{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,27]],"date-time":"2025-09-27T13:46:14Z","timestamp":1758980774200,"version":"3.40.3"},"publisher-location":"Cham","reference-count":42,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319999500"},{"type":"electronic","value":"9783319999517"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-99951-7_1","type":"book-chapter","created":{"date-parts":[[2018,8,25]],"date-time":"2018-08-25T15:26:07Z","timestamp":1535210767000},"page":"3-17","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["External Cybersecurity Incident Reporting for Resilience"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1748-3769","authenticated-orcid":false,"given":"Annika","family":"Andreasson","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1163-7758","authenticated-orcid":false,"given":"Nicole","family":"Fallen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,8,26]]},"reference":[{"key":"1_CR1","unstructured":"Article 29 Data Protection Working Party: Guidelines on personal data breach notification under regulation 2016\/279 (2018)"},{"key":"1_CR2","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-319-16486-1_31","volume-title":"New Contributions in Information Systems and Technologies","author":"F Bj\u00f6rck","year":"2015","unstructured":"Bj\u00f6rck, F., Henkel, M., Stirna, J., Zdravkovic, J.: Cyber resilience - fundamentals for a definition. In: Rocha, A., Correia, A., Costanzo, S., Reis, L. (eds.) New Contributions in Information Systems and Technologies. Advances in Intelligent Systems and Computing, vol. 353, pp. 311\u2013316. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-16486-1_31"},{"key":"1_CR3","unstructured":"Commission Implementing Regulation (EU) 2018\/151 of 30 January 2018. Official Journal of the European Union, L26, 48\u201351 (2018)"},{"key":"1_CR4","unstructured":"Commission Regulation (EU) No 611\/2013 of 24 June 2013. Official Journal of the European Union, L173, 2\u20138 (2013)"},{"key":"1_CR5","unstructured":"Datainspektionen: Datainspektionen 1973\u20132018. Retrieved from Datainspektionen: https:\/\/www.datainspektionen.se\/om-oss\/historik\/ (2018)"},{"key":"1_CR6","unstructured":"Directive (EU) 2016\/1148 of the European Parliament and of the Council of 6 July 2016 (NIS Directive). Official Journal of the European Union, L194, 1\u201330 (2016)"},{"key":"1_CR7","unstructured":"Directive 2002\/21\/EC of the European Parliament and of the Council of 7 March 2002. Official Journal of the European Union, L108, 33\u201350 (2002)"},{"key":"1_CR8","unstructured":"Directive 2002\/58\/EC of the European Parliament and of the Council of 12 July 2002. Official Journal of the European Union, L201, 37\u201347 (2002)"},{"key":"1_CR9","unstructured":"Directive 2009\/136\/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002\/22\/EC. Official Journal of the European Union, L337, 11\u201336 (2009)"},{"key":"1_CR10","unstructured":"Directive 2009\/140\/EC of the European Parliament and of the Council of 25 November 2009 amending Directives 2002\/21\/EC. Official Journal of the European Union, L337, 37\u201369 (2009)"},{"key":"1_CR11","unstructured":"Directive 95\/46\/EC of the European Parliament and of the Council of 24 October 1995. Official Journal of the European Union, L281, 31\u201359 (1995)"},{"key":"1_CR12","unstructured":"El Kharbili, M.: Business process regulatory compliance management solution frameworks: a comparative evaluation. In: Proceedings of the Eighth Asia-Pacific Conference on Conceptual Modelling (APCCM 2012), vol. 130, pp. 23\u201332, Melbourne (2012)"},{"key":"1_CR13","unstructured":"European Banking Authority (EBA): Guidelines compliance table (EBA\/GL\/2017\/10). European Banking Authority (2017a)"},{"key":"1_CR14","unstructured":"European Banking Authority (EBA): Guidelines on major incident reporting under Directive (EU) 2015\/2366 (PSD2) (2017b, July 27)"},{"key":"1_CR15","unstructured":"European Commission and High Representative of the European Union for Foreign Affairs and Security Policy: European cyber security strategy: an open, safe and secure cyberspace (2013)"},{"key":"1_CR16","unstructured":"European Commission: Joint communication to the European parliament, the council, the European economic and social committee and the committee of the regions: cybersecurity strategy of the European Union. European Commission, Brussels (2013)"},{"key":"1_CR17","unstructured":"Lagr\u00e5dsremiss: Brottsdatalag. Retrieved from http:\/\/www.regeringen.se\/492bb7\/contentassets\/be861421338643ccb72f10076581e9d8\/brottsdatalag.pdf (2018)"},{"key":"1_CR18","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/978-3-319-63010-6_12","volume-title":"Security Privatization: How Non-Security-Related Private Businesses Shape Security Governance","author":"MG Porcedda","year":"2018","unstructured":"Porcedda, M.G.: Regulation of data breaches in the European Union: private companies in the driver\u2019s seat of cybersecurity? In: Bures, O., Carapaccio, H. (eds.) Security Privatization: How Non-Security-Related Private Businesses Shape Security Governance, pp. 275\u2013299. