Litcius/Paper detail

Incorporating Systems Thinking Into a Cyber Resilience Maturity Model

Avi Shaked, Lior Tabansky, Yoram Reich

2020IEEE Engineering Management Review21 citationsDOI

Abstract

Achieving cyber resilient critical infrastructure poses a significant engineering management challenge. Society relies on infrastructure and services that extend beyond the managerial boundaries of a specific organizational entity, yet existing cybersecurity maturity models typically aim to assess a single organization. We offer a systems thinking approach to cyber resilience. Specifically, we relate to critical infrastructure and services in their sectoral system context, reimagining them as a system of systems. We then suggest exploring cyber resilience as a system property, with its expressions relating to the multiple dimensions of operation of the sector and to the different domains of practice. We discuss the dimensions of operation and domains of practice concepts that are embedded into a sectoral cyber resilience maturity model, which is under development. We demonstrate how these concepts frame a set of expressions that is designed to probe the sectoral design space; and propose how they may be further used as design considerations for improving the sector's cyber resilience.

Topics & Concepts

Resilience (materials science)Maturity (psychological)Critical infrastructureContext (archaeology)Capability Maturity ModelComputer scienceCyber SpaceSet (abstract data type)Knowledge managementCyber-physical systemFrame (networking)Space (punctuation)Process managementComputer securityEngineeringTelecommunicationsGeographyPolitical sciencePhysicsWorld Wide WebOperating systemThermodynamicsProgramming languageThe InternetArchaeologyLawSoftwareSystems Engineering Methodologies and ApplicationsInformation and Cyber SecurityCybersecurity and Cyber Warfare Studies