{"title":"Risk Conductors","authors":"T. Macaulay","doi":"10.1080/10658980601051409","DOIUrl":null,"url":null,"abstract":"Abstract Akin to sound resonating through a piano wire, impacts from both physical (flood, vandalism/sabotage, explosions, pandemics, etc.) and logical (network/software/data) incidents resonate between and through enterprises and business hierarchies via “risk conductors.” There are two orders of risk conductor: Critical Infrastructure (CI) as the industrial risk conductors, and intra-organizational operational risk conductors in the form of Human Factors (HF) and Information and Communication Technology (ICT). Risk conductors, either industrial or operational, are the dispersal agents of geographically centered, physical, or logical impacts. Critical infrastructures may transmit an impact from one enterprise to another throughout an economy. Operational risk conductors—HF and ICT—transmit horizontally within an enterprise from one business unit to another, potentially amplifying internal incidents from manageable to crisis/disaster proportions. Operational risk conductors may also transmit vertically, away from the enterprise up to the client base and downwards into the supply chain, transmitting impacts to both customers and partners/suppliers. Operational risk conductors are not necessarily a new phenomena, but they have taken on considerably greater significance under the rapid convergence of information and communication assets to Internet Protocol (IP), which has catalyzed a feedback-loop between HF and ICT. As an incident typically possesses both HF and ICT impacts, HF and ICT in turn impact each other, multiplying the scope and scale of the impact. In addition to presenting a framework for understanding and managing operational risks and resiliency, this paper proposes a cause-and-effect relationship between IP convergence and the materialization of operational risk conductors.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2006-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/10658980601051409","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Social Sciences","Score":null,"Total":0}
引用次数: 3
Abstract
Abstract Akin to sound resonating through a piano wire, impacts from both physical (flood, vandalism/sabotage, explosions, pandemics, etc.) and logical (network/software/data) incidents resonate between and through enterprises and business hierarchies via “risk conductors.” There are two orders of risk conductor: Critical Infrastructure (CI) as the industrial risk conductors, and intra-organizational operational risk conductors in the form of Human Factors (HF) and Information and Communication Technology (ICT). Risk conductors, either industrial or operational, are the dispersal agents of geographically centered, physical, or logical impacts. Critical infrastructures may transmit an impact from one enterprise to another throughout an economy. Operational risk conductors—HF and ICT—transmit horizontally within an enterprise from one business unit to another, potentially amplifying internal incidents from manageable to crisis/disaster proportions. Operational risk conductors may also transmit vertically, away from the enterprise up to the client base and downwards into the supply chain, transmitting impacts to both customers and partners/suppliers. Operational risk conductors are not necessarily a new phenomena, but they have taken on considerably greater significance under the rapid convergence of information and communication assets to Internet Protocol (IP), which has catalyzed a feedback-loop between HF and ICT. As an incident typically possesses both HF and ICT impacts, HF and ICT in turn impact each other, multiplying the scope and scale of the impact. In addition to presenting a framework for understanding and managing operational risks and resiliency, this paper proposes a cause-and-effect relationship between IP convergence and the materialization of operational risk conductors.