Increasing stakeholder engagement in research projects through standardization activities

Purpose – This research assesses the implications of integrating standardization activities into European research projects to foster the engagement of project internal and external stakeholders and into different project stakeholder management theories. Design/methodology/approach – This paper analyzes the integration of standardization and the engagement of project internal and external stakeholders in standardization activities in a multi-case study of four European Framework Program projects and with the projects Advancing Resilience of Historic Areas Against Climate-Related and Other Hazards (ARCH) and Smart Mature Resilience (SMR) in two separate case studies more deeply. The multi-case study mainly evaluates the stakeholder participation in 10 CEN Workshop Agreements. While in the two case studies, among other things, two project surveys are used to investigate how stakeholder engagement was supported by standardization activities. Findings – The results show that standardization significantly supports stakeholder engagement and lead to a proposal on how standardization can support achieving stakeholder engagement goals in the different research project phases. Originality/value – This research provides practical information for policy-makers who support standardization as a tool for research, as well as for researchers and project managers who want to use standardization activities efficiently in research projects

Towards a resilient community: A decision support framework for prioritizing stakeholders' interaction areas

Interactions among community stakeholders act as a buffer against disasters and present a way to build community resilience. Several decision support frameworks have been proposed in the literature to improve community resilience, but none focus on interactions among stakeholders. This paper presents a decision support framework to guide decision-makers in prioritizing areas of interaction based on their mutual impact. The framework is built on three components. The first involved conducting a literature review to identify areas of interaction among community stakeholders; resulting in identifying 27 factors that reflect the various interaction areas. The second was to implement a Delphi study to capture the dependency among the different areas. The third was to prioritize the identified areas of interaction through network analysis techniques to understand the propagating impacts of a change in one area on the others. The framework was applied to Spain, utilizing data provided by Spanish resilience experts. Our findings indicate a high degree of interdependence among all areas of interaction. Decentralization of the decision-making process and effective leading capabilities of emergency organizations have been identified as top priority areas. By utilizing this framework, decision-makers can systematically enhance interactions among diverse stakeholders, creating a roadmap to improve community resilience

Systematic approach to cyber resilience operationalization in SMEs

The constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. Moreover, the traditional cybersecurity approach of protecting against known threats cannot withstand the rapidly evolving technologies and threats used by cybercriminals. This study claims that cyber resilience, a more holistic approach to cybersecurity, could help SMEs anticipate, detect, withstand, recover from and evolve after cyber incidents. However, to operationalize cyber resilience is not an easy task, and thus, the study presents a framework with a corresponding implementation order for SMEs that could help them implement cyber resilience practices. The framework is the result of using a variation of Design Science Research in which Grounded Theory was used to induce the most important actions required to implement cyber resilience and an iterative evaluation from experts to validate the actions and put them in a logical order. Therefore, this study proposes that the framework could benefit SME managers to understand cyber resilience, as well as help them start implementing it with concrete actions and an order dictated by the experience of experts. This could potentially ease cyber resilience implementation for SMEs by making them aware of what cyber resilience implies, which dimensions it includes and what actions can be implemented to increase their cyber resilience

Stalking resilience : cities as vertebrae in society’s resilience backbone

This paper presents the EU H2020 project Smart Mature Resilience, which takes advantage of the fact that many cities are committed to become increasingly resilient and have ongoing processes for urban resilience. Smart Mature Resilience develops resilience management guidelines based on a Resilience Maturity Model that engages a growing number of stakeholders and multilevel governance in order for cities to become vertebrae for society’s resilience backbone. In a dual approach, employing a systematic literature review of international resilience implementation approaches alongside group processes with experts, the Smart Mature Resilience project has developed a preliminary resilience maturity model consisting of five stages Starting, Moderate, Advanced, Robust and verTebrate (SMART) and a Systemic Risk Assessment Questionnaire. The SMART Resilience Maturity Model suggests two principal processes for the transition to resilience maturity: (1) A process of increasing engagement and collaboration with new stakeholder types, from local, to regional, to national to European in a growing resilience backbone, and (2) a process of quality improvement of policies for transitioning from a Safety-I to a Safety-II perspective (from risk assessment & mitigation to adaption to future surprises as conditions evolve)

Crisis Management Toolbox: The relevant role of Critical Infrastructures and their Dependencies

