ABSTRACT

This chapter examines the concept of escalation decision making. Decision making of this kind is prevalent in cyber security incident response teams (CSIRTs) but is also relevant in a variety of other organizational settings. Curiously, however, the academic literature has not paid particular attention to this decision-making structure. This chapter therefore aims to explain escalation decision making and to suggest an agenda for future basic research in the area.