Incident Learning Systems: From Safety to Security

نویسندگان

  • Finn Olav Sveen
  • Jose Maria Sarriegi
  • Jose J. Gonzalez
چکیده

The complexity of modern networked systems has negative consequences in the form of intended and unintended security incidents. Information security is not the first field to grapple with such challenges. In safety, incident learning systems (ILS) have been used to control high risk environments. Many of these systems, such as NASA’s Aviation Safety Reporting System, have demonstrated considerable success while others have failed. Prior to implementing ILS in information security, it is prudent to learn from experiences gained in safety. We use System Dynamics to investigate how factors such as management commitment, incentives, recriminations and resources affect a safety incident learning system. We find that the rate of incidents is not a suitable indicator of the state of the system. An increasing or decreasing incident rate may both be caused by either increased or decreased security. Other indicators, such as the severity of incidents, should be used.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Investigation of Incident Reporting System in Iranian Hospitals: A National Survey

Background and Aims: Incident reporting is a possible alternative for learning from errors. One of the barriers in this way is a deficit in, common standards for collecting, interpreting, and presenting data. In this research accordance with Iranchr('39')s incident reporting system with minimal information Model for Patient Safety Incident Reporting Systems (MIMPS)of WHO were compared. Methods:...

متن کامل

Overcoming organizational challenges to secure knowledge management

Incident management systems have the potential to improve security dramatically but often experience problems stemming from organizational, interpersonal and social constraints that limit their effectiveness. These limits may cause underreporting of incidents, leading to erroneous perceptions of the actual safety and security situation of the organization. The true security situation may be bet...

متن کامل

Incident Reporting Systems – The Hidden Story

Incident reporting systems are often seen by the general public and governments as an absolute necessity to ensure safety. However, there is more to incident reporting systems than what one would surmise from the name. While these systems are designed to record incidents, aiming to ultimately inform the system to not make the same or similar mistake again, there is a lot behind the scenes. A ve...

متن کامل

The Application of Systems-Theoretic Accident Model and Process in the Systematic Nonlinear Analysis of Accidents in Car Industry

Background & objectives: Hundreds of methods have been introduced to analyze various events. Hence one of the effective and principle steps in accident analysis is proper and targeted selection of accident analysis method. Traditional methods of accident analysis in complex industries are not comprehensive and examine each components of the system separately. So, the use of new systematic metho...

متن کامل

Implementing the National Incident Management System as a Framework for Travel Medicine in Haiti

Introduction: For the past 7 years, a nursing school has conducted biannual medical missions in a virtually inaccessible area in Haiti. Each medical mission team provides primary care, pediatric and gynecological examinations for up to 6 days in the impoverished island nation. Methods: To improve the safety of participants engaged in this humanitarian tra...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007