Critical Infrastructures (CIs) such as Energy, Information and Communication Technologies, Transport, etc. have become critical for society since in the last decades society’s dependency on the proper performance of CIs has increased. Recent crises such as Haitian and Japanese earthquakes (in 2010 and 2011 respectively) or Sandy hurricane (2012) have made evident this dependency. These crises have severely affected CIs and therefore, impacts on society have been aggravated. Consequently, effort on how to reduce future crises impacts with special focus on CIs and their dependencies has to be made. The main objective of crisis management is to decrease crisis impacts. Thus, in order to reduce impacts crisis managers must identify the possible impacts that can occur, how these impacts can be assessed, the causes that generate impacts and their evolution over time. The consequences that crises lead to affect society in different ways and even if some impacts are unavoidable through a proper crisis management these impacts can at least be reduced. Moreover, impacts origins have evolved as the criticality of CIs has increased. As a result of the increased dependency on CIs, a failure in any CI entails important disturbances for society. Moreover, CIs are dependent among each other and consequently when a CI fails it can affect other CIs through cascading effects. As a result, CIs have a relevant role in impact generation when a crisis strikes. In light of this situation, research on how to lessen the impacts of crises must be performed. Therefore, this research aims to reduce future crises impacts. The use of the Crisis Management Toolbox which is focused on the Relevant Role of Critical Infrastructures and their Dependencies (the CriMaCID toolbox) will help crisis managers and CI managers improving future crisis management increasing their awareness about impacts and their causes. Consequently, geographic area’s and CIs’ resilience will also be improved. In order to develop and to validate this research the collaboration of experts such as crisis managers and CI managers has been essential. Moreover, different research methods such as literature review, multiple case studies analysis, survey, simulation and interviews have been applied.Las infraestructuras críticas (ICs) como son la Energía, las Tecnologías de la Información y Comunicación, el Transporte, etc. son críticas para la sociedad ya que, en las últimas décadas, se ha incrementado la dependencia de la sociedad en su correcto funcionamiento. Recientes crisis como los terremotos de Haití y Japón (en 2010 y 2011 respectivamente) o el huracán Sandy (2012) han hecho evidente esta dependencia. Estas crisis han afectado severamente las ICs y por lo tanto, los impactos en la sociedad se han visto agravados. Por ello, se debe realizar un esfuerzo para reducir los impactos de futuras crisis con especial atención en las ICs y sus dependencias. El objetivo principal de la gestión de crisis se centra en disminuir los impactos de las crisis. Por lo tanto, con el fin de reducir los impactos los gestores de crisis debe identificar los posibles impactos que se pueden producir, deben conocer cómo se pueden gestionar estos impactos así como las causas que los generan y su evolución en el tiempo. Las consecuencias que las crisis generan afectan a la sociedad de diferentes maneras y, aunque algunos impactos son inevitables, mediante una adecuada gestión de crisis estos impactos pueden al menos reducirse. Asimismo, las causas de los impactos han evolucionado debido al incremento de la criticidad de las ICs. Como resultado del incremento de la dependencia en las ICs, el fallo de cualquier IC conlleva importantes perjuicios para la sociedad. Asimismo, las ICs son dependientes entre sí y por lo tanto cuando una IC no funciona correctamente puede afectar a otras ICs a través de efectos en cascada. Como resultado, las ICs tienen un papel relevante en la generación de impactos cuando se produce una crisis. En consecuencia, se debe investigar la forma de reducir los impactos de las crisis. Por lo tanto, esta investigación tiene como objetivo reducir los impactos de futuras crisis. El uso del conjunto de herramientas para la gestión de crisis centrado en el relevante papel de las ICs y de sus dependencias (denominado CriMaCID) ayudará a los gestores de crisis y a los gestores de ICs a mejorar la gestión de futuras crisis, incrementando su conocimiento sobre los impactos y sus causas. En consecuencia, también se mejorará la resiliencia del área geográfica y de las ICs. Con el fin de desarrollar y validar esta investigación, la colaboración de expertos, como gestores de crisis y de CIs, ha sido esencial. Asimismo, se han aplicado diferentes métodos de investigación tales como revisión de la literatura, múltiples estudios de caso, encuesta, simulación y entrevistas

Building City Resilience through Collaboration.

