Security Incident Recognition and Reporting (SIRR): An Industrial Perspective

Abstract: Reports and press releases highlight that security incidents continue to plague organizations. While researchers and practitioners' alike endeavor to identify and implement realistic security solutions to prevent incidents from occurring, the ability to initially identify a security incident is paramount when researching a security incident lifecycle. Hence, this research investigates the ability of employees in a Global Fortune 500 financial organization, through internal electronic surveys, to recognize and report security incidents to pursue a more holistic security posture. The research contribution is an initial insight into security incident perceptions by employees in the financial sector as well as serving as an initial guide for future security incident recognition and reporting initiatives.