| This dissertation investigates managerial and strategic aspects of InfoSec incident preparation and response. This dissertation is presented in four chapters:;• Chapter 1: an introduction.;• Chapter 2: a systematic literature review.;• Chapter 3: two field-based case studies of InfoSec incident response processes.;• Chapter 4: a repertory grid study identifying characteristics of effective individual incident responders.;Together these chapters demonstrate that the lenses of the Resource Based View, Theory of Complementary Resources, and Accounting Control Theory, can be combined to classify and analyze the resources organizations use during incident response. I find that incident response is maturing as a discipline and organizations rely on both defined procedures and improvisation when incidents occur. Most importantly there is no "one size fits all" approach to incident response. Incident responder characteristics include general skills (good communicators and problem solvers) and character attributes (such as an interest in "doing the right thing").Then combination of characteristics that make an individual successful in a particular incident response role is affected by other resources available to support InfoSec incident response. |
