A Readiness Model for Measuring the Maturity of Cyber Security Incident Management

Hardly a week goes by without headlines about new cyber-attacks. As the sophistication of cyber-attacks constantly increases, organizations have to consider to be affected by attacks. In order to effectively and efficiently react to an incident, professional and well-organized incident management has to be in place. The major goal of this paper is to support organizations to develop and improve their cyber-security incident management. Therefore, in this work, a readiness model, covering nearly 80 topics and 500 requirements in the domain of incident management, is introduced.