Enhancing safety management
HOF regulations, standards and tools

Human Performance
HOF in practice
Home 9 HOFs in practice 9 Category: HOF in Cybersecurity

HOF in Cybersecurity

About this topic

Introduction 

As the world utilises more digital assets the risk of cyber breaches increases, and the importance of effective cyber security arrangements becomes more important. For example, the UK Chartered Institute of Ergonomics and Human Factors (CIEHF) cites that the financial consequence of cyber breaches is $945 billion worldwide, coupled with damage to reputation, customer dissatisfaction, confidence, and possible litigation.

Relevance to rail 

The railways are increasingly developing and applying digital and automated technologies. This means the risk of a cyber breach increases as does the need for effective cyber security arrangements.

Typically, cyber security arrangements focus on technological engineering, such as firewalls, systems to detect attacks, harmful or phishing emails for example. Understanding the role humans play in these and developing cyber security systems that support human behaviour and decision making can improve their effectiveness.

Approaches and models 

Studies by Cybint Solutions (2020) and Cyber Safe (2019) indicate 90% to 95% of cyber breaches are due to human error. However, this is not the full picture. The CIEHF suggests focusing on human error and insider threat (e.g. violations for personal gain) distracts from the organisational and system failures contributing to risk taking behaviours and human errors. Moreover, they suggest that understanding human strengths and limitations and designing systems to support human behaviour and decision making is a key aspect of effective cyber security. The diagram above sets out the different human and organisational factors that can affect cyber security.

Risky behaviours tend to lead to errors or violations, which in turn can cause a cyber breach. These risky behaviours are often significantly influenced by a combination of individual, job and workplace and organisational factors as illustrated in the diagram. Understanding and addressing these factors can help to improve existing and future cyber security arrangements.

Further reading on this topic can be found on the CIEHF website (www.ergonomics.org.uk)

• Chartered Institute of Ergonomics and Human Factors: Human Affected Cyber Security Framework (2022)
• Chartered Institute of Ergonomics and Human Factors: The role of human factors in delivering cyber security (2022)

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Join us

Are you interested in HOF?

 

 

Do you want to learn about Human & Organisational Factors? Safety culture, non-technical skills, health and safety, more?

Join us on this international and diverse network which captures in one place the valuable and enriching information and material, either academic or practical railways-oriented, on the organizational and human factors that you need.

 

 

 

 

Are you involved in HOF activities?

You want to learn about Human & Organisational Factors? Safety culture, non-technical skills, health and safety, more? 
Join us on this international and transversal network which capitalizes the valuable and enriching information and material, either academic nor Railways oriented, on the organizational and human factors that you need. 

Are you an HOF expert?

Are you a Rail Human and Organisational factors expert, a Rail Safety expert, a Railway Head of safety, or other? This space is made for you. Here, you have access to confidential information and can even create or participate in a discussion forum to initiate conversations and exchanges with your peers.