Human factor security: evaluating the cybersecurity capacity of the industrial workforce

Ani, Uchenna; He, Hongmei; Tiwari, Ashutosh

doi:10.1108/jsit-02-2018-0028

Cited by 61 publications

(54 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Education and training are one of the most essential principles of TPM that ensures that the employees and staff involved with the TPM have the proper knowledge and skills to have a successful deployment of TPM. This principle must get more serious attention since manufacturing systems often lack qualified employees regarding the skill and knowledge for cybersecurity incorporation with the production system [17,18]. Training current and future TPM employees including operators, maintenance staff, and managers on the potential threats of cybersecurity plays a key role in having a successful TPM implementation for smart manufacturing systems [19].…”

Section: Education and Trainingmentioning

confidence: 99%

“…As can be seen from in this table while some of the pillars have received more attention from the research community others such as focused improvement and development management pillars demonstrate opportunities for researches. Less computer savvy operators [10][11][12]18] Focused improvement Consideration of losses regarding cyber-physical security [13] Planned maintenance Planning effective PM to prevent and mitigate cyber-physical attacks [14][15][16] Quality maintenance Detecting a quality issue regarding cyber-physical attacks and the ability to analyze its source [29][30][31] Education and training Improving cybersecurity skills and awareness of operators, maintenance staff, and management [17][18][19] Safety, health, and environment…”

Section: Early/equipment Managementmentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity Concerns for Total Productive Maintenance in Smart Manufacturing Systems

Zarreh¹,

Wan²,

Lee³

et al. 2019

Preprint

View full text Add to dashboard Cite

Maintenance is the core function to keep a system running and avoid failure. Total Productive Maintenance (TPM) has broadly utilized maintenance strategy to improve the customer's satisfaction and hence obtain a competitive advancement. However, the complexity of smart manufacturing systems due to the recent advancements, specifically the integration of internet and network systems with traditional manufacturing platforms, has made this function more challenging. The focus of this paper is to explain how cybersecurity could impact the TPM by affecting the overall equipment effectiveness (OEE) in a smart manufacturing system by providing a structured literature survey. First, it provides concerns on principle of TPM regarding cybersecurity in smart manufacturing systems. Then, it highlights the effect of a variety of cyber-physical threats on OEE, as a main key performance indicator of TPM and how differently they can reduce OEE. The countermeasures that could be considered to compensate for the negative impact of a cybersecurity threat on the overall effectiveness of the system also will be discussed. Finally, research gaps and challenges are identified to improve overall equipment effectiveness (OEE) in presence of cybersecurity threats in critical manufacturing industries.

show abstract

Section: Education and Trainingmentioning

confidence: 99%

Section: Early/equipment Managementmentioning

confidence: 99%

Cybersecurity Concerns for Total Productive Maintenance in Smart Manufacturing Systems

Zarreh¹,

Wan²,

Lee³

et al. 2019

Preprint

View full text Add to dashboard Cite

show abstract

“…Second, the employment of individuals with low levels of skill makes SEs open to social engineering attacks (Bullee, Montoya, Pieters, Junger and Hartelk, 2018). It may also result in the improper use of data and information technologies, for example, through unintentional disclosure of sensitive data, or the use of information systems in a manner that circumvents policy or security measures (Ani, He and Tiwari, 2019).…”

Section: Introductionmentioning

confidence: 99%

“…He and Tiwari, 2019). In many instances, the 'IT skills' that are possessed by individuals are limited to personal or 'domestic' experience of IT.…”

mentioning

confidence: 99%

Antecedents of Cybersecurity Implementation: A Study of the Cyber-Preparedness of U.K. Social Enterprises

White

Allen

Samuel

et al. 2022

IEEE Trans. Eng. Manage.

View full text Add to dashboard Cite

The cyber-security of organisations is a subject of perennial concern as they are subject to mounting threats in an increasingly digitalised world. While commercial and charitable organizations have been the objects of cyber security research, Social Enterprises have remained unexplored. As Social Enterprises have become increasingly important features of social and economic development, so their prominence as potential targets of cybercrime also increases. In order to address this knowledge gap, this study examines the factors that influence the cyberpreparedness of Social Enterprises in the UK. Through the use of semi-structured interviews with Social Enterprise, these factors are found to comprise the characteristics of the enterprise, the characteristics of the enterprise management, resource constraints, experience of cyber attacks, usage of IT, and awareness of cybersecurity schemes and resources. These insights provide valuable guidance for SE owner-managers, SE support agencies and policy-makers when considering the cyber security of SEs. These findings are of immediate concern to social enterprises but also to other organizations that are engaged in partnerships with them as social enterprises may afford 'gateway' opportunities to those with malicious intent. Managerial Relevance Social Enterprises are institutions that balance the competing needs of commercial success and the primary objective of delivering social value. The management of cyber security places a further demand upon these resource-constrained organizations, and upon the capacity of individual owner-managers. However, the nature of these enterprises suggests that they present unique opportunities to cyber criminals: their association with vulnerable individuals, use of volunteer resources and links with government systems, and rising visibility among the

show abstract

“…According to Patel [8], one of the top cyber threats is phishing scams. Other threats are: ransomware attacks (like WannaCry), system vulnerability due to unchecked gaps (nearly 50% of alerts and logs are never investigated), new threats and dangers from and to AI (Artificial Intelligence) powered systems, and human weaknesses [9][10][11][12]. In 2018, HelpSystems [13] surveyed more than 600 IT and cybersecurity professionals to determine the main cybersecurity risks and mitigation strategies.…”

Section: Introductionmentioning

confidence: 99%

Railway Defender Kill Chain to Predict and Detect Cyber-Attacks

Kour

Thaduri

Karim

2020

JCSANDM

View full text Add to dashboard Cite

Most organizations focus on intrusion prevention technologies, with less emphasis on prediction and detection. This research looks at prediction and detection in the railway industry. It uses an extended cyber kill chain (CKC) model and an industrial control system (ICS) cyber kill chain for detection and proposes predictive technologies that will help railway organizations predict and recover from cyber-attacks. The extended CKC model consists of both internal and external cyber kill chain; breaking the chain at an early stage will help the defender stop the adversary’s malicious actions. This research incorporates an OSA (open system architecture) for railways with the railway cybersecurity OSA-CBM (open system architecture for condition-based maintenance) architecture. The railway cybersecurity OSACBM architecture consists of eight layers; cybersecurity information moves from the initial level of data acquisition to data processing, data analysis, incident detection, incident assessment, incident prognostics, decision support, and visualization. The main objective of the research is to predict, prevent, detect, and respond to cyber-attacks early in the CKC by using defensive controls called the Railway Defender Kill Chain (RDKC). The contributions of the research are as follows. First, it adapts and modifies the railway cybersecurity OSA-CBM architecture for railways. Second, it adapts the cyber kill chain model for the railway. Third, it introduces the Railway Defender Kill Chain. Fourth, it presents examples of cyber-attack scenarios in the railway system.

show abstract

Human factor security: evaluating the cybersecurity capacity of the industrial workforce

Cited by 61 publications

References 37 publications

Cybersecurity Concerns for Total Productive Maintenance in Smart Manufacturing Systems

Cybersecurity Concerns for Total Productive Maintenance in Smart Manufacturing Systems

Antecedents of Cybersecurity Implementation: A Study of the Cyber-Preparedness of U.K. Social Enterprises

Railway Defender Kill Chain to Predict and Detect Cyber-Attacks

Contact Info

Product

Resources

About