A Conceptual Framework for Building a Knowledge Base in Cybersecurity Incident Response
Article Sidebar
Main Article Content
Abstract
The long-term survival of organizations operating in a highly competitive environment, such as cybersecurity, requires an effective strategy for knowledge management (KM). This paper brings a conceptual framework for building a knowledge base (KB) that will enhance the efficiency and efficacy of Cybersecurity Incident Response (CSIR) teams through integrated KM processes: the acquisition, codification, storage, retrieval, dissemination, and utilization of knowledge. The framework provides a structured system for tackling the challenges of managing tacit and explicit knowledge in CSIR environments. Developed through a comprehensive review of literature and theoretical models, it aligns well with established principles, like the SECI model, and industry standards, such as ITIL and ISO/IEC 27001. It focuses on the triad of people, processes, and technologies to facilitate access and application of organizational knowledge. This framework will shorten incident resolution time, support decision-making, and enhance organizational learning by providing a central knowledge repository.
Abstract Views:
50 times
|
Downloaded:
0 times
Downloads
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
Adobe Inc. (2016). Incident Response Overview White Paper. https://tinyurl.com/tjd8kf7d
Ahmad, A., Bosua, R. & Scheepers, R. (2014). Protecting Organizational Competitive Advantage: A Knowledge Leakage Perspective. Computers & Security, 42, 27—39. doi: 10.1016/j.cose.2014.01.001
Ahmad, A., & Ruighaver, A. B. (2012). Organisational learning and incident response: Promoting effective learning through the incident response process. Proceedings of the 10th Australian Information Security Management Conference. https://tinyurl.com/2mmum9xk
Alavi, M., Kayworth, T. & Leidner, D. (2005). An Empirical Examination of the Influence of Organizational Culture on Knowledge Management Practices. Journal of Management Information Systems, 22(3), 191—224. doi: 10.2753/MIS0742-1222220307
Albluwi, Q. A. H. (2017). Framework for performance evaluation of computer security incident response capabilities (Doctoral dissertation, University of Rhode Island). doi: 10.23860/diss-al-harfi-albluwi-qutaiba-2017
Andrews, D., and A. de Serres (2012), “Intangible Assets, Resource Allocation and Growth: A Framework for Analysis,” OECD Economics Department Working Papers, No. 989, OECD Publishing, Paris. doi: 10.1787/5k92s63w14wb-en.
Atlassian ITSM. (2020). What is a knowledge base? Atlassian. https://www.atlassian.com/itsm/knowledge-management/what-is-a-knowledge-base
Belyh, A. (2016). How to Set Up a Center of Excellence. Cleverism. https://www.cleverism.com/how-set-up-center-excellence/
Bose, R. (2002). Customer relationship management: Key components for IT success. Industrial Management & Data Systems, 102(2), 89—97. doi: 10.1108/02635570210419636
Bowen, P., Hash, J., & Wilson, M. (2006). Information security handbook: A guide for managers (NIST Special Publication 800-100). National Institute of Standards and Technology. https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-100.pdf
Brown, J. (2019). Why a knowledge base is critical for your business. HelpJuice. https://helpjuice.com/blog/knowledge-base
Caroline, K. S., Mugun, B. T., & Loice, M. (2015). Knowledge Storage, Retrieval and Employee Performance: The Moderating Role of Employee Engagement. International Journal of Small Business and Entrepreneurship Research, 3(6), 1—13. https://tinyurl.com/4ch8adp8
CERT Coordination Center (2004). Creating and Managing Computer Security Incident Response Teams (CSIRTs). Retrieved from https://www.first.org/conference/2004/papers/t1_01.pdf
Chigada, J. (2014). The role of knowledge management in enhancing organisational performance in selected banks of South Africa (Master's thesis, University of South Africa). University of South Africa, Pretoria. https://uir.unisa.ac.za/handle/10500/14332
Cho, T., & Korte, R. (2014). Managing knowledge performance: Testing the components of a knowledge management system on organizational performance. Asia Pacific Education. doi: 10.1007/s12564-014-9333-x
Clayton, I. (2015). The Guide to the Universal Service Management Body of Knowledge. https://www.itgovernanceusa.com/files/USMBOK-Guide-Contents-Sample.pdf
Colome, M., Nunes, R. C., & de Lima Silva, L. A. (2019). Case-Based Cybersecurity Incident Resolution. Federal University of Santa Maria, 204. doi: 10.18293/SEKE2019-204
Datta, P. (2010). From knowledge codification to application: An agent perspective. Kent State University. https://www.tlainc.com/articl241.htm
Diniz, V. B., Borges, M. R. S., Gomes, J. O., & Canos, J. (2005). Knowledge management support for collaborative emergency response. Proceedings of the Ninth International Conference on Computer Supported Cooperative Work in Design, 2, 1188—1193. doi: 10.1109/CSCWD.2005.194358