Nowadays, the majority of the world’s population lives in cities and, according to projections, this number will increase over the coming decades. Accelerated globalization has dramatically increased the complexity and perceived unpredictability of threats and hazards. As cities continue to grow and grapple with uncertainties, cities across the world face an increasing variety of challenges ranging from short-term disasters such as floods, droughts, and earthquakes, to long-term disasters such as climate change. In most cities, the approach to managing disasters has limited to top-down initiatives directed by disjointed departments and entities of the local government who adopted a reactive response to disasters. In this context, city stakeholders such as volunteer organizations, citizens, media, academic, educational and scientific entities, and private and public companies were informed without becoming actively involved in the resilience-building process. The capacity of a city to adapt to disasters requires a resilience approach that not only takes into consideration the contribution of each stakeholder independently but also tackles the functioning of a city in a comprehensive and holistic manner. The approach to building resilience focuses on the innate strengths of city stakeholders and the need to collaborate to maximize efforts and existing resources. Building city resilience therefore, requires analyzing the needs of the different city stakeholders and empowering them to take actions. Currently, however, frameworks that help governments to improve collaboration with city stakeholders in the resilience-building process remain undeveloped. Therefore, frameworks that help local governments to understand and assess how to engage stakeholders at the most appropriate time and in a manner that contributes to the resilience-building process need to be developed. The contribution of this research is the development of a stakeholder-collaboration maturity model. The stakeholder-collaboration maturity model defines five sequential maturity stages to help local governments to improve progressively the collaboration with city stakeholders in the resilience-building process. Each maturity stage indicates the stakeholders that need to be involved, the policies that need to be implemented, and the indicators that evaluate the implementation of the policies. The stakeholder-collaboration maturity model was developed as a result of an iterative process that included semi-structured interviews with representatives from six different cities committed to improving their level of city resilience. Furthermore, two case studies were carried out in two cities in order to implement the stakeholder-collaboration maturity model. These case studies aimed at gathering evidence of the evolution of the collaboration between the local government and city stakeholders and to validate the sequence of stages and policies presented in the maturity model. Moreover, the stakeholder-collaboration maturity model made it possible to assess the current maturity stage of the cities under study and to provide recommendations for improving collaboration with different city stakeholders

