Organisational Cybersecurity for Cyber-Physical Systems
Cybersecurity is a critical element of digital resilience and to successfully enhance digital resilience a holistic approach is necessary. This is a consequence of cybersecurity being a socio-technical challenge shaped by the interaction of technology, people, organisational processes, and governance. Too often efforts for enhancing digital resilience result in the development and implementation of technical solutions; however, technical solutions are most successful and efficient for organisations when considered in the context of the people, processes, and governance they will end up integrating with. For clarity, and to signify our socio-technical approach, we use the term ‘organisational resilience’ to encapsulate our different approach.
Broadly, our research targets the advancement of organisational resilience in organisations with cyber-physical systems, and to achieve this we collaborate with several Critical National Infrastructure (CNI) sectors: civil nuclear, energy, and transport. We focus our research on the intersection of the areas of people, processes, technology, and governance and our main research areas can be summarised by the following themes:
- Organisational processes, this looks at the development of culture and practices but also how these can influence the adoption or lack of adoption of technology,
- People, where we focus on how we integrate new technologies, such as AI and Digital Twins, into existing process and develop trust between the new technologies and the people and organisations that will use them, and
- Governance, which examines the wider institutional landscape and how this affects organisational practices. A particular focus of this work is the comparison of existing guidelines and standards around cyber incident response, with an emphasis on how these can be improved, and how they influence organisational processes and actions of employees.
Additionally, within this context, we work with our partners on the development and integration of newer technologies for enabling resilience, primarily Digital Twins and AI:
- The cybersecurity of Digital Twins (virtual models mirroring real-world systems) is a key focus of our research. We examine how diverse stakeholders collaborate to define cybersecurity requirements, the challenges that arise in practice, and how these issues scale from individual DTs to interconnected DT ecosystems, with a particular focus on decarbonised transport contexts.
- Cybersecurity tools with AI will provide significant benefits to enabling resilience and improving organisational efficiencies, however, only if they are developed with the end users (people and organisations) in mind. Therefore, we explore the extent to which tasks can be automated, and where automation and autonomy can practically be increased whilst still ensuring digital resilience, and what factors influence how these decisions about the extent of automation are made. We conduct research to understand how organisational and employee trust can be developed in order to ensure such technology is able to be deployed, but also that it is then operating effectively, as over and under-trust in AI are both problematic. This research area compliments the technical areas of the Glasgow Cyber Defence Lab’s research in anomaly detection, data provenance, and forensics.
Publications