From Cybersecurity to Collaborative Resiliency

Sharkov, George

doi:10.1145/2994475.2994484

Cited by 24 publications

(12 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…by increasing the use of predictive analytics to enhance agility in responding to incidents; 35 • enhancing resilience and adaptiveness, e.g. through collaboration, 36 design measures such as compartmentalisation of information systems and networks, redundancy and diversification, 37 organisational agility allowing to adapt quickly to changing circumstances; 38 • preventing the realisation of cyber threats by deterrence, 39 performing active defensive functions in cyberspace, 40,41 or other measures.…”

Section: Methodsmentioning

confidence: 99%

A Logical Model for Multi-Sector Cyber Risk Management

Тагарев¹,

Pappalardo²,

Stoianov³

2020

ISIJ

View full text Add to dashboard Cite

The increasing reliance on digital infrastructures makes whole sectors of the economy and public services vulnerable to attacks through cyberspace. Some progress has been made in understanding vulnerabilities and ways of reducing cyber risk at the sub-sectoral level. While the sectoral level remains a significant challenge, this study goes beyond, also addressing cyber risk resulting from the cross-and multi-sectoral interdependencies in a consistent logical model. The paper presents the scope of this logical model, outlines the problem of risk assessment, structured around the triplet "Threats-Vulnerabilities-Impact," and the structuring of risk mitigation around types of risk reduction measures, the objective of decision-making on risk treatment, and the modalities of application. We provide examples of the implementation of the logical model, underlying the ECHO Multi-sector Assessment Framework, and conclude by emphasising the advantages the logical model and the framework provide.

show abstract

Section: Methodsmentioning

confidence: 99%

A Logical Model for Multi-Sector Cyber Risk Management

Тагарев¹,

Pappalardo²,

Stoianov³

2020

ISIJ

View full text Add to dashboard Cite

show abstract

“…Since software ecosystems involves governmental rules, relevant white papers were also identified. The identified literature body is gathered in Section 5, numbered from [18][19][20][21][22][23][24][25][26][27][28][29]…”

Section: Methodsmentioning

confidence: 99%

“…In [29] resilience and cyber security of the ecosystems is seen as a part of the maturity of governance and collaboration between industry and government. Thus, cyber resilience is seen as the next step of cyber security.…”

Section: Framing Of Safety Security and Risksmentioning

confidence: 99%

Risks, Safety and Security in the Ecosystem of Smart Cities

Johnsen¹

2018

Risk Assessment

View full text Add to dashboard Cite

We have performed a review of systemic risks in smart cities dependent on intelligent and partly autonomous transport systems. Smart cities include concepts such as smart transportation/use of autonomous transportation systems (i.e., autonomous cars, subways, shipping, drones) and improved management of infrastructure (power and water supply). At the same time, this requires safe and resilient infrastructures and need for global collaboration. One challenge is some sort of risk based regulation of emergent vulnerabilities. In this paper we focus on emergent vulnerabilities and discussion of how mitigation can be organized and structured based on emergent and known scenarios cross boundaries. We regard a smart city as a software ecosystem (SEC), defined as a dynamic evolution of systems on top of a common technological platform offering a set of software solutions and services. Software ecosystems are increasingly being used to support critical tasks and operations. As a part of our work we have performed a systematic literature review of safety, security and resilience software ecosystems, in the period 2007-2016. The perspective of software ecosystems has helped to identify and specify patterns of safety, security and resilience on a relevant abstraction level. Significant vulnerabilities and poor awareness of safety, security and resilience has been identified. Key actors that should increase their attention are vendors, regulators, insurance companies and the research community. There is a need to improve private-public partnership and to improve the learning loops between computer emergency teams, security information providers (SIP), regulators and vendors. There is a need to focus more on safety, security and resilience and to establish regulations of responsibilities on the vendors for liabilities.

show abstract

“…A recent study on organising national cybersecurity concluded that one of the main choices is whether to centralise cyber capacity in one unit or spread it across different sectors [4]. Government agencies of countries like Belgium and Bulgaria recognise in their strategies that, as cyber threats become more complex, there is a growing need to expand horizontal coordination [5] and engage with multiple stakeholders, including those from industry and academia [6]. In fact, only a few countries have the resources to develop and deploy autonomously technological and organisational solutions to counter effectively the threats from cyberspace.…”

Section: Introductionmentioning

confidence: 99%

Towards the Design of a Collaborative Cybersecurity Networked Organisation: Identification and Prioritisation of Governance Needs and Objectives

Тагарев

2020

Future Internet

View full text Add to dashboard Cite

The effective response to the proliferation and growing diversity and sophistication of cyber threats requires a broad spectrum of competencies, human, technological and financial resources that are in the powers of very few countries. The European Union is addressing this challenge through an initiative to establish one or more cybersecurity competence networks. A number of existing technologies can support collaboration in networked organisations; however, network governance remains a challenge. The study presented in this article aimed to identify and prioritise network governance issues. Towards that purpose, qualitative and quantitative methods were applied in the analysis of norms and regulations, statutory documents of existing networks, academic sources and interviews with representatives of funding organisations and potential major customers. The comprehensiveness and complementarity of these primary sources allowed to identify 33 categories of governance issues and group them in four tiers, indicative of the respective priority level. The results of the study are currently used to inform and orient the development of alternative models for governance of a cybersecurity network and a set of criteria for their evaluation. They will support informed decision-making on the most appropriate governance model of a future networked organisation, evolving from a project consortium.

show abstract

From Cybersecurity to Collaborative Resiliency

Cited by 24 publications

References 3 publications

A Logical Model for Multi-Sector Cyber Risk Management

A Logical Model for Multi-Sector Cyber Risk Management

Risks, Safety and Security in the Ecosystem of Smart Cities

Towards the Design of a Collaborative Cybersecurity Networked Organisation: Identification and Prioritisation of Governance Needs and Objectives

Contact Info

Product

Resources

About