Meeting the Global Challenges of Security Incident Response

Responding to computer security incidents has become a critical function within an information technology program of any enterprise. These incidents are threats not only to computing equipment but also to the stability of establishments, such as small to large governments or utilities serving large populations. New types of security-related incidents emerge frequently and massive activities take place across the globe to mitigate the violations of security policies or recommended security practices. In spite of the concerted efforts from many organizations, complete solutions are still lagging behind. Proactive or predictive research and planning activities are on the rise in many industrialized nations. However, they seem to fall short on coping up with an unexpected global incident before incurring a substantial damage. What can the global security-aware organizations and communities do? This paper is intended to help set the stage for a panel discussion to be chaired by the first author with the members of the IFIP WG9.6/11.7, “IT Misuse and the Law”.