Cyber Resilience Operationalization Framework (CR-OF) for SMEs

The constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. Moreover, the risk of cyber incidents is not only due to cybercriminals but can be evoked from multiple sources such as human error, system failure, etc. In any case, the costs of these cyber incidents are high and can considerably affect SMEs. On the other hand, the traditional cybersecurity approach of protecting against known threats cannot withstand the rapidly evolving technologies and threats. In this sense, this study claims that cyber resilience, a more holistic approach to cybersecurity, could help SMEs anticipate, detect, withstand, recover from and evolve after cyber incidents. However, to operationalize cyber resilience is not an easy task since it requires technical and strategical knowledge and experience for its broad scope, holistic and multidimensional nature. Although the current literature regarding the operationalization of cyber resilience has widely covered the actions and areas of knowledge (often called policies and domains) required to operationalize cyber resilience, their prioritization and specific implementation strategies are not clear. Moreover, the differences between the actions suggested among the authors require companies to select one approach and later prioritize these actions. Therefore, it requires decision capabilities, knowledge and experience to know what is best for the company. In SMEs, this knowledge and experience might not be present since in most cases cybersecurity is not the core of their business. Therefore, this study tries to facilitate the cyber resilience operationalization process for SMEs. To achieve the goal of aiding SMEs in cyber resilience operationalization, this study presents an operationalization framework to help them prioritize the required cyber resilience policies and develop effective strategies to implement them. For this, the study presents a classification with the essential cyber resilience domains and policies required to operationalize cyber resilience in SMEs. Once these policies have been established, it also presents an implementation order for effective a cyber resilience operationalization. Moreover, the study presents example progressions for each policy in a progression model in order for companies to be able to strategize how to implement and later improve the required policies. These results are combined into a self-assessment tool and simulation models that could be used by companies in their decision-making process in order to take into account the findings of this study when operationalizing cyber resilience.El panorama de las ciberamenazas, en constante evolución, es un problema latente para las empresas actuales. Esto es especialmente cierto para las Pequeñas y Medianas Empresas (PYMEs) porque tienen recursos limitados para hacer frente a las amenazas pero, como grupo, representan un amplio mercado para que los ciberdelincuentes exploten. Además, el riesgo de incidentes cibernéticos no se debe únicamente a los ciberdelincuentes, sino que puede provenir de múltiples fuentes, como errores humanos, fallos del sistema, etc. En cualquier caso, los costes de estos ciber incidentes son elevados y pueden afectar considerablemente a las PYMEs. Por otra parte, el enfoque tradicional de ciberseguridad de protección contra las amenazas conocidas no puede resistir la rápida evolución de las tecnologías y las amenazas. En este sentido, este estudio afirma que la ciberresiliencia, un enfoque más holístico de la ciberseguridad, podría ayudar a las PYMEs a anticipar, detectar, resistir, recuperarse y evolucionar tras los ciberincidentes. Sin embargo, operacionalizar la ciberresiliencia no es una tarea fácil, ya que requiere conocimientos técnicos y estratégicos y experiencia por su amplio enfoque, su naturaleza holística y multidimensional. Aunque la literatura actual relativa a la operacionalización de la ciberresiliencia ha cubierto ampliamente las acciones y áreas de conocimiento (a menudo llamadas políticas y dominios) requeridas para operacionalizar la ciberresiliencia, su priorización y las estrategias específicas de implementación no están claras. Además, las diferencias entre las acciones sugeridas entre los distintos autores obligan a las empresas a seleccionar un enfoque y a priorizar posteriormente estas acciones. Por lo tanto, se requiere capacidad de decisión, conocimiento y experiencia para saber qué es lo mejor para la empresa. En las PYMES, estos conocimientos y experiencia pueden no estar presentes ya que en la mayoría de los casos la ciberseguridad no es el núcleo de su negocio. Por lo tanto, este estudio trata de facilitar el proceso de operacionalización de la ciberresiliencia para las PYMEs. Para lograr el objetivo de ayudar a las PYMEs en la operacionalización de la ciberresiliencia, este estudio presenta un marco de operacionalización para ayudarles a priorizar las políticas de ciberresiliencia necesarias y desarrollar estrategias efectivas para implementarlas. Para ello, el estudio presenta una clasificación con los dominios y políticas de ciberresiliencia esenciales para operacionalizar la ciberresiliencia en las PYMEs. Una vez establecidas estas políticas, también presenta un orden de implementación para una operacionalización efectiva de la ciberresiliencia. Además, el estudio presenta ejemplos de progresión para cada política en un modelo de progresión con el fin de que las empresas puedan elaborar estrategias para implementar y posteriormente mejorar las políticas requeridas. Estos resultados se combinan en una herramienta de autoevaluación y en modelos de simulación que podrían ser utilizados por las empresas en su proceso de toma de decisiones para tener en cuenta las conclusiones de este estudio a la hora de hacer operativa la ciberresiliencia

Interacción en Sistemas Hápticos Multisensoriales: Respuesta de Colisión y Mejoras de Usabilidad

Las aplicaciones de Realidad Virtual son cada vez más frecuentes en áreas como la industria o la medicina ya que pueden utilizarse como herramientas de trabajo o de aprendizaje. La necesidad actual de que estos sistemas sean cada vez más realistas obliga a introducir el sentido del tacto aumentando de forma considerable la precisión y eficiencia con la que pueden desarrollarse las tareas además de la inmersión de los usuarios en este tipo de entornos. Los dispositivos hápticos permiten al usuario interactuar con objetos del entorno virtual a través del sentido del tacto percibiendo una respuesta de fuerza a cualquier colisión con el entorno. Sin embargo, esta tecnología háptica es todavía reciente lo que no permite obtener una respuesta estable y realista en casos complejos. La presente Tesis investiga y ofrece soluciones en dos áreas fundamentales de la háptica: el cálculo de las fuerzas y pares de contacto como resultado de las acciones de los usuarios en entornos virtuales y la percepción multisensorial. La detección y respuesta de colisión en tiempo real es una tarea complicada y esencial para la efectividad de estos sistemas hápticos. Este trabajo desarrolla un método de renderizado háptico capaz de calcular una respuesta háptica estable y agradable incluso en situaciones complejas tales como las tareas de desensamblado en entornos aeronáuticos. Además, se analiza la eficacia de combinar los distintos canales sensoriales disponibles para mejorar la percepción global del sistema así como la inmersión final del usuario