228 research outputs found
A Risk Scenario for Small Businesses in Hurricane Sandy Type Disasters
This research uses a series of surveys followed by mathematical modeling to help discover risk factors, mitigating actions, and the highest return scenarios as a basis for a low-cost business continuity/disaster recovery plan. The surveys use a Delphi study format in order to rank a base list of risks and mitigating actions and to supplement those lists with ones added by the participants. Survey results are analyzed and presented back to the group for a second round of ranking and supplementing the risk/action categories. This paper describes the top ten risks and high value scenario for small business interruptions as determined by a Delphi survey of small businesses affected by Hurricane Sandy. The highest ranked risk is loss of business reputation. The research then uses Cross Impact Analysis and Interpretive Structural Modeling to determine the risk interactions and the highest valued scenario for which to prepare
Enhancing hospital planning capacity and resilience in crisis scenarios using interpretive structural modeling (ISM)
Hospitals are the critical support infrastructures. In the confrontation with natural
disasters, infectious diseases, and other crises that severely affect the supply and
demand of local medical services—and even jeopardize the hospital itself—, the
hospital needs first to secure the essential emergency functions and, secondly, to
recover from the impact as quickly as possible. Hospital resilience has numerous influencing
elements and evaluation criteria, but there are still ambiguous boundaries in their internal
influence relationships and hierarchical structures. Therefore, this study explores the
determinants and pathways of practice for strengthening hospital resilience from an internal
management perspective, applying Group Decision Making and Interpretive Structural
Modeling (ISM) to pool the knowledge and experience of experts in related fields and identify
critical variables. Based on the information collected and analyzed, a hierarchical model of
hospital resilience was established. The results and practical applicability of the model were
then validated by external experts to provide new knowledge for the development of hospital
resilience management.Os hospitais são infraestruturas críticas. No confronto com desastres naturais,
doenças infeciosas ou outras crises que afetem gravemente a oferta e a procura de
serviços médicos locais—e que até põem em risco o próprio hospital—, o hospital
precisa, em primeiro lugar, de assegurar as funções essenciais de emergência e, em
segundo lugar, de recuperar desses impactos o mais rapidamente possível. A resiliência do
hospital tem numerosos elementos de influência e critérios de avaliação, mas existem ainda
fronteiras ambíguas nas suas relações de influência interna e nas suas estruturas hierárquicas.
Neste contexto, o presente estudo explora determinantes e práticas para reforçar a resiliência
hospitalar a partir de uma perspetiva de gestão interna, aplicando métodos de tomada de decisão
de grupo e Interpretive Structural Modeling (ISM) para reunir o conhecimento e a experiência
de especialistas em áreas relacionadas e identificar variáveis críticas. Com base na informação
recolhida, foi estabelecido um modelo hierárquico de resiliência hospitalar. Os resultados e a
aplicabilidade prática do modelo foram validados por peritos externos, no sentido de fornecer
novos conhecimentos para o desenvolvimento da gestão da resiliência hospitalar
Collaborative development of a small business emergency planning model
Small businesses, which are defined by the US Small Business Administration as entities with less than 500 employees, suffer interruptions from diverse risks such as financial events, legal situations, or severe storms exemplified by Hurricane Sandy. Proper preparations can help lessen the length of the interruption and put employees and owners back to work. Large corporations generally have large budgets available for planning, business continuity, and disaster recovery. Small businesses must decide which risks are the most important and how best to mitigate those risks using minimal resources.
This research uses a series of surveys followed by mathematical modeling to help discover risk factors, mitigating actions, and the highest return scenarios as a basis for a low-cost business continuity/disaster recovery plan. The surveys use a Delphi study format in order to rank a base list of risks and mitigating actions and to supplement those lists with ones added by the participants. Survey results are analyzed and presented back to the group for a second round of ranking and supplementing the risk/action categories. After two rounds of surveys the data is presented to an expert panel to investigate how the risks interrelate. Quantifying the interrelationships is the basis for the Cross Impact Analysis model that is able to show the relative impact of one event upon another. Once the impacts are known, a series of high valued scenarios are developed using Interpretive Structural Modeling. These high valued scenarios can be used by the small businesses as a basis for a business continuity/disaster recovery plan
Modelling of the Electric Vehicle Charging Infrastructure as Cyber Physical Power Systems: A Review on Components, Standards, Vulnerabilities and Attacks
The increasing number of electric vehicles (EVs) has led to the growing need
to establish EV charging infrastructures (EVCIs) with fast charging
capabilities to reduce congestion at the EV charging stations (EVCS) and also
provide alternative solutions for EV owners without residential charging
facilities. The EV charging stations are broadly classified based on i) where
the charging equipment is located - on-board and off-board charging stations,
and ii) the type of current and power levels - AC and DC charging stations. The
DC charging stations are further classified into fast and extreme fast charging
stations. This article focuses mainly on several components that model the EVCI
as a cyberphysical system (CPS)
Cyber Infrastructure Protection: Vol. II
