Albuquerque, Flávio Gomes de Deus, Rafael de Sousa Jr., Gildásio de Oliveira Júnior, Luis García Villalba, and Tai-Hoon Kim. 2017. Cybersecurity and Network Forensics: Analysis of Malicious Traffic towards a Honeynet with Deep Packet Inspection. Applied Sciences, 7, 10, 1082.

[73]

Linda Plotnick and Starr Roxanne Hiltz. 2018. Software Innovations to Support the Use of Social Media by Emergency Managers. International Journal of Human-Computer Interaction, 34, 4, 367--381.

[74]

Christian Reuter, Oliver Heger, and Volkmar Pipek. 2013. Combining Real and Virtual Volunteers through Social Media. In Proceedings of the International Conference on Information Systems for Crisis Response and Management (ISCRAM). T. Comes, F. Fiedrich, S. Fortier, J. Geldermann, and Tim Müller (Eds.)., Baden-Baden, Germany, Germany, 780--790.

[75]

Christian Reuter, Amanda Lee Hughes, and Marc-André Kaufhold. 2018. Social Media in Crisis Management: An Evaluation and Analysis of Crisis Informatics Research. International Journal on Human-Computer Interaction (IJHCI), 34, 4, 280--294.

[76]

Christian Reuter and Marc-André Kaufhold. 2018. Fifteen Years of Social Media in Emergencies: A Retrospective Review and Future Directions for Crisis Informatics. Journal of Contingencies and Crisis Management (JCCM), 26, 1, 41--57.

[77]

Christian Reuter, Marc-André Kaufhold, Thomas Spielhofer, and Anna Sophie Hahne. 2017. Social Media in Emergencies: A Representative Study on Citizens' Perception in Germany. Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing, 1, 2, 1--19.

Digital Library

[78]

Christian Reuter, Thomas Ludwig, and Volkmar Pipek. 2014. Ad Hoc Participation in Situation Assessment: Supporting Mobile Collaboration in Emergencies. ACM Transactions on Computer-Human Interaction (TOCHI), 21, 5, 1--26.

Digital Library

[79]

Carmine Scavo, Richard C. Kearney, and Richard J. Kilroy. 2007. Challenges to Federalism: Homeland Security and Disaster Response. The Journal of Federalism, 38, 1, 81--110.

[80]

Wendy A. Schafer, Craig H. Ganoe, and John M. Carroll. 2007. Supporting Community Emergency Management Planning through a Geocollaboration Software Architecture. Computer Supported Cooperative Work (CSCW), 16, 4--5, 501--537.

[81]

Giuseppe Settanni, Florian Skopik, Yegor Shovgenya, and Roman Fiedler. 2016. A collaborative analysis system for cross-organization cyber incident handling. ICISSP 2016 - Proceedings of the 2nd International Conference on Information Systems Security and Privacy, Icissp, 105--116.

[82]

Florian Skopik, Giuseppe Settanni, and Roman Fiedler. 2016. A problem shared is a problem halved: A survey on the dimensions of collective cyber defense through security information sharing. Computers and Security, 60, 154--176.

Digital Library

[83]

Rebecca Slayton and Brian Clarke. 2020. Trusting infrastructure: The emergence of computer security incident response, 1989--2005. Technology and Culture, 61, 1, 173--206.

[84]

Robert Soden and Leysia Palen. 2018. Informating Crisis: Expanding Critical Perspectives in Crisis Informatics. In Proceedings of the ACM on Human-Computer Interaction 2., 1--22.

Digital Library

[85]

Kate Starbird and Leysia Palen. 2011. Voluntweeters: Self-Organizing by Digital Volunteers in Times of Crisis. In Proceedings of the Conference on Human Factors in Computing Systems (CHI). ACM-Press, Vancouver, Canada.

Digital Library

[86]

Stefan Stieglitz, Milad Mirbabaie, J. Fromm, and S. Melzer. 2018. The Adoption of Social Media Analytics for Crisis Management - Challenges and Opportunities. In Proceedings of the 26th European Conference on Information Systems (ECIS). .

[87]

Stiftung Neue Verantwortung. 2019. Staatliche Cyber-Sicherheitsarchitektur Version 3, 4. Retrived from: https://www.stiftung-nv.de/sites/default/files/cybersicherheitsarchitektur9.pdf.

