 The challenge of assessing strategic cyber security risk in organisations and critical infrastructureCharles Harry
Cyber Security: A Peer-Reviewed Journal, 2020, vol. 4, issue 1, 58-69 Abstract: The increasing threat of cyberattacks against systemically important institutions and critical infrastructure continues to highlight the need to improve the defence and resilience of organisations. The US government focuses its defence strategy on applying a risk-based approach to optimise the allocation of scarce resources across federal networks and promotion of best practice for critical infrastructure. This paper discusses the framing national policy and the core methodological challenges facing practitioners who seek to implement such an approach. The paper defines three key areas of fundamental challenge: 1) defining tiers, categories, and severity measures of end effect; 2) linkage of devices to organisational processes; and 3) a mechanism for connecting organisations together to analyse emergent societal effects. This approach is broadly applied to an example of commercial airline operations identifying the interconnection between key functions in the production chain that, if disrupted, lead to strategic effects in the critical infrastructure sector. Keywords: risk; critical infrastructure; cyber strategy; interdependence (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2020:v:4:i:1:p:58-69 Access Statistics for this article More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.