Cyber Crisis Averted: Using Safety Science Principles to Learn From Success
DOI:
https://doi.org/10.59297/sfxddg82Keywords:
cyber security, safety, high-reliability organizations, accidents, crisis managementAbstract
This paper aims to bridge the gap between crisis management and cyber security research. Current research often focuses on learning from failures, neglecting insights from successful interventions. This paper advocates for expanding the focus to include lessons from what works, particularly in preventing and mitigating cyber incidents. Drawing from safety science, we propose a research agenda combining Safety-I (accident analysis) and Safety-II (adaptation) approaches. We highlight three promising research areas: 1) identifying security practices that prevent cyber crises, 2) fostering high-reliability traits in organizations to enhance foresight, 3) and examining the role of near-misses in cyber security. This approach aims to generate valuable insights for both academics and practitioners in cyber security and crisis management.
Downloads