View the Executive SummaryIncreased reliance on the Internet and other networked systems raise the risks of cyber attacks that could harm our nation’s cyber infrastructure. The cyber infrastructure encompasses a number of sectors including: the nation’s mass transit and other transportation systems; banking and financial systems; factories; energy systems and the electric power grid; and telecommunications, which increasingly rely on a complex array of computer networks, including the public Internet. However, many of these systems and networks were not built and designed with security in mind. Therefore, our cyber infrastructure contains many holes, risks, and vulnerabilities that may enable an attacker to cause damage or disrupt cyber infrastructure operations. Threats to cyber infrastructure safety and security come from hackers, terrorists, criminal groups, and sophisticated organized crime groups; even nation-states and foreign intelligence services conduct cyber warfare. Cyber attackers can introduce new viruses, worms, and bots capable of defeating many of our efforts. Costs to the economy from these threats are huge and increasing. Government, business, and academia must therefore work together to understand the threat and develop various modes of fighting cyber attacks, and to establish and enhance a framework to assess the vulnerability of our cyber infrastructure and provide strategic policy directions for the protection of such an infrastructure. This book addresses such questions as: How serious is the cyber threat? What technical and policy-based approaches are best suited to securing telecommunications networks and information systems infrastructure security? What role will government and the private sector play in homeland defense against cyber attacks on critical civilian infrastructure, financial, and logistical systems? What legal impediments exist concerning efforts to defend the nation against cyber attacks, especially in preventive, preemptive, and retaliatory actions?https://press.armywarcollege.edu/monographs/1527/thumbnail.jp
Generating The All-Hazards Intelligence Synthesis Model In The Homeland Security Intelligence Enterprise
The United States all-hazards homeland security operational and intelligence domains are multijurisdictional, multiagency, and multidisciplinary intelligence challenges for all-hazards intelligence analysts. A common analytical conceptual framework is needed to help unify homeland security intelligence enterprise analysts who work in an all-hazards, all-source, all-crimes, and all-disciplinary intelligence environment. A unifying all-hazards intelligence synthesis model that unites intelligence analysts with the law-enforcement, cybersecurity, technology, and natural science disciplines, would benefit the homeland security and intelligence domain enterprises. The purpose of the applied research was to discover and generate an all-hazards analysis model that enables the production of risk-informed applied intelligence products in a pluralistic intelligence environment that is privacy, civil rights, and civil liberties compliant. A comprehensive literature review was conducted following the four-step collect, analyze, synthesize, and apply process. This process is derived from proven knowledge, information, and risk management programs, as well as proven intelligence analysis methodologies, for gathering information about adversarial, cyber, technological, and natural hazards and threats to social, technological, and environmental resources. The research resulted in the generation of a universal all-hazards intelligence synthesis model that may be applicable to systems safety engineering, criminal, political, military, economic, social, and medical intelligence activities
Exploring the Project Risk Management: Highlighting the Soft Side of Project Management
The majority of the approaches to managing project risk follow the logic of process groups. Project Management Institute (PMI) has 29 tools and techniques related to risk management process groups. Consequently, engineering and business schools have been accused of educating managers with sharp analytical skills but little understanding of social problems. The literature suggests that too much attention is focused on learning the techniques and formalities of risk management but not enough on the advanced issues of management. Also, the literature argues that there are two approaches to project management (hard and soft). The hard side only covers part of the managerial aspects which helps to manage foreseeable uncertainties. However, unforeseeable uncertainties need skills that related to soft side approaches such as emotional intelligence, navigating the organization’s culture, risk attitude, participative leadership style, and managing the relationship with stakeholders. This study provides an intensive review of the literature to discuss the need for integrating the hard and soft sides of management to achieve an effective risk management process. In addition, it proposes a conceptual framework that provides guidelines to enhance overall risk management efficiency
Cyber defensive capacity and capability::A perspective from the financial sector of a small state
This thesis explores ways in which the financial sectors of small states are able todefend themselves against ever-growing cyber threats, as well as ways these states can improve their cyber defense capability in order to withstand current andfuture attacks. To date, the context of small states in general is understudied. This study presents the challenges faced by financial sectors in small states with regard to withstanding cyberattacks. This study applies a mixed method approach through the use of various surveys, brainstorming sessions with financial sector focus groups, interviews with critical infrastructure stakeholders, a literature review, a comparative analysis of secondary data and a theoretical narrative review. The findings suggest that, for the Aruban financial sector, compliance is important, as with minimal drivers, precautionary behavior is significant. Countermeasures of formal, informal, and technical controls need to be in place. This study indicates the view that defending a small state such as Aruba is challenging, yet enough economic indicators indicate it not being outside the realm of possibility. On a theoretical level, this thesis proposes a conceptual “whole-of-cyber” model inspired by military science and the VSM (Viable Systems Model). The concept of fighting power components and governance S4 function form cyber defensive capacity’s shield and capability. The “whole-of-cyber” approach may be a good way to compensate for the lack of resources of small states. Collaboration may be an only out, as the fastest-growing need will be for advanced IT skillsets
- …