[88]

Sathya Chandran Sundaramurthy, John McHugh, Xinming Simon Ou, S. Raj Rajagopalan, and Michael Wesch. 2014. An anthropological approach to studying CSIRTs. IEEE Security and Privacy, 12, 5, 52--60.

[89]

Techtarget Network. computer security incident response team (CSIRT). Retrieved from: https://whatis.techtarget.com/definition/Computer-Security-Incident-Response-Team-CSIRT.

[90]

Dennis Thom, Robert Krüger, and Thomas Ertl. 2016. Can twitter save lives? A broad-scale study on visual social media analytics for public safety. IEEE Transactions on Visualization and Computer Graphics, 22, 7, 1816--1829.

Digital Library

[91]

Paúl Valladares, Walter Fuertes, Freddy Tapia, Theofilos Toulkeridis, and Ernesto Pérez. 2017. Dimensional data model for early alerts of malicious activities in a CSIRT. In 2017 International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS)., Seattle, WA, USA

[92]

Sarah Vieweg, Amanda L. Hughes, Kate Starbird, and Leysia Palen. 2010. Microblogging during two natural hazards events. Proceedings of the 28th international conference on Human factors in computing systems - CHI '10, 1079.

Digital Library

[93]

Sarah Vieweg, Amanda Lee Hughes, Kate Starbird, and Leysia Palen. 2010. Microblogging During Two Natural Hazards Events: What Twitter May Contribute to Situational Awareness. In Proceedings of the Conference on Human Factors in Computing Systems (CHI). ACM, Atlanta, USA, 1079--1088.

Digital Library

[94]

Julián Villodre and J. Ignacio Criado. 2020. User roles for emergency management in social media: Understanding actors' behavior during the 2018 Majorca Island flash floods. Government Information Quarterly, 37, 4, 101521.

[95]

James R. Wallace, Saba Oji, and Craig Anslow. 2017. Technologies, methods, and values: Changes in empirical research at CSCW 1990 - 2015. Proceedings of the ACM on Human-Computer Interaction, 1, CSCW.

Digital Library

[96]

Michael Weatherseed. 2018. Being More Effective Through Information Sharing and Cooperation. In Cybersecurity Best Practices. Michael Bartsch and Stefanie Frey (Eds.). Springer Vieweg, Wiesbaden, 517--521.

[97]

Rodrigo Werlinger, Kasia Muldner, Kirstie Hawkey, and Konstantin Beznosov. 2010. Preparation, detection, and analysis: The diagnostic work of IT security incident response. Information Management and Computer Security, 18, 1, 26--42.

[98]

Johannes Wiik, Jose J. Gonzalez, and Klaus-Peter Kossakowski. 2006. Effectiveness of Proactive CSIRT Services. FIRST Conference, 2--11.

[99]

Volker Wulf, Markus Rohde, Volkmar Pipek, and Gunnar Stevens. 2011. Engaging with Practices: Design Case Studies as a Research Framework in CSCW. In Proceedings of the Conference on Computer Supported Cooperative Work (CSCW). ACM Press, Hangzhou, China, 505--512.

Digital Library

[100]

Himanshu Zade, Kushal Shah, Vaibhavi Rangarajan, Priyanka Kshirsagar, Muhammad Imran, and Kate Starbird. 2018. From Situational Awareness to Actionability: Towards Improving the Utility of Social Media Data for Crisis Response. Proceedings of the ACM on Human-Computer Interaction, 2, November.

Digital Library

[101]

Florian Skopik, Timea Pahi, and Maria Leitner, Eds. 2018. Cyber Situational Awareness in Public-Private-Partnerships. Springer Vieweg, Berlin

[102]

2021. German CERT Association (Deutscher CERT-Verbnd). Retrieved from: https://www.cert-verbund.de/index.html.

Cited By

Wang XTian YHuang KLiang B(2025)Practically implementing an LLM-supported collaborative vulnerability remediation process: A team-based approachComputers & Security10.1016/j.cose.2024.104113148(104113)Online publication date: Jan-2025
https://doi.org/10.1016/j.cose.2024.104113
Kaufhold MRiebe TBayer MReuter C(2024)‘We Do Not Have the Capacity to Monitor All Media’: A Design Case Study on Cyber Situational Awareness in Computer Emergency Response TeamsProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642368(1-16)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642368
Mohd Kassim SLi SArief B(2023)Understanding How National CSIRTs Evaluate Cyber Incident Response Tools and Data: Findings from Focus Group DiscussionsDigital Threats: Research and Practice10.1145/36092304:3(1-24)Online publication date: 6-Oct-2023
https://dl.acm.org/doi/10.1145/3609230
Show More Cited By

Index Terms

The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study

Index terms have been assigned to the content through auto-classification.

