Home > Research > Publications & Outputs > Human and Organizational Issues for Resilient C...
View graph of relations

Human and Organizational Issues for Resilient Communications

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNChapter (peer-reviewed)peer-review

Published
Publication date2020
Host publicationGuide to Disaster-Resilient Communication Networks
EditorsJacek Rak, David Hutchison
Place of PublicationCham
PublisherSpringer
Pages791-807
Number of pages17
ISBN (Electronic)9783030446857
ISBN (Print)9783030446840
<mark>Original language</mark>English

Publication series

NameComputer Communications and Networks
PublisherSpringer

Abstract

Human and organizational issues are able to create both vulnerabilities and resilience to threats. In this chapter, we investigate human and organizational factors, conducted through ethnographic studies of operators and sets of interviews with staff responsible for security, reliability and quality in two different organizations, which own and operate utility networks. Ethnography is a qualitative orientation to research that emphasizes the detailed observation and interview of people in naturally occurring settings. Our findings indicate that 'human error' forms the biggest threat to cyber-security and that there is a need for Security Operational Centres to document all cyber-security accidents. Also, we conclude that it will always be insufficient to assess mental security models in terms of their technical correctness, as it is sometimes more important to know how well they represent prevailing social issues and requirements. As a practical recommendation from this work, we suggest that utility organizations engage in penetration testing and perhaps other forms of vulnerability analysis, not only to discover specific vulnerabilities but also to learn more about the mental models they use.