论文信息 - Studying resilient cyber incident management from large-scale cyber security training

Studying resilient cyber incident management from large-scale cyber security training

The study on human contribution to cyber resilience is unexplored terrain in the field of critical infrastructure security. So far cyber resilience has been discussed as an extension of the IT security research. The current discussion is focusing on technical measures and policy preparation to mitigate cyber security risks. In this human-factor based study, the methodology to achieve high resiliency of the organization by better management is discussed. A field observation was conducted in the large-scale cyber security hands-on training at ENCS (European Network for Cyber Security, The Hague, NL) to determine management challenges that could occur in a real-world cyber incident. In this paper, the possibility to extend resilience-engineering framework to assess organization's behavior in cyber crisis management is discussed.

[1] David Woods,et al. Resilience Engineering: Concepts and Precepts , 2006 .

[2] Johan Bergström,et al. Securing Organizational Resilience in Escalating Situations Development of skills for crisis and disaster management , 2008 .