Enhancing Post-Incident Activities Through Knowledge Management Models: A Systematic Literature Review

Authors

  • Ghina Fitriya University of Indonesia https://orcid.org/0009-0003-0392-7135
  • Boy Sandi Kritian Sihombing Universitas Indonesia
  • Fatoumatta Binta Jallow
  • Sofian Lusa Universitas Indonesia
  • Nadya Safitri Universitas Indonesia
  • Dana Indra Sensuse Universitas Indonesia

DOI:

https://doi.org/10.33022/ijcs.v13i6.4527

Keywords:

english

Abstract

The current condition of Indonesia's National Computer Security Incident Response Team (Nat CSIRT) requires a knowledge management system model to support incident handling, especially in the post-incident stage to accelerate incident handling, especially in repeated incidents. To address these issues, a systematic literature review (SLR) will be conducted to propose a knowledge management model (KMM) for supporting post-incident activities. This research used SLR-PRISMA methodology that consists of 3 steps which are Identification, Screening, and Included. The 22 articles acquired from the SLR-PRISMA process from five databases. Those 22 articles used 12 KMMs and 10 indicators that are used more than once. The 10 indicators were mapped with post incident activities and their best practices based on their correlation event. Eventually 9 best practices and 5 indicators obtained to develop a proposed KMM for NAT-CSIRT to support the post incident activities. The 5 indicators which are knowledge sharing, technology, culture, information, and organizational performance can be used to propose a KM Model for the post incident activities in NAT-CSIRT.

Downloads

Published

30-12-2024