{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,30]],"date-time":"2025-12-30T08:58:01Z","timestamp":1767085081951,"version":"3.40.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031342066"},{"type":"electronic","value":"9783031342073"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-34207-3_15","type":"book-chapter","created":{"date-parts":[[2023,5,28]],"date-time":"2023-05-28T19:01:38Z","timestamp":1685300498000},"page":"230-243","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["InCReASE: A Dynamic Framework Towards Enhancing Situational Awareness in\u00a0Cyber Incident Response"],"prefix":"10.1007","author":[{"given":"Jarl","family":"Andreassen","sequence":"first","affiliation":[]},{"given":"Martin","family":"Eileraas","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6254-8720","authenticated-orcid":false,"given":"Lucia Castro","family":"Herrera","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5271-4599","authenticated-orcid":false,"given":"Nadia Saad","family":"Noori","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,5,29]]},"reference":[{"key":"15_CR1","doi-asserted-by":"publisher","first-page":"102122","DOI":"10.1016\/j.cose.2020.102122","volume":"101","author":"A Ahmad","year":"2021","unstructured":"Ahmad, A., Maynard, S.B., Desouza, K.C., Kotsias, J., Whitty, M.T., Baskerville, R.L.: How can organizations develop situation awareness for incident response: a case study of management practice. Comput. Secur. 101, 102122 (2021)","journal-title":"Comput. Secur."},{"issue":"1","key":"15_CR2","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1080\/01930826.2014.893116","volume":"54","author":"K Arlitsch","year":"2014","unstructured":"Arlitsch, K., Edelman, A.: Staying safe: cyber security for people and organizations. J. Libr. Adm. 54(1), 46\u201356 (2014)","journal-title":"J. Libr. Adm."},{"issue":"5","key":"15_CR3","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/MSP.2014.103","volume":"12","author":"S Bhatt","year":"2014","unstructured":"Bhatt, S., Manadhata, P.K., Zomlot, L.: The operational role of security information and event management systems. IEEE Secur. Priv. 12(5), 35\u201341 (2014)","journal-title":"IEEE Secur. Priv."},{"key":"15_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/978-3-540-24591-9_9","volume-title":"Information Security Applications","author":"R Bidou","year":"2004","unstructured":"Bidou, R., Bourgeois, J., Spies, F.: Towards a global security architecture for intrusion detection and reaction management. In: Chae, K.-J., Yung, M. (eds.) WISA 2003. LNCS, vol. 2908, pp. 111\u2013123. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24591-9_9"},{"issue":"7","key":"15_CR5","first-page":"432","volume":"8","author":"M Chopra","year":"2019","unstructured":"Chopra, M., Mahapatra, C.: Significance of security information and event management (SIEM) in modern organizations. Int. J. Innovative Technol. Explor. Eng. 8(7), 432\u2013435 (2019)","journal-title":"Int. J. Innovative Technol. Explor. Eng."},{"key":"15_CR6","series-title":"Advances in Information Security","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-73951-9","volume-title":"Cyber Threat Intelligence","year":"2018","unstructured":"Dehghantanha, A., Conti, M., Dargahi, T. (eds.): Cyber Threat Intelligence. AIS, vol. 70. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-73951-9"},{"unstructured":"Cresswell, J.W.: The Selection of a Research Design the Three Types of Designs (2008)","key":"15_CR7"},{"doi-asserted-by":"crossref","unstructured":"Eileraas, M., Andreassen, J.: A dynamic framework enhancing situational awareness in cybersecurity SOC-IR. Master\u2019s thesis, University of Agder (2022)","key":"15_CR8","DOI":"10.1007\/978-3-031-34207-3_15"},{"issue":"1","key":"15_CR9","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1518\/001872095779049543","volume":"37","author":"MR Endsley","year":"1995","unstructured":"Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors 37(1), 32\u201364 (1995)","journal-title":"Hum. Factors"},{"doi-asserted-by":"crossref","unstructured":"Evesti, A., Kanstren, T., Frantti, T.: Cybersecurity situational awareness taxonomy, pp. 1\u20138 (2017)","key":"15_CR10","DOI":"10.1109\/CyberSA.2017.8073386"},{"key":"15_CR11","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2014.06.008","volume":"46","author":"U Franke","year":"2014","unstructured":"Franke, U., Brynielsson, J.: Cyber situational awareness - a systematic review of the literature. Comput. Secur. 46, 18\u201331 (2014)","journal-title":"Comput. Secur."},{"unstructured":"Gartner. Managed security service provider (MSSP) (2022)","key":"15_CR12"},{"issue":"14","key":"15_CR13","doi-asserted-by":"publisher","first-page":"4759","DOI":"10.3390\/s21144759","volume":"21","author":"G Gonzalez-Granadillo","year":"2021","unstructured":"Gonzalez-Granadillo, G., Gonzalez-Zarzosa, S., Diaz, R.: Security information and event management (SIEM): analysis, trends, and usage in critical infrastructures. Sensors 21(14), 4759 (2021)","journal-title":"Sensors"},{"unstructured":"Cristin, G., et al.: A framework for cybersecurity information sharing and risk reduction. Microsoft (2015)","key":"15_CR14"},{"key":"15_CR15","first-page":"102726","volume":"58","author":"S Hasan","year":"2021","unstructured":"Hasan, S., Ali, M., Kurnia, S., Thurasamy, R.: Evaluating the cyber security readiness of organizations and its influence on performance. J. Inf. Secur. Appl. 58, 102726 (2021)","journal-title":"J. Inf. Secur. Appl."