The Impact of Business Analytics in Information Security Risk Management

Abstract

The organizations protect information resources and maintain competitive advantage by using risk driven and controlled centered security management systems. These systems are very useful in the prevention of threats that exploit common vulnerabilities. To react against attacks that are volatile, developing and complex for example Advanced Persistent Threats, they are not very effective. These dynamic and complex threats require a timely, agile, and sophisticated response capability to gather, integrate and analyze data to perform operational and strategic security operations. The modern organizations use Real Time Analytics as unique Business Analytics Capability that help them in gathering, combining, and analyzing business incidents efficiently. The capability of Real Time analytics to response important business information has achieved a lot of consideration in the existing literature. However, inadequate research has been done on how enterprises enhance agility in Incident Response process. That research presents the research gap as mentioned above by exploring the research question: How does use of real-time analytics in the incident response process improve enterprise cybersecurity performance? To better understand how enterprises utilize real time analytics capabilities to infuse agile characteristics in their incident response process, this research gathered qualitative data from twenty experts’ interviews and used data comparison process that employs simultaneous exploration and analysis. The results informed a theoretical framework that enlightens how organizations enable agile features of swiftness, innovation, and flexibility in incident response process using salient characteristics of Real-time analytics such as complex event processing, decision automation, and continuous and on-demand data analysis. The incident response dynamic strategies collectively real-time analytics capabilities with help enterprises to identify and respond to cyber security incidents as-they-occur, which in turn, improve the overall organization security performance and gives both economic and strategic advantages. The descriptions related to the proposed theoretical framework make contribution in the existin literature of business analytics, agility in business operations and incident response strategies. The findings of this study give a valuable guidance for future research on how agile characteristics are enhanced and developed in the incident response process.