Group Discussion on Learning from Digital Incidents

A group discussion with participants on their ideas about the state of art of the community in terms of policies and procedures for promoting learning from incidents

Why

Over the last three decades fields like aviation, nuclear energy, and healthcare have put in place elaborate mechanisms to learn from serious incidents and prevent their reoccurrence. We are a small team of academics trying to understand what the state of art in the case of digital incidents is. We are considering questions like: What do companies do after major IS incidents and cybersecurity breaches? What happens after the continuity team leaves the building? Is there any attempt to learn from experience? How? Does experience walk out of the firm if/when staff leave? Or is it captured and shared in some ways? How do best practices circulate in the industry? And should this be a concern for cybersecurity experts at all?

What

We hope to focus on the following themes:

• Mechanisms and processes for learning from incidents, small and big
• Knowledge sharing mechanisms in the community
• Nature and relevance of learning in cybersecurity

Outcomes

During the session: We imagine that the session will be an opportunity for participants to hear and exchange views about good and bad practices in learning from incidents and general reflect on ideas about strengthen resilience

After the session

The results of the conversation will feed into a short report on the state of art and promising directions in the strategies, processes and practices to produce organisational learning from information system and future directions that will be shared with all participants.

Register as participant

To register as participant add Group Discussion on Learning from Digital Incidents to either:

1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
2. or the participants metadata field from this git session page