},{"unstructured":"Horneman, A.: Situational awareness for cybersecurity: an introduction. Carnegie Mellon University\u2019s Software Engineering Institute Blog, 9 September 2019","key":"15_CR16"},{"key":"15_CR17","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1080\/08850607.2016.1230701","volume":"30","author":"SE Jasper","year":"2016","unstructured":"Jasper, S.E.: US cyber threat intelligence sharing frameworks. Int. J. Intell. CounterIntell. 30, 53\u201365 (2016)","journal-title":"Int. J. Intell. CounterIntell."},{"unstructured":"Kitchenham, B., Charters, S.: Guidelines for performing systematic literature reviews in software engineering (2007)","key":"15_CR18"},{"doi-asserted-by":"crossref","unstructured":"Leszczyna, R., Wrobel, M.: Threat intelligence platform for the energy sector (2019)","key":"15_CR19","DOI":"10.1002\/spe.2705"},{"unstructured":"Mitre.org. The MITRE corporation (2022). URL: https:\/\/www.mitre.org\/","key":"15_CR20"},{"key":"15_CR21","volume-title":"Security Operations Center: Building, Operating, and Maintaining Your SOC","author":"J Muniz","year":"2015","unstructured":"Muniz, J., McIntyre, G., AlFardan, N.: Security Operations Center: Building, Operating, and Maintaining Your SOC. Cisco Press, Indianapolis (2015)"},{"unstructured":"Myers, M.D.: Qualitative research in information systems (2021)","key":"15_CR22"},{"issue":"1","key":"15_CR23","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1016\/j.infoandorg.2006.11.001","volume":"17","author":"MD Myers","year":"2007","unstructured":"Myers, M.D., Newman, M.: The qualitative interview in is research: examining the craft. Inf. Organ. 17(1), 2\u201326 (2007)","journal-title":"Inf. Organ."},{"key":"15_CR24","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2020.113476","volume":"143","author":"H Naseer","year":"2021","unstructured":"Naseer, H., Maynard, S.B., Desouza, K.C.: Demystifying analytical information processing capability: the case of cybersecurity incident response. Decis. Support Syst. 143, 113476 (2021)","journal-title":"Decis. Support Syst."},{"doi-asserted-by":"crossref","unstructured":"Nyre-Yu, M., Gutzwiller, R.S., Caldwell, B.S.: Observing cyber security incident response: qualitative themes from field research. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 63, pp. 437\u2013441 (2019)","key":"15_CR25","DOI":"10.1177\/1071181319631016"},{"issue":"2","key":"15_CR26","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1080\/08850607.2020.1780062","volume":"34","author":"K Oosthoek","year":"2021","unstructured":"Oosthoek, K., Doerr, C.: Cyber threat intelligence: a product without a process? Int. J. Intell. CounterIntell. 34(2), 300\u2013315 (2021)","journal-title":"Int. J. Intell. CounterIntell."},{"key":"15_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/978-3-319-61152-5_8","volume-title":"Theory and Models for Cyber Situation Awareness","author":"P Rajivan","year":"2017","unstructured":"Rajivan, P., Cooke, N.: Impact of team collaboration on cybersecurity situational awareness. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness. LNCS, vol. 10030, pp. 203\u2013226. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-61152-5_8"},{"doi-asserted-by":"crossref","unstructured":"Skopik, F., Settanni, G., Fiedler, R.: A problem shared is a problem halved. Comput. Secur. 60(C) (2016)","key":"15_CR28","DOI":"10.1016\/j.cose.2016.04.003"},{"unstructured":"Ursillo, S., Arnold, C.: Cybersecurity is critical for all organizations - large and small (2019)","key":"15_CR29"},{"doi-asserted-by":"crossref","unstructured":"Verizon. 2021 data breach investigations report (2022). URL: https:\/\/www.verizon.com\/business\/resources\/reports\/2021\/2021-data-breach-investigations-report.pdf","key":"15_CR30","DOI":"10.1016\/S1361-3723(21)00061-0"},{"key":"15_CR31","doi-asserted-by":"publisher","first-page":"227756","DOI":"10.1109\/ACCESS.2020.3045514","volume":"8","author":"M Vielberth","year":"2020","unstructured":"Vielberth, M., B\u00f6hm, F., Fichtinger, I., Pernul, G.: Security operations center: a systematic study and open challenges. IEEE Access 8, 227756\u2013227779 (2020)","journal-title":"IEEE Access"},{"key":"15_CR32","doi-asserted-by":"publisher","first-page":"101589","DOI":"10.1016\/j.cose.2019.101589","volume":"87","author":"TD Wagner","year":"2019","unstructured":"Wagner, T.D., Mahbub, K., Palomar, E., Abdallah, A.E.: Cyber threat intelligence sharing: survey and research directions. Comput. Secur. 87, 101589 (2019)","journal-title":"Comput. Secur."},{"unstructured":"Yin, R.K.: Design and methods. Case Study Res. (2014)","key":"15_CR33"}],"container-title":["IFIP Advances in Information and Communication Technology","Information Technology in Disaster Risk Reduction"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-34207-3_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,12,14]],"date-time":"2023-12-14T06:58:54Z","timestamp":1702537134000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-34207-3_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031342066","9783031342073"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-34207-3_15","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"29 May 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ITDRR","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Technology in Disaster Risk Reduction","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Krisitansand","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 October 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 October 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"itdrr2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/itdrr2022.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"70% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}