D5 reply san | Information Systems homework help
Role of End-Users in Incident Reporting of Security Issues
End-users play an important role in securing computer systems and mitigating risks once an incident occurs. End-users can identify the presence of malicious software in a computer system through observation of uncommon occurrences and incidences (Polisena et al. 2015). End-users are able to detect problems with computer systems especially where a zero-day attack occurs and intrusion detection software (IDS) and intrusion prevention software (IPS) cannot detect (Catota et al. 2018). Employees can implement emergency procedures in risk management such as running scans, deploying anti-virus software, shutting down the computer system and switching off all devices. End-users report such incidences to CSIRT teams and management for appropriate responses (Catota et al. 2018).
End-users should be encouraged to report incidents of intrusion and threats to computer systems because they are part of the risk management team. End-users can provide observational evidence on threats and can directly explain to CSIRT teams the observable effects of the threat (Catota et al. 2018). Additionally, reporting helps end-users become part of security management and are able to implement security measures to avoid further breaches.
Several factors affect reporting of incidences by end-users. Some end-users might not be aware that the system is under attack because the method of attack is new to them. Some end-users are not aware of the observable direct effects of malicious software and might not notice the attack (Polisena et al. 2015). Some end-users assume that anti-virus software will solve the problems and hence fail to report any incident. Mostly, end-users lack proper understanding of computer systems and security operations and are unaware of any threat or attack on systems and therefore, do not report any incident (Polisena et al. 2015).
· Catota, F. E., Morgan, M. G. & Sicker, D. C. (2018). Cybersecurity incident response capabilities in the Ecuadorian financial sector. Journal of Cybersecurity, 4(1): 67-74.
· Polisena, J., Gagliardi, A., Urbach, D., Clifford, T. & Fiander, M. (2015). Factors that influence the recognition, reporting and resolution of incidents related to medical devices and other healthcare technologies: A systematic review. Systematic Reviews, 4(37): 27-39.