IEEE Engineering Management Review

IEEE Engineering Management Review

 

Incorporating Systems Thinking Into a Cyber Resilience Maturity Model

 

VOL. 49, NO. 2, SECOND QUARTER, JUNE 2021

 

By:

AVI SHAKED Systems Engineering Research Initiative, Faculty of Engineering, Tel Aviv University, Tel Aviv-Yafo 39040, Israel

LIOR TABANSKY Blavatnik Interdisciplinary Cyber Research Center, Tel Aviv University, Tel Aviv-Yafo 39040, Israel

YORAM REICH Systems Engineering Research Initiative, Faculty of Engineering, Tel Aviv University, Tel Aviv-Yafo 39040, Israel

 

IEEE DOI 10.1109/EMR.2020.3046533

 

Achieving cyber resilient critical infrastructure poses a significant engineering management challenge. Society relies on infrastructure and services that extend beyond the managerial boundaries of a specific organizational entity, yet existing cybersecurity maturity models typically aim to assess a single organization. We offer a systems thinking approach to cyber resilience. Specifically, we relate to critical infrastructure and services in their sectoral system context, reimagining them as a system of systems. We then suggest exploring cyber resilience as a system property, with its expressions relating to the multiple dimensions of operation of the sector and to the different domains of practice. We discuss the dimensions of operation and domains of practice concepts that are embedded into a sectoral cyber resilience maturity model, which is under development. We demonstrate how these concepts frame a set of expressions that is designed to probe the sectoral design space; and propose how they may be further used as design considerations for improving the sector’s cyber resilience.

 

 

 

 

Tel Aviv University makes every effort to respect copyright. If you own copyright to the content contained
here and / or the use of such content is in your opinion infringing, Contact us as soon as possible >>
Tel Aviv University, P.O. Box 39040, Tel Aviv 6997801, Israel