|1. Responsive actions are actions taken in reaction to an event.
2. Taking responsive action means looking into the patterning of those prevailing conditions in organisations more deeply. It means actively searching for new data about what’s changing (and that’s likely to be ‘small data’), and making the most of weak signals. It means interrogating that data to highlight potential issues and opportunities in what’s emerging. And it means choosing your responses into those patterns, based on that systematic learning about what’s changing.
Source: (space for learning, 2014)
3. Instead of focusing on traditional preventive measures – which direct the awareness efforts on what constitutes a phishing email, and getting users to refrain from clicking on the link – a responsive approach extends the awareness scope to ensure that the notification process is also well established and understood by the users.
Source: (Meng Chow, 2015)
4. The theory suggests a more responsive approach to security, whereby to effectively manage the challenges in information security, practitioners need to be reflective in their practices and organizations need to focus on gaining visibility of risk, and constantly be prepared for critical re-alignment when the security (or risk) posture of the organization’s cyber environment changes.
Source: (Meng Chow, 2014)