Cyber security policies in crisis response: Exploring the predicament of creating safe but workable systems

Joshua Stassen*, Ali Pirannejad, Kenny Meesters

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

36 Downloads (Pure)

Abstract

As societies become more connected, the nature and response to crises are becoming increasingly complex as well. Crises can affect our societies in unpredictable ways and thus require different actors to bring information together to take appropriate actions. However, as the number and diversity of actors increases, so does the quality and variety of information systems. Especially considering the increased availability and accessibility of technologies available together, process and exchange information.
While these developments provide a high potential to improved information sharing, these options also present certain risks. Individual organizations may have measures, training, and policies in place for daily routines to mitigate these risks. During a crisis however, these measures can become a constraint, especially when sharing information in an inter-organizational and cross-boundary context. People in the crisis response team may not appreciate the risks, need to improvise, or even circumvent measures.
In this paper, we examine the increased cybersecurity risks associated with the increased use of information technologies used in and facilitating information management during a crisis response. Using a serious gaming research method we examine how, in the context of crisis response, these factors are exacerbated under the pressure of time, uncertainty and coordination challenges. From this we identify the need for increased awareness about the risks of information technologies and sharing in heterogenous stakeholder environments. Specifically, a cultural change and need for additional capacities to understand, assess, and mitigate risks involved as the number of actors, systems, and technological options keep increasing.
Original languageEnglish
Title of host publicationInformation Technology in Disaster Risk Reduction - 7th IFIP WG 5.15 International Conference, ITDRR 2022, Revised Selected Papers
EditorsTerje Gjøsæter, Jaziar Radianti, Yuko Murayama
PublisherSpringer Cham
Pages215-229
Number of pages15
Volume672
ISBN (Electronic)978-3-031-34207-3
ISBN (Print)978-3-031-34206-6
DOIs
Publication statusPublished - 29 May 2023

Publication series

NameIFIP Advances in Information and Communication Technology
Volume672

Keywords

  • Cybersecurity behavior
  • Compliance
  • Disaster information security management

Fingerprint

Dive into the research topics of 'Cyber security policies in crisis response: Exploring the predicament of creating safe but workable systems'. Together they form a unique fingerprint.

Cite this