Enhancing Post-Incident Activities Through Knowledge Management Models: A Systematic Literature Review
DOI:
https://doi.org/10.33022/ijcs.v13i6.4527Keywords:
englishAbstract
The current condition of Indonesia's National Computer Security Incident Response Team (Nat CSIRT) requires a knowledge management system model to support incident handling, especially in the post-incident stage to accelerate incident handling, especially in repeated incidents. To address these issues, a systematic literature review (SLR) will be conducted to propose a knowledge management model (KMM) for supporting post-incident activities. This research used SLR-PRISMA methodology that consists of 3 steps which are Identification, Screening, and Included. The 22 articles acquired from the SLR-PRISMA process from five databases. Those 22 articles used 12 KMMs and 10 indicators that are used more than once. The 10 indicators were mapped with post incident activities and their best practices based on their correlation event. Eventually 9 best practices and 5 indicators obtained to develop a proposed KMM for NAT-CSIRT to support the post incident activities. The 5 indicators which are knowledge sharing, technology, culture, information, and organizational performance can be used to propose a KM Model for the post incident activities in NAT-CSIRT.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 Ghina Fitriya, Boy Sandi Kritian Sihombing , Fatoumatta Binta Jallow , Sofian Lusa, Nadya Safitri, Dana Indra Sensuse
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.