Edvinsson, L. (1997). Developing intellectual capital at Skandia. Long Range Planning, 30(3), 366—373. doi: 10.1016/S0024-6301(97)90248-X
Emberey, C. L., Milton, N. R., Berends, J. P. T. J., van Tooren, M. J. L., van der Elst, S. W. G., & Vermeulen, B. (2007). Application of knowledge engineering methodologies to support engineering design application development in aerospace. Seventh AIAA Aviation Technology, Integration, and Operations Conference (ATIO). doi: 10.2514/6.2007-7708
Fong, P. S. W., & Choi, S. K. Y. (2009). The process of knowledge management in professional service firms in the construction industry: A critical assessment of theory and practice. Journal of Knowledge Management, 13(2), 110—126. doi: 10.1108/13673270910942736
Gonashvili, M. (2019). Knowledge Management for Incident Response Teams. Master’s Thesis, Masaryk University. https://is.muni.cz/th/pupg1/Knowledge_Management_For_Incident_Response_Teams.pdf
Gonzalez, R. V. D., & Martins, M. F. (2017). Knowledge management process: A theoretical-conceptual research. Gestão & Produção, 24(2), 248—265. doi: 10.1590/0104-530X0893-15
Haradhan, M. (2017). Tacit knowledge for the development of organizations. ABC Journal of Advanced Research, 6(1), 17—24. https://mpra.ub.uni-muenchen.de/id/eprint/83040
Hassan, N. A. H., Hussin, N., & Noor, M. N. M. (2017). Knowledge transfer practice in the organization. International Journal of Academic Research in Business and Social Sciences, 7(8), 750—760. doi: 10.6007/IJARBSS/v7-i8/3291
Hjørland, B. (2008). What is knowledge organization (KO)? Knowledge Organization, 35(2/3), 86–101. doi: 10.5771/0943-7444-2008-2-3-86
Hoffman, R. R., Shadbolt, N. R. Burton, A. M., and Klein, G. (1995). Eliciting knowledge from experts. A methodological analysis. Organizational Behavior and Human Decision Processes, 62(2), 129—158.
Hosseini, M.R. (2014). The Impact of People, Process, and Technology on Knowledge Management. European Journal of Business and Management, 6(28), 230—241. https://www.iiste.org/Journals/index.php/EJBM/article/view/16022
ITIL Foundation. (2019). ITIL 4 Foundation edition. Axelos. https://www.axelos.com
Jabar, M., Sidi, F., & Selamat, M. H. (2010). Tacit Knowledge Codification. Journal of Computer Science, 6(10), 1170—1176. doi: 10.3844/jcssp.2010.1170.1176
Jafari, M., Akhavan, P., Nik, M. G., & Akhtari, M. (2011). Knowledge acquisition techniques: a comprehensive review. Elixir International Journal, 34(84), 11—21.
Jassimuddin, S. (2005). An Integration of Knowledge Transfer and Knowledge Storage: An Holistic Approach. Semantic Scholar. https://api.semanticscholar.org/CorpusID:3201106
Jennex, M. & Durcikova, A. (2013). Assessing Knowledge Loss Risk. 46TH Hawaii International Conference On System Sciences, 3478—3487. doi: 10.1109/HICSS.2013.103
Jia, Y., Qi, Y., Shang, H., Jiang, R., & Li, A. (2018). A practical approach to constructing a knowledge graph for cybersecurity. Engineering, 4(1), 53–60. doi: 10.1016/j.eng.2018.01.004
Lee, S. C., Chang, S. N., Liu, C. Y., & Yang, J. (2007). The effect of knowledge protection, knowledge ambiguity, and relational capital on alliance performance. Knowledge and Process Management, 14(1). doi: 10.1002/kpm.270
Levine, S.S. & Prietula, M. (2012). How knowledge transfer impacts performance: a multilevel model of benefits and liabilities. Organization Science, 23(6), 1748—1766. doi: 10.1287/orsc.1110.0697
Kabir, N. (2013). Tacit knowledge, its Codification, and Technological Advancement. International Journal of Knowledge Management, 11(3), 235—243. https://academic-publishing.org/index.php/ejkm/article/view/993
Kayworth, T., & Leidner, D. (2003). Organizational culture as a knowledge resource. Handbook on knowledge management 1(1), 235–252. doi: 10.1007/978-3-540-24746-3_12
Kumar, A. A. (2017). Knowledge Retention: A Key Attribute in Organizational Growth. Pelagia Research Library, 8(1), 1—9. https://www.primescholars.com/articles/knowledge-retention-a-key-attribute-in-organizational-growth.pdf
Mach, M. & Owoc, M. (2001). Validation as the Integral Part of a Knowledge Management Process. Informing Science. doi: 10.28945/2399
Markus, L., Majchrzak, A. & Gasser, L (2002). A Design Theory for Systems that Support Emergent Knowledge Processes. MIS Quarterly, 26(3), 179–212. https://mari.usc.edu/wesrac/wired/bldg-7_file/Markus.pdf
Martinez, D. & Taboada, M. (2003). Knowledge Base Development. Lecture Notes in Computer Science, 2774, 1373-1380. doi: 10.1007/978-3-540-45226-3_186
Matthew, R. M. (1985). Social analysis of information production and consumption: The new challenges and tasks of Third World Countries, in: A.I. Mikhalov (Ed.), Theoretical problems of informatics: Social aspects of modern informatics, All Union Institute for Scientific and Technical Information, 1985, pp. 37–47.
