Research Article
Human-centered strategies for cyber-physical systems security
@ARTICLE{10.4108/eai.15-5-2018.154773, author={E.N. Ceesay and K. Myers and P.A. Watters}, title={Human-centered strategies for cyber-physical systems security}, journal={EAI Endorsed Transactions on Security and Safety}, volume={4}, number={14}, publisher={EAI}, journal_a={SESA}, year={2018}, month={5}, keywords={Sociotechnical systems; human factors; cyber security.}, doi={10.4108/eai.15-5-2018.154773} }- E.N. Ceesay
K. Myers
P.A. Watters
Year: 2018
Human-centered strategies for cyber-physical systems security
SESA
EAI
DOI: 10.4108/eai.15-5-2018.154773
Abstract
Human error contributes to information system losses. Exposure to significant risk will continue and is not effectively addressed with conventional training. Broader strategy that addresses the social system is recommended. Such strategies have been successfully developed in industrial settings to deal with workplace hazards that are functionally similar to cyber loss. Four of these strategies are reviewed and found to be relevant to the needs of the IT-enabled organization in mitigating cyber security risks. These strategies are not consistent with each other or uniformly applicable, however, and would need to be adapted to contemporary knowledge work settings and used cautiously. Long-term institutionalization and development of organizational practices pose further challenges. While a holistic, sociotechnical systems (STS) approach to cyber security requires significant effort, IT-enabled organizations, as industrial organizations before them, will realize the effort is justified.
Copyright © 2018 Ebrima Ceesay et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution licence (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.