Making cyber security more resilient: adding social considerations to technological fixes

IF 2.4 4区 管理学 Q1 SOCIAL SCIENCES, INTERDISCIPLINARY Journal of Risk Research Pub Date : 2023-05-08 DOI:10.1080/13669877.2023.2208146
Myriam Dunn Cavelty, Christine Eriksen, Benjamin Scharte
{"title":"Making cyber security more resilient: adding social considerations to technological fixes","authors":"Myriam Dunn Cavelty, Christine Eriksen, Benjamin Scharte","doi":"10.1080/13669877.2023.2208146","DOIUrl":null,"url":null,"abstract":"Abstract How can a focus on socio-technical vulnerability and uncertainty make cyber security more resilient? In this article, we provide a conceptual discussion of how to increase cyber resilience. First, we show how cyber security and resilience thinking co-evolved through their connection to critical infrastructures, and how the ensuing dominant technical focus inevitably always falls short due to the diverse societal values that underpin their critical social functions. We argue that a sole focus on aggregate systems neglects the important differences in how cyber threats are experienced and dealt with by individuals. Second, we draw on insights from social resilience and disaster management literature to establish a better link between individuals and cyber systems. We focus on two key aspects of cyber security that highlight its social nature: vulnerability and uncertainty. Instead of thinking of cyber security as a “technical problem + humans,” we suggest cyber security should be conceptualized as a “social problem + technology.” We conclude by highlighting three ways forward for researchers, policymakers, and practitioners: interdisciplinary research, public debate about a set of normative questions, and the need for an uncertainty discourse in politics and policymaking.","PeriodicalId":16975,"journal":{"name":"Journal of Risk Research","volume":"26 1","pages":"801 - 814"},"PeriodicalIF":2.4000,"publicationDate":"2023-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Risk Research","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1080/13669877.2023.2208146","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
引用次数: 2

Abstract

Abstract How can a focus on socio-technical vulnerability and uncertainty make cyber security more resilient? In this article, we provide a conceptual discussion of how to increase cyber resilience. First, we show how cyber security and resilience thinking co-evolved through their connection to critical infrastructures, and how the ensuing dominant technical focus inevitably always falls short due to the diverse societal values that underpin their critical social functions. We argue that a sole focus on aggregate systems neglects the important differences in how cyber threats are experienced and dealt with by individuals. Second, we draw on insights from social resilience and disaster management literature to establish a better link between individuals and cyber systems. We focus on two key aspects of cyber security that highlight its social nature: vulnerability and uncertainty. Instead of thinking of cyber security as a “technical problem + humans,” we suggest cyber security should be conceptualized as a “social problem + technology.” We conclude by highlighting three ways forward for researchers, policymakers, and practitioners: interdisciplinary research, public debate about a set of normative questions, and the need for an uncertainty discourse in politics and policymaking.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
让网络安全更有弹性:在技术修复中加入社会因素
摘要关注社会技术脆弱性和不确定性如何使网络安全更有弹性?在这篇文章中,我们对如何提高网络弹性进行了概念性讨论。首先,我们展示了网络安全和恢复力思维是如何通过与关键基础设施的连接而共同发展的,以及由于支撑其关键社会功能的各种社会价值观,随之而来的主导技术焦点是如何不可避免地总是达不到要求的。我们认为,仅仅关注聚合系统忽略了个人如何体验和处理网络威胁的重要差异。其次,我们借鉴社会复原力和灾害管理文献中的见解,在个人和网络系统之间建立更好的联系。我们关注网络安全的两个关键方面,突出其社会性质:脆弱性和不确定性。而不是将网络安全视为“技术问题” + 人类,”我们建议将网络安全概念化为“社会问题” + 技术。”最后,我们强调了研究人员、政策制定者和从业者的三条前进道路:跨学科研究、关于一系列规范性问题的公开辩论,以及政治和政策制定中不确定性话语的必要性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Risk Research
Journal of Risk Research SOCIAL SCIENCES, INTERDISCIPLINARY-
CiteScore
12.20
自引率
5.90%
发文量
44
期刊介绍: The Journal of Risk Research is an international journal that publishes peer-reviewed theoretical and empirical research articles within the risk field from the areas of social, physical and health sciences and engineering, as well as articles related to decision making, regulation and policy issues in all disciplines. Articles will be published in English. The main aims of the Journal of Risk Research are to stimulate intellectual debate, to promote better risk management practices and to contribute to the development of risk management methodologies. Journal of Risk Research is the official journal of the Society for Risk Analysis Europe and the Society for Risk Analysis Japan.
期刊最新文献
How is counterfactual thinking integrated in organizational risk and resilience practices? Growing utopia – undoing risk through self-sufficiency and urban gardening? Improving workplace safety through mindful organizing: participative safety self-efficacy as a mediational link between collective mindfulness and employees’ safety citizenship Community flood resilience assessment of Saadi neighborhood, Shiraz, Iran Risk communication and Covid-19 through the lens of anonymous sources
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1