Redirigiendo al acceso original de articulo en 15 segundos...
ARTÍCULO
TITULO

Deriving Cyber Security Risks from Human and Organizational Factors ? A Socio-technical Approach

Thomas Richard McEvoy    
Stewart James Kowalski    

Resumen

Cyber security risks are socio-technical in nature. They result not just from technical vulnerabilities but also, more fundamentally, from the degradation of working practices over time ? which move an organization across the boundary of secure practice to a place where attacks will not only succeed, but also have a significantly greater impact on the organization. Yet current risk analysis and management methodologies are not designed to detect these kinds of systemic risks. We present an approach, devised in the field, to deriving these risks ? using a qualitative research methodology, akin to grounded theory, but based on preset coding descriptors. This allows organizational and individual behavior identified during interviews, observations or document research to be thematically analyzed, collated and mapped to potential risks, linked to poor working practices. The resulting risk factors can be linked together forming ?risk narratives?, showing how the degradation of working practices in one part of the organization can contribute to undermining its ability to respond to cyber security threats in another part of the organization.

 Artículos similares

       
 
Gulsum Alicioglu and Bo Sun    
Deep learning (DL) models have achieved state-of-the-art performance in many domains. The interpretation of their working mechanisms and decision-making process is essential because of their complex structure and black-box nature, especially for sensitiv... ver más
Revista: AI

 
Jiabao Li, Lichi An, Yabing Cheng and Haoxiang Wang    
To improve the noise comfort of the whole machine, it is necessary to establish the sound quality prediction model of the Hy-Vo chain transmission system. Compared with the silent chain transmission system, the Hy-Vo chain transmission system normally op... ver más
Revista: Applied Sciences

 
Samreen Mahmood, Mehmood Chadhar and Selena Firmin    
Purpose: The purpose of this research paper was to analyse the counterstrategies to mitigate cybersecurity challenges using organisational learning loops amidst major crises in the Higher Education and Research Sector (HERS). The authors proposed the lea... ver más
Revista: Information

 
Xiu Xiao, Xiaoqing Xu, Zhe Wang, Chenxi Liu and Ying He    
Cold energy recovery in LNG-powered vessels can not only improve the utilization efficiency of energy, but also benefit environmental protection. This paper put forward a new cascade scheme for utilizing flue gas waste heat and LNG cold energy comprehens... ver más

 
Fulin Jiang, Lin Li, Yiming Tang, Hailong Zhang and Xiaoping Liu    
The layout of facilities in a logistics scenario involves not only the working facilities responsible for processing materials but also the transport lines responsible for transporting materials. The traditional facility layout methods do not take into a... ver más
Revista: Applied Sciences