Recommendations

Understanding How National CSIRTs Evaluate Cyber Incident Response Tools and Data: Findings from Focus Group Discussions
National Computer Security Incident Response Teams (CSIRTs) have been established worldwide to coordinate responses to computer security incidents at the national level. While it is known that national CSIRTs routinely use different types of tools and ...
Finding community through information and communication technology in disaster response
CSCW '08: Proceedings of the 2008 ACM conference on Computer supported cooperative work

Disasters affect not only the welfare of individuals and family groups, but also the well-being of communities, and can serve as a catalyst for innovative uses of information and communication technology (ICT). In this paper, we present evidence of ICT ...
2nd Workshop on Mobile Resilience: Designing Mobile Interactive Systems for Crisis Response
MobileHCI '21: Adjunct Publication of the 23rd International Conference on Mobile Human-Computer Interaction

Information and communication technologies (ICT), including artificial intelligence, internet of things, and mobile applications, can be utilized to tackle important societal challenges, such as the ongoing COVID-19 pandemic. While they may increase ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Human-Computer Interaction

Proceedings of the ACM on Human-Computer Interaction Volume 5, Issue CSCW2

CSCW2

October 2021

5376 pages

EISSN:2573-0142

DOI:10.1145/3493286

Editor:
Jeff Nichols
Apple Inc., United States

Issue’s Table of Contents

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 October 2021

Published in PACMHCI Volume 5, Issue CSCW2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Hessian Ministry of Higher Education, Research, Science and the Arts
German Federal Ministry for Education and Research (BMBF)

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
512
Total Downloads

Downloads (Last 12 months)117
Downloads (Last 6 weeks)7

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wang XTian YHuang KLiang B(2025)Practically implementing an LLM-supported collaborative vulnerability remediation process: A team-based approachComputers & Security10.1016/j.cose.2024.104113148(104113)Online publication date: Jan-2025
https://doi.org/10.1016/j.cose.2024.104113
Kaufhold MRiebe TBayer MReuter C(2024)‘We Do Not Have the Capacity to Monitor All Media’: A Design Case Study on Cyber Situational Awareness in Computer Emergency Response TeamsProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642368(1-16)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642368
Mohd Kassim SLi SArief B(2023)Understanding How National CSIRTs Evaluate Cyber Incident Response Tools and Data: Findings from Focus Group DiscussionsDigital Threats: Research and Practice10.1145/36092304:3(1-24)Online publication date: 6-Oct-2023
https://dl.acm.org/doi/10.1145/3609230
Bayer MFrey TReuter C(2023)Multi-level fine-tuning, data augmentation, and few-shot learning for specialized cyber threat intelligenceComputers and Security10.1016/j.cose.2023.103430134:COnline publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.cose.2023.103430
Riebe TBäumler JKaufhold MReuter C(2023)Values and Value Conflicts in the Context of OSINT Technologies for Cybersecurity Incident Response: A Value Sensitive Design PerspectiveComputer Supported Cooperative Work10.1007/s10606-022-09453-433:2(205-251)Online publication date: 4-Apr-2023
https://dl.acm.org/doi/10.1007/s10606-022-09453-4
Kaufhold MReuter CLudwig T(2023)Big Data and Multi-platform Social Media Services in Disaster ManagementInternational Handbook of Disaster Research10.1007/978-981-19-8388-7_172(573-593)Online publication date: 1-Oct-2023
https://doi.org/10.1007/978-981-19-8388-7_172
Kaur MParkin SJanssen MFiebig T(2022)"I needed to solve their overwhelmness": How System Administration Work was Affected by COVID-19Proceedings of the ACM on Human-Computer Interaction10.1145/35551156:CSCW2(1-30)Online publication date: 11-Nov-2022
https://dl.acm.org/doi/10.1145/3555115
Kaufhold MReuter CLudwig T(2022)Big Data and Multi-platform Social Media Services in Disaster ManagementInternational Handbook of Disaster Research10.1007/978-981-16-8800-3_172-1(1-21)Online publication date: 17-Nov-2022
https://doi.org/10.1007/978-981-16-8800-3_172-1

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents