The hyper-connected environment of today has resulted in a substantial boost in productivity, efficiency, and system integration, but it has also raised the number of possible threats. Organizations are increasingly reliant on data and information from their interconnected systems, making them exposed to a variety of cyber attacks. Cyber threats have an impact on the continuity of their company operations, the loss of confidential information, reputational harm, and possibly the safety of their employees. Cyber attacks have become more sophisticated, raising awareness of the importance of not limiting the design of cybersecurity practices to detection and protection phases, but of considering the ability to respond, recover, and thus withstand cyber incidents as fundamental from a cyber resilience perspective. This thesis is based on four comprehensive research objectives. First, the thesis sheds light on the definitions and topics related to cyber resilience and cyber security. These analyses set the groundwork and motivate the challenges addressed in the thesis. The second part of the thesis then focuses on the need to go beyond purely technical aspects when managing cyber resilience by integrating organizational and human aspects. The debate is developing as to which is the human role in cyber socio-technical systems. Specifically, the aim is to identify new managerial and operational opportunities to raise the positive role of humans in increasing the cyber resilience of the cyber socio-technical systems in which organizations operate today. The thesis maps the human factors involved in cybersecurity, identifying under what circumstances they can be a driver or a barrier to it, helping practitioners prioritize and achieve cyber resilience goals. Second, tools that can be used as external leverage to improve human integration with cyber socio-technical systems are presented. Outsourcing strategies for cybersecurity management are discussed. In addition, a reference architecture and taxonomy for intelligent digital assistants is developed and a proactive agent to support employees in managing cybersecurity issues is tested. In sum, this thesis adds both theoretical and practical contributions to the field of cyber resilience, focusing on managerial and operational opportunities. The thesis has a publication-based structure.
Humans in cyber resilience: managerial and operational opportunities / Colabianchi, Silvia. - (2023 Jan 27).
Humans in cyber resilience: managerial and operational opportunities
COLABIANCHI, SILVIA
27/01/2023
Abstract
The hyper-connected environment of today has resulted in a substantial boost in productivity, efficiency, and system integration, but it has also raised the number of possible threats. Organizations are increasingly reliant on data and information from their interconnected systems, making them exposed to a variety of cyber attacks. Cyber threats have an impact on the continuity of their company operations, the loss of confidential information, reputational harm, and possibly the safety of their employees. Cyber attacks have become more sophisticated, raising awareness of the importance of not limiting the design of cybersecurity practices to detection and protection phases, but of considering the ability to respond, recover, and thus withstand cyber incidents as fundamental from a cyber resilience perspective. This thesis is based on four comprehensive research objectives. First, the thesis sheds light on the definitions and topics related to cyber resilience and cyber security. These analyses set the groundwork and motivate the challenges addressed in the thesis. The second part of the thesis then focuses on the need to go beyond purely technical aspects when managing cyber resilience by integrating organizational and human aspects. The debate is developing as to which is the human role in cyber socio-technical systems. Specifically, the aim is to identify new managerial and operational opportunities to raise the positive role of humans in increasing the cyber resilience of the cyber socio-technical systems in which organizations operate today. The thesis maps the human factors involved in cybersecurity, identifying under what circumstances they can be a driver or a barrier to it, helping practitioners prioritize and achieve cyber resilience goals. Second, tools that can be used as external leverage to improve human integration with cyber socio-technical systems are presented. Outsourcing strategies for cybersecurity management are discussed. In addition, a reference architecture and taxonomy for intelligent digital assistants is developed and a proactive agent to support employees in managing cybersecurity issues is tested. In sum, this thesis adds both theoretical and practical contributions to the field of cyber resilience, focusing on managerial and operational opportunities. The thesis has a publication-based structure.| File | Dimensione | Formato | |
|---|---|---|---|
|
Tesi_dottorato_Colabianchi.pdf
Open Access dal 28/01/2024
Note: HUMANS IN CYBER RESILIENCE: MANAGERIAL AND OPERATIONAL OPPORTUNITIES
Tipologia:
Tesi di dottorato
Licenza:
Creative commons
Dimensione
9.15 MB
Formato
Adobe PDF
|
9.15 MB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
