The present master's thesis addresses the urgency of implementing Incident Response Planning in companies and the potential dangers that could lead to failures in IT or OT infrastructure. These dangers include not only unplanned operational disruptions, which can reduce service quality, but also security vulnerabilities in the IT network that could jeopardize data protection. The absence of a well-developed contingency plan thus entails significant risks, including the impairment of business profitability and, in the worst case, insolvency. The thesis aims to develop a framework for an Incident Response Plan in collaboration with selected companies, particularly Schachinger Logistik GmbH. Schachinger Logistik GmbH serves as a practical example to ensure the feasibility and implementability of the framework. The master's thesis integrates comprehensive inputs and feedback gathered through a questionnaire involving internal departments, external experts, and selected companies with supply chains. This framework's development takes place in close cooperation with the IT security department and the operational management of Schachinger Logistik GmbH. The master's thesis is intended to serve as a foundation and guide for creating and implementing a tailored Incident Response Plan in small and medium-sized enterprises (SMEs) with functioning supply chains. The framework's validation will be carried out by external cybersecurity experts, who will contribute their extensive expertise in the field of Incident Response. Once the framework is completed, it will serve as a tool for managing potential IT and/or OT failures in SMEs. The thesis culminates in the development of a practical guide, although the concrete implementation of Incident Response Planning at Schachinger Logistik GmbH is aspired to but not part of this master's thesis. The objective of the thesis is to strengthen companies' resilience to IT and OT failures and to make a significant contribution to security and efficiency in the supply chain, as well as to provide a general direction for the approach to introducing Incident Response Planning.
| Date of Award | 2024 |
|---|
| Original language | German (Austria) |
|---|
| Supervisor | Florian Krenn (Supervisor) |
|---|
Aufbau eines Incident Response Frameworks für KMUs, unter Berücksichtigung von Supply Chain Aspekten
Strassl, S. A. (Author). 2024
Student thesis: Master's Thesis