Minina, N. (2013). Development of Knowledge Management Process to Enable Incident Management. Helsinki Metropolia University of Applied Sciences. https://core.ac.uk/reader/38093380
Mostert, J. C., & Snyman, M. M. M. (2007). Knowledge management framework for the development of an effective knowledge management strategy. South African Journal of Information Management, 9(2). doi: 10.4102/sajim.v9i2.25
Natek, S., & Zwilling, M. (2017). Knowledge codification – The knowledge management systems perspective. In Management challenges in a network economy: Proceedings of the MAKELEARN and TIIM International Conference 2017. https://toknowpress.net/ISBN/978-961-6914-21-5/papers/ML17-084.pdf
Nguyen, T., & Burgess, S. (2014). A case analysis for ICT for knowledge transfer in small businesses in Vietnam. International Journal of Information Management, 34(3), 416—421. doi: 10.1016/j.ijinfomgt.2014.02.009
Nonaka, I., & Takeuchi, H. (1995). The knowledge-creating company: How Japanese companies create the dynamics of innovation. Oxford University Press.
Prime Index (2019). Cybersecurity Industry Overview. https://www.primeindexes.com
Ramaiah, C. K. (2020). Measuring Knowledge Acquisition and Knowledge Creation: A Review of the Literature. Library Philosophy and Practice (e-journal). https://digitalcommons.unl.edu/cgi/viewcontent.cgi?article=8616&context=libphilprac
SANS (2020). Information Security Resources. https://www.sans.org/security-resources/
ServiceNow (January 23, 2020). Create a security incident knowledge article. https://docs.servicenow.com/bundle/orlando-security-management/page/product/security-incident-response/task/t_CrtScrIncdtKnwArt.html
Shrestha, S., Regm, B., Dotel, S., Bhattarai, D. & Adhikari, M. (2016). Creating a Knowledge Base to Enhance Knowledge Sharing: A Case Study of Computer Department at Kathmandu University. Journal of Information Technology and Software Engineering, 6, 1—5. doi: 10.4172/2165-7866.1000175
Takahashi, T. & Kadobayashi,Y. (2014). Reference Ontology for Cybersecurity Operational Information. The Computer Journal, 58(10), 2297—2312. doi: 10.1093/comjnl/bxu101
Thalmann, S. & Sarigianni, C. (2016). Knowledge Protection the Unexplored Knowledge Management Strategy. Edition Donau-Universität Krems, 141—151. https://tinyurl.com/h9dbspv2
Tulane University (2020). School of Professional Advancement, Emergency and Security Studies. https://sopa.tulane.edu/blog/four-reasons-cybersecurity-field-rapidly-growing
Turban, E., Aronson, J., Liang, T., & Sharda, R. (2007). Decision Support and Business Intelligence Systems. Eight Edition. Chapter 18: Knowledge Acquisition, Representation, and Reasoning.
Turner, J. R., Zimmerman, T., & Allen, J. (2012). Teams as a sub-process for knowledge management. Journal of Knowledge Management, 16(6), 963—977. doi: 10.1108/13673271211276227
Veryat, P. (2016). Technology, People, and Processes in Knowledge Management. https://www.heflo.com/blog/bpm/technology-people-and-processes/
Wamundila, S. & Ngulube, P. (2011). Enhancing Knowledge Retention in Higher Education: a case of the University of Zambia. South African Journal of Information Management, 13(1), 1—9. doi: 10.4102/sajim.v13i1.439
Xue, C. T. S. (2017). A Literature Review on Knowledge Management in Organizations. Research in Business and Management, 4(1). doi: 10.5296/rbm.v4i1.10786
Zaim, H. (2006). Knowledge Management Implementation in IZAGAZ. Journal of Economic and Social Research, 8(2), 1—25. https://tinyurl.com/2meun5a8