Responding Cyber-Attacks and Managing Cyber Security Crises in Critical Infrastructures: a Sociotechnical Perspective

Abstract

With the increasing use of digital assets, Critical Infrastructures (CIs) become more vulnerable to cyber threats. From cyber-attacks targeting Industrial Control Systems (ICS) to ransomware operations, CIs face increased disruptions that necessitate the implementation of sound cyber security crisis management strategies. Concerning cyberspace's sui generis peculiarities, cyber security crises introduce new challenges for crisis decision-making, sense-making, or crisis termination efforts. In that respect, relying exclusively on technical solutions would not be adequate for implementing efficient cyber security crisis management plans. In this vein, the thrust of this chapter is that the CIs are complex Sociotechnical Systems (STSs), and effective cyber security crisis management strategies require simultaneous orchestration of human-centric and technical solutions. To this end, CIs should increase their preparedness level for cyber security crises by re-considering their crisis decision-making strategies, leadership structures, and organizational cultures, which continuous crisis simulations and training can strengthen. © 2024 Elsevier Inc. All rights reserved.