Abstract
While critical infrastructures have always been the most important parts of a nation’s economy, the threats that they are facing, when it comes to safety and security issues, has changed radically in the past decades owing to the rapid development of the applied technologies. Though processes are speeding up and the machinery is improving at a rapid pace the human factor seems to be the weakest link. Hence, present paper endeavours to address this very aspect of organisational safety and security, in order to call attention to its crucial role. The paper first presents the role of personnel in critical infrastructures, then enumerates traditional and more novel ways of improving the expertise and decreasing the vulnerability of the human factor. While the topic to be tackled is a complex one by nature, a simple model is also introduced, on the basis of which managers of critical infrastructures are able to make personnel decisions. Last but not least, present paper intends to call attention to the fact, that the basic processes, and the way the everyday tasks of the employees are defined may also influence