ПРОЦЕС УПРАВЛІННЯ КІБЕРІНЦИДЕНТАМИ ЯК НЕОБХІДНИЙ ЕТАП В ОРГАНІЗАЦІЇ КІБЕРБЕЗПЕКИ ПІДПРИЄМСТВА

Anastasiia  Vavilenkova

THE CYBERINCIDENT MANAGEMENT PROCESS AS A NECESSARY STAGE IN THE ORGANISATION OF ENTERPRISE CYBERSECURITY

Authors

Anastasiia Vavilenkova National Academy of Security Service of Ukraine, Ukraine https://orcid.org/0000-0002-9630-4951

Abstract

The article explores the main steps of the cyberincident management process, analyses the features of their organisation, and defines the role of cyberincident management within the overall cybersecurity framework of enterprises. This allows for the proper identification of priorities when developing an incident response and management plan to reduce system recovery time.

Each stage of the cyberincident management process is detailed, focusing on deliberate or accidental events that pose a threat to the security of information systems or networks and can lead to a disruption of their normal operation.

The cyberincident management process, which is an integral part of the overall cybersecurity strategy for enterprises, is viewed as a system involving detection, analysis, response, and mitigation of the consequences of destructive events. The first stage of the cyberincident management process is event detection, where certain situations are identified that could disrupt the organisation’s regular activities. The second stage involves sorting and analysing events, i.e., classifying potential cyberincident and determining their priority for resolution. The third stage is response and recovery, which includes responding to the incident, limiting its impact, and minimising the damage caused by its occurrence. The fourth stage is improvement, which focuses on restoring normal system operations after the cyberincident has been localised and neutralised. Thus, the cyberincident management process is an essential component of the organisation’s cybersecurity framework.

The conclusion is drawn that to ensure effective cybersecurity, enterprises must systematically implement risk assessment, development of security policies and procedures, use of modern technologies to protect information systems, staff training, and the creation of a cyberincident management plan.

Key words: event detection, cybersecurity, cyber incident, cyber threat, cyber incident response, cyber incident management.

Downloads

PDF (Українська)

Published

2025-09-30

How to Cite

Vavilenkova, A. (2025). THE CYBERINCIDENT MANAGEMENT PROCESS AS A NECESSARY STAGE IN THE ORGANISATION OF ENTERPRISE CYBERSECURITY . Information Security of the Person, Society and State, 1(1 (38), 64–71. Retrieved from https://journals.uran.ua/ispss/article/view/340022

Download Citation

Issue

Vol. 1 No. 1 (38) (2025): Information Security of the Person, Society and the State

Section

FORMS, METHODS AND MEANS OF DETECTING, ASSESSING AND ANTICIPATING INFORMATION SECURITY THREATS TO UKRAINE

License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).