sesa 18(14): e5

Research Article

Human-centered strategies for cyber-physical systems security

Download1190 downloads
  • @ARTICLE{10.4108/eai.15-5-2018.154773,
        author={E.N. Ceesay and K. Myers and P.A. Watters},
        title={Human-centered strategies for cyber-physical systems security},
        journal={EAI Endorsed Transactions on Security and Safety},
        keywords={Sociotechnical systems; human factors; cyber security.},
  • E.N. Ceesay
    K. Myers
    P.A. Watters
    Year: 2018
    Human-centered strategies for cyber-physical systems security
    DOI: 10.4108/eai.15-5-2018.154773
E.N. Ceesay1,*, K. Myers2, P.A. Watters3
  • 1: Johns Hopkins University, Baltimore MD, USA
  • 2: Dalferes Enterprises, Alexandria VA, USA
  • 3: La Trobe University, Melbourne VIC, AUSTRALIA
*Contact email:


Human error contributes to information system losses. Exposure to significant risk will continue and is not effectively addressed with conventional training. Broader strategy that addresses the social system is recommended. Such strategies have been successfully developed in industrial settings to deal with workplace hazards that are functionally similar to cyber loss. Four of these strategies are reviewed and found to be relevant to the needs of the IT-enabled organization in mitigating cyber security risks. These strategies are not consistent with each other or uniformly applicable, however, and would need to be adapted to contemporary knowledge work settings and used cautiously. Long-term institutionalization and development of organizational practices pose further challenges. While a holistic, sociotechnical systems (STS) approach to cyber security requires significant effort, IT-enabled organizations, as industrial organizations before them, will realize the effort is justified.