Teaching Business Systems Analysis to Cyber-Security Managers: a Socio-Technical perspective
نویسندگان
چکیده
This paper reports a teaching experience of business systems analysis (BSA) to cyber-security management students. This unit places great emphasis on connecting security function to business requirements from a socio-technical (ST) perspective. Specific topics of lectures and seminars are discussed to outline the necessity of tuning and tailoring BSA content to fit the needs of contemporary security professionals. The paper shows examples of how ST theory provides a relevant theoretical background to bridge the gap between design and implementation of secure and usable business information systems. It also considers challenges facing lecturers as well as ways on how to improve the learning experience of future graduates.
منابع مشابه
A Socio-Technical Approach to Cyber Risk Management and Impact Assessment
Technology is increasingly being used by organisations to mediate social/business relationships and social/business transactions. While traditional models of impact assessment have focused on the loss of confidentiality, integrity and availability, we propose a new model based upon socio-technical systems thinking that places the people and the technology within an organisation’s business/funct...
متن کاملPreserving Compliance with Security Requirements in Socio-Technical Systems
Socio-technical systems are an interplay of social (humans and organizations) and technical components interacting with one another to achieve their objectives. Security is a central issue in such complex systems, and it cannot be tackled only through technical mechanisms: the encryption of sensitive data while being transmitted, does not assure that the receiver will not disclose them to unaut...
متن کاملHow Can We Deter Cyber Terrorism?
Jian Hua1 and Sanjay Bapna2 1School of Business and Public Administration, University of the District of Columbia, Washington, D.C., USA 2Morgan State University, Baltimore, Maryland, USA ABSTRACT In order to deter cyber terrorism, it is important to identify the terrorists, since punishment may not deter them. The identification probability relies heavily on tracking cyber terrorists. However,...
متن کاملDealing with Security Requirements for Socio-Technical Systems: A Holistic Approach
Security has been a growing concern for most large organizations, especially financial and government institutions, as security breaches in the socio-technical systems they depend on are costing billions. A major reason for these breaches is that socio-technical systems are designed in a piecemeal rather than a holistic fashion that leaves parts of a system vulnerable. To tackle this problem, w...
متن کاملIEC 60870-5-104 Protocol Security Challenges and Countermeasures Identification
Industrial control systems (ICSs) which are used in critical infrastructure and other industries mostly use various communication protocols. Most of these communication protocols have various cyber security challenges and weakness that give the attackers the opportunity to gain to their malicious intentions. In this paper, we assess IEC 60870-5-104 protocols from security perspective which is u...
متن کامل