Return to search

Case study: testing Wahlgren’s escalation maturity model within public sector organisations in Sweden : Studying model support for operators of essential services in meeting NIS directive requirements for incident escalation

Critical infrastructures are vital services, and attacks on such systems affect people's social and economic well-being. Therefore, operators of such services must have appropriate measures in place to handle IT-related incidents. However, reports show that organisations classified as Operators of Essential Services (OES) do not have appropriate measures to handle IT-related incidents. A case study approach is used in this study to test the usability and the applicability of Wahlgren's Escalation Maturity Model level within various public sector organisations in Sweden regarding their escalation and communication of IT-related incidents. A follow-up semi-structured interview is also conducted with employees at the technical level to determine if the current organisation's maturity level shortcomings are known across different organisational levels. The tool's maturity level scaling attributes are difficult to understand because all organisations in this study achieve the same level of maturity, even though there is a wide range of performance regarding the number of questions answered in the affirmative. The data output generated from the testing of the model can assist organisations in improving their incident escalation activities. However, the lack of precision of the model makes it challenging to apply in the public sector. The results reveal that all the five organisations obtained an escalation maturity level of zero (0), non-existent, regarding escalation of IT-related incidents. As a result, with the current model, the participating organisations will have a difficult task complying with the NIS Directive's security and notification requirements.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:his-20202
Date January 2021
CreatorsFerguson, Isaac Yaw
PublisherHögskolan i Skövde, Institutionen för informationsteknologi
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0018 seconds