Aim/Purpose: This research study aimed to explore ecommerce fraud practitioners’ experiences and develop a grounded theory framework to help define an ecommerce fraud incident response process, roles and responsibilities, systems, stakeholders, and types of incidents. Background: With a surge in global ecommerce, online transactions have become increasingly fraudulent, complex, and borderless. There are undefined ecommerce fraud roles, responsibilities, processes, and systems that limit and hinder cyber incident response to fraudulent activities. Methodology: A constructivist grounded theory approach was used to investigate and develop a theoretical foundation of ecommerce fraud incident response based on fraud practitioners’ experiences and job descriptions. The study sample consisted of 8 interviews with ecommerce fraud experts. Contribution: This research contributes to the body of knowledge by helping define a novel framework that outlines an ecommerce fraud incident response process, roles and responsibilities, systems, stakeholders, and incident types. Findings: An ecommerce fraud incident response framework was developed from fraud experts’ perspectives. The framework helps define processes, roles, responsibilities, systems, incidents, and stakeholders. The first finding defined the ecommerce fraud incident response process. The process includes planning, identification, analysis, response, and improvement. The second finding was that the fraud incident response model did not include the containment phase. The next finding was that common roles and responsibilities included fraud prevention analysis, tool development, reporting, leadership, and collaboration. The fourth finding described practitioners utilizing hybrid tools and systems for fraud prevention and detection. The fifth finding was the identification of internal and external stakeholders for communication, collaboration, and information sharing. The sixth finding is that research participants experienced different organizational alignments. The seventh key finding was stakeholders do not have a holistic view of the data and information to make some connections about fraudulent behavior. The last finding was participants experienced complex fraud incidents. Recommendations for Practitioners: It is recommended to adopt the ecommerce fraud response framework to help ecommerce fraud and security professionals develop an awareness of cyber fraud activities and/or help mitigate cyber fraud activities. Future Research: Future research could entail conducting a quantitative analysis by surveying the industry on the different components such as processes, systems, and responsibilities of the ecommerce fraud incident response framework. Other areas to explore and evaluate are maturity models and organizational alignment, collaboration, information sharing, and stakeholders. Lastly, further research can be pursued on the nuances of ecommerce fraud incidents using frameworks such as attack graph generation, crime scripts, and attack trees to develop ecommerce fraud response playbooks, plans, and metrics.

This integration enables users to move seamlessly from incident response to investigation from within a single interface.

The partnership enables the companies to offer an embedded, end-to-end solution that allows GSOC operators monitoring disparate sites to generate a security response through RSPNDR with the click of a button.

Resolution 58 - (Rev. Geneva, 2022) - Encouraging the creation of national computer incident response teams, particularly for developing countries

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more

Cybersecurity firm Cynet today announced the launch of a first of its kind challenge to enable Incident Response professionals to test their skills with 25 forensic challenges that were built by top researchers and analysts. The challenge is available on https://incident-response-challenge.com/ and is open to anyone willing to test his or her investigation skills, between April 21st and May

In part 1 of this 3-part blog series, we’ll delve into Cyber Incident Response Planning and how to address and manage the repercussions of a cyberattack or incident.