摘要:Incident Response has become an important component of cybersecurity. The usual security measures are often powerless against new and targeted attacks, also known as IT-Security incidents. Key issues such as informaton exchange formats and sharing platforms remain on the agenda of the cybersecurity community, especially for incident responders. Incident Response actvites require additional processing of personal data, so may themselves create a privacy risk. Current developments towards Incident Response show that systems are increasingly insecure to data breaches, especially due to the massive amounts of personal data and the possibility of linking this data to personal identifiers. Therefore, the joint project ITS.Overview has set itself the goal of creating a detailed overview of IT-Security incidents in different industrial sectors that can be correlated and exchanged among companies to be able to quickly identify cyberattacks. Methods for better defence against IT attacks are being developed i n cooperation with the University of Bonn Institute for Computer Science, HiSolutions AG, Comma Soft AG and the ASW Bundesverband - Allianz fur Sicherheit in der Wirtschaft e.V. Legal support and expert opinions are provided by Prof. Dr. Franziska Boehm, Karlsruhe Institute of Technology/Leibniz Institute for Information Infrastructure https://itsec.cs.uni-bonn.de/overview/ This article aims to offer an initial assessment of data protecton measures using Incident Response management. The key problems in this context are legal and technical barriers. The main factors are the possibility of entering free text in Ticketng Systems and the legal obligations for sharing informaton under the General Data Protecton Regulaton (GDPR), as well as lack of interest and, due to trust issues, the fear of sharing information. Furthermore, the conflict between IT-Security on the one hand and informational self-determination on the other hand must be resolved by the technically and legally correct use of Incident Response.
关键词:Cyber-Security; Data Protecton; Incident Response; Ticketng System; Malware
Informaton Sharing and Threat Sharing Platorm; Data Minimisaton; Privacy by Design and
Default
