Exploring the Security Culture of Operational Technology (OT) Organisations: The Role of External Consultancy in Overcoming Organisational Barriers

Operational Technology (OT) refers to systems that control and monitor industrial processes. Organisations that use OT can be found in many sectors, including water and energy, and often operate a nation's critical infrastructure. These organisations have been under a digitalisation process, which along with increasing regulatory pressures have necessitated changes in their cybersecurity practices. The lack of internal resources has often compelled these organisations to turn to external consultancy to enhance their security. Given the differences between OT and Information Technology (IT) security practices and that OT cybersecurity is still in its infancy, developing a security culture in OT environments remains a challenge, with little research investigating this topic. We have conducted 33 interviews with professionals with a security related role working in various OT sec-tors in the UK, on the subject of security culture development. Our analysis indicates three key organisational barriers to the development of a security culture: governance structures, lack of communication between functions, and the lack of OT cybersecurity expertise. Subsequently, the role of consultants and security solution vendors in overcoming these barriers through consultancy is demonstrated. We therefore argue that these stakeholders play a crucial part in the development of security culture in OT and conclude with recommendations for these organisations

Security Culture in Industrial Control Systems Organisations: A Literature Review

Industrial control systems (ICS) are a key element of a country’s critical infrastructure, which includes industries like energy, water, and transport. In recent years, an increased convergence of operational and information technology has been taking place in these systems, increasing their cyber risks, and making security a necessity. People are often described as one of the biggest security risks in ICS, and historic attacks have demonstrated their role in facilitating or deterring them. One approach to enhance the security of organisations using ICS is the development of a security culture aiming to positively influence employees’ security perceptions, knowledge, and ultimately, behaviours. Accordingly, this work aims to review the security culture literature in organisations which use ICS and the factors that affect it, to provide a summary of the field. We conclude that the factors which affect security culture in ICS organisations are in line with the factors discussed in the general literature, such as security policies and management support. Additional factors related to ICS, such as safety culture, are also highlighted. Gaps are identified, with the limited research coverage being the most prominent. As such, proposals for future research are offered, including the need to conduct research with employees whose roles are not security related

Using discrete Darboux polynomials to detect and determine preserved measures and integrals of rational maps

In this Letter we propose a systematic approach for detecting and calculating preserved measures and integrals of a rational map. The approach is based on the use of cofactors and Discrete Darboux Polynomials and relies on the use of symbolic algebra tools. Given sufficient computing power, all rational preserved integrals can be found. We show, in two examples, how to use this method to detect and determine preserved measures and integrals of the considered rational maps.Comment: 8 pages, 1 Figur

Attitudes towards Cypriot Greek and Standard Modern Greek in London’s Greek Cypriot community

Aim To investigate whether the positive attitudes towards Standard Modern Greek and the mixture of positive and negative attitudes towards Cypriot Greek that have been documented in Cyprus are also present in London's Greek Cypriot community. Approach Unlike previous quantitative works, the study reported in this article was qualitative and aimed at capturing the ways in which attitudes and attitude-driven practices are experienced by members of London's diasporic community. Data and Analysis Data were collected by means of semi-structured, sociolinguistic interviews with 28 members of the community. All participants were second-generation heritage speakers, successive bilinguals in Cypriot Greek and English, and successive bidialectal speakers in Cypriot Greek and Standard Modern Greek. The data were analysed qualitatively (thematic analysis). Findings – Positive perceptions of Standard Modern Greek and mixed perceptions, both positive and negative, of Cypriot Greek are found in the context of London. – As in Cyprus, Standard Modern Greek is perceived as a prestigious, proper and 'correct' variety of Greek. Cypriot Greek, in contrast, is described as a villagey, heavy and even broken variety. – Greek complementary schools play a key role in engendering these attitudes. – Unlike in Cyprus, in the London community, the use of Cypriot Greek is also discouraged in informal settings such as the home. Originality Papapavlou & Pavlou contended that "there are no signs of negative attitudes towards Cypriot Greek [in London]" (2001, p. 104). This research shows this claim to be false. Significance/Implications Negative attitudes towards Cypriot Greek lead to a community-wide preference for the use of Standard Modern Greek in communication with other members of the Greek Cypriot community, which poses a great threat to the intergenerational transmission and maintenance of Cypriot Greek as a heritage language in London

Programming Abstractions and Toolchain for Dataflow Multithreading Architectures

The need to exploit multi-core systems for parallel processing has revived the concept of dataflow. In particular, the Dataflow Multithreading architectures have proven to be good candidates for these systems. In this work we propose an abstraction layer that enables compiling and running a program written for an abstract Dataflow Multithreading architecture on different implementations. More specifically, we present a set of compiler directives that provide the programmer with the means to express most types of dependencies between code segments. In addition, we present the corresponding toolchain that transforms this code into a form that can be compiled for different implementations of the model. As a case study for this work, we present the usage of the toolchain for the TFlux and DTA architectures