Abstract
Organizations are highly exposed to the vulnerabilities inherent in Internet connectivity, and the exposure increases every day as cyber-attacks become more lethal. Competitiveness demands an ever-increasing presence, and therefore reliance, on all things electronic. Over the past generation, businesses, consumers and governments around the globe have moved in to cyberspace and cloud environment in order to conduct their businesses. However, criminals have identified rewards from cyberspace frauds therefore, the risks and threats have increased too which indicate that the current risk management methodologies are inefficient and fast becoming obsolete in order to assess, manage, reduce, mitigate and accept risk in real time to effectively reduce cyber incidents. For our societies to function, securing the cyber space is essential and will be an enabler with result in better use of the digital environment. In this paper a new Responsive Cyber-Physical Risk Management Framework (RECYPHR) is proposed in order to tackle the traditional shortfalls and provide a Near Real-Time (NERT) response to managing risks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Information technology –Security techniques –Information security management systems – Requirements (ISO/IEC27001:2005), English version of DIN ISO/IEC 27001:2008-09
Information technology — Security techniques —Information security management system implementation guidance IEC 27003-2010
Information technology — Security techniques —Information security management system implementation guidance, ISO/IEC 27005:2011
Risk Management – Principles and guidelines, ISO 31000:2009
Risk Management – Risk assessment techniques, IEC 31010:2009
Developing a Risk Prevention Culture in Europe, Annual Report 2002, European Agency for Safety and Health at Work, ISBN 92-9191-024-4
Railway Safety Management System Guide, Railway Safety-Transport Canada, Ottawa-Ontario, February 2001
Hessami, A.G.: Risk, a missed opportunity, risk and continuity. Int. J. Best Pract. Manag. 2(2), 17–26 (1999)
Hunter, A., Hessami, A.G.: Formalisation of weighted factors analysis. Knowl. Based Syst. 15, 377–390 (2002)
Hessami, A.G.: A systems framework for safety and security—the holistic paradigm. Syst. Eng. J. USA 7(2), 99–112 (2004)
Palmer, C.: Using IT for competitive advantage at Thomson Holidays. Long Range Plann. 21(6), 26–29 (Institute of Strategic Studies Journal. Pergamon Press, London, December 1988)
Hessami, A.: Safety assurance, a systems paradigm. Hazard Prev. J. Syst. Saf. Soc. 35(3), 8–13 (1999)
Hessami, A.: Risk management a systems paradigm. Syst. Eng. J. Int. Counc. Syst. Eng. 2(3), 156–167 (1999)
ISO/IEC15288, System Life Cycle Processes - ISO/IEC October 2002
Skyttner, L.: General Systems Theory, Ideas and Applications. World Scientific Publishing Co., Singapore (2001). ISBN 981-02-4176-3:88-89
Waring, A.E., Glendon, A.I.: Managing Risk-Critical Issues for Survival and Success into the 21st Century, pp. 70–86. International Thompson Business Press, (1998). ISBN 1-86152-167-7
Hessami, A.G.: Framework for safety, security and sustainability risk management. In: Soares, C.G. (ed.) Safety and Reliability of Industrial Products, Systems and Structures, pp. 21–31. CRC Press, Boca Raton (2010). ISBN 978-415-66392-2
Broadhurst, R., Grabosky, P.: Crime in Cyberspace: Offenders and the Role of Organized Crime Groups, Working Paper. http://ssrn.com/abstract=2211842 (2013)
EY, Cyber program management – Identifying ways to get ahead of cybercrime, Insights on governance, risk and compliance, October 2014
Johnson, J., Sung, M.C., Ma, T.: Toward Future Cyber-Security Risk Management, Lecture note, University of Southampton. http://www.southampton.ac.uk/assets/imported/transforms/peripheral-block/UsefulDownloads_Download/D90CE65EDA3747B4A8259B30E94290BD/8%20johnson-ma-sung.pdf (2012)
NCSC, Cyber Security and Risk Management – An Executive level responsibility (2013)
PwC, CSO magazine, CIO magazine, The Global State of Information Security® Survey 2014, September 2013
BS 31100, Risk Management – Code of Practice and Guidance for the Implementation of BS ISO 31000
SafeRelNet: http://maikbrehm.com/project-saferelnet.html
Jahankhani, H., Al Nemrat, A.: Cybercrime classification and characteristics. In: Cybercrime and Cyber Terrorism Investigators’ Handbook, Chap. 4. Elsevier, Amsterdam, July 2014. ISBN 978-0-12-800743-3
Jahankhani, H, Al Nemrat, A.: Cybercrime profiling and trend analysis. In: Intelligence Management: Knowledge Driven Frameworks for Combating Terrorism and Organised Crime, Chap. 12, pp. 181–195. Springer, Berlin (2011). ISBN 978-1-4471-2139-8
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Hessami, A.G., Jahankhani, H., Nkhoma, M. (2015). Responsive Cyber-Physical Risk Management (RECYPHR). In: Jahankhani, H., Carlile, A., Akhgar, B., Taal, A., Hessami, A., Hosseinian-Far, A. (eds) Global Security, Safety and Sustainability: Tomorrow's Challenges of Cyber Security. ICGS3 2015. Communications in Computer and Information Science, vol 534. Springer, Cham. https://doi.org/10.1007/978-3-319-23276-8_24
Download citation
DOI: https://doi.org/10.1007/978-3-319-23276-8_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23275-1
Online ISBN: 978-3-319-23276-8
eBook Packages: Computer ScienceComputer Science (R0)