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-63010-6_12"},{"key":"1_CR19","unstructured":"Proposition 2017\/18:105 Ny dataskyddslag. Stockholm (2018)"},{"key":"1_CR20","unstructured":"Proposition 2017\/18:205 Informationss\u00e4kerhet f\u00f6r samh\u00e4llsviktiga och digitala tj\u00e4nster. Stockholm (2018)"},{"key":"1_CR21","unstructured":"Proposition 2017\/18:77 Nya regler om betaltj\u00e4nster. Stockholm (2018)"},{"key":"1_CR22","unstructured":"Proposition 2017\/18:89 Ett modernt och st\u00e4rkt skydd f\u00f6r Sveriges s\u00e4kerhet - ny s\u00e4kerhetsskyddslag. Stockholm (2018)"},{"key":"1_CR23","unstructured":"PTSFS 2012:1 Post- och telestyrelsens f\u00f6reskrifter och allm\u00e4nna r\u00e5d om underr\u00e4ttelse om integritetsincidenter samt inneh\u00e5llet i f\u00f6rteckning \u00f6ver integritetsincidenter (2012)"},{"key":"1_CR24","unstructured":"PTSFS 2012:2 Post- och telestyrelsens f\u00f6reskrifter och allm\u00e4nna r\u00e5d om rapportering av st\u00f6rningar eller avbrott av betydande omfattning. Post- och telestyrelsen (2012)"},{"key":"1_CR25","unstructured":"PTSFS 2014:2 Post- och telestyrelsens f\u00f6reskrifter om upph\u00e4vande av f\u00f6reskrifter (PTSFS 2012:1) och allm\u00e4nna r\u00e5d om underr\u00e4ttelse om integritetsincidenter (2014)"},{"key":"1_CR26","unstructured":"Regeringskansliet. St\u00e4rkt skydd av informationssystem. Retrieved from Regeringskansliet: http:\/\/www.regeringen.se\/pressmeddelanden\/2018\/02\/starkt-skydd-av-informationssystem\/, 15 February 2018"},{"key":"1_CR27","unstructured":"Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation). Official Journal of the European Union, L119, 1\u201388 (2016)"},{"key":"1_CR28","unstructured":"Regulation (EU) No 1093\/2010 of the European Parliament and of the Council of 24 November 2010. Official Journal of the European Union, 24 November 2010"},{"key":"1_CR29","unstructured":"Regulation (EU) No 526\/2013 of the European Parliament and of the Council of 21 May 2013. Official Journal of the European Union, L165, 41\u201358 (2013)"},{"key":"1_CR30","unstructured":"Regulation (EU) No 910\/2014 of the European Parliament and of the Council of 23 July 2014 (eIDAS). Official Journal of the European Union, L257, 73\u2013114 (2014)"},{"key":"1_CR31","unstructured":"SFS 1973:289 Datalag. Svensk F\u00f6rfattningssamling. Justitiedepartementet, Stockholm (1973)"},{"key":"1_CR32","unstructured":"SFS 1996:627 S\u00e4kerhetsskyddslag. Svensk F\u00f6rfattningssamling. Justitiedepartementet, Stockholm (1996)"},{"key":"1_CR33","unstructured":"SFS 1996:633 S\u00e4kerhetsskyddsf\u00f6rordning. Svensk F\u00f6rfattningssamling. Justitiedepartementet, Stockholm (1996)"},{"key":"1_CR34","unstructured":"SFS 1998:204 Personuppgiftslag. Svensk F\u00f6rfattningssamling. Justitiedepartementet, Stockholm (1998)"},{"key":"1_CR35","unstructured":"SFS 2003:389 Lag om elektronisk kommunikation. Svensk F\u00f6rfattningssamling. N\u00e4ringsdepartementet, Stockholm (2003)"},{"key":"1_CR36","unstructured":"SFS 2003:396 F\u00f6rordning om elektronisk kommunikation. Svensk F\u00f6rfattningssamling. N\u00e4ringsdepartementet, Stockholm (2003)"},{"key":"1_CR37","unstructured":"SFS 2008:1002 F\u00f6rordning med instruktion f\u00f6r Myndigheten f\u00f6r samh\u00e4llsskydd och beredskap. Svensk F\u00f6rfattningssamling. Justitiedepartementet, Stockholm (2008)"},{"key":"1_CR38","unstructured":"SFS 2015:1052 F\u00f6rordning om krisberedskap och bevakningsansvariga myndigheters \u00e5tg\u00e4rder vid h\u00f6jd beredskap. Svensk F\u00f6rfattningssamling. Justitiedepartementet, Stockholm (2015)"},{"key":"1_CR39","unstructured":"SFS 2018:218 Lag med kompletterande best\u00e4mmelser till EU:s dataskyddsf\u00f6rordning, 24 April 2018"},{"key":"1_CR40","unstructured":"SOSFS 2008:1 F\u00f6reskrifter om anv\u00e4ndning av medicintekniska produkter i h\u00e4lso- och sjukv\u00e5rden. Socialstyrelsens f\u00f6rfattningssamling. Socialstyrelsen, Stockholm (2008)"},{"key":"1_CR41","unstructured":"Splittgerber, A., Schonhofen, S.: Pre-Christmas Update on the ePrivacy Regulation. Retrieved from Technology Law Dispatch: https:\/\/www.technologylawdispatch.com\/2017\/12\/privacy-data-protection\/pre-christmas-update-on-the-eprivacy-regulation\/, 13 December 2017"},{"issue":"3","key":"1_CR42","first-page":"783","volume":"50","author":"WG Voss","year":"2018","unstructured":"Voss, W.G.: Internal compliance mechanisms for firms in the EU General Data Protection Regulation. Revue juridique Th\u00e9mis de l\u2019Universit\u00e9 de Montr\u00e9al 50(3), 783\u2013820 (2018)","journal-title":"Revue juridique Th\u00e9mis de l\u2019Universit\u00e9 de Montr\u00e9al"}],"container-title":["Lecture Notes in Business Information Processing","Perspectives in Business Informatics Research"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-99951-7_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T17:39:42Z","timestamp":1710351582000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-99951-7_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319999500","9783319999517"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-99951-7_1","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"type":"print","value":"1865-1348"},{"type":"electronic","value":"1865-1356"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"26 August 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"BIR","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Business Informatics Research","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Stockholm","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sweden","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 September 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"bir2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/bir2018.dsv.su.se\/welcome-to-bir-2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"50","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"17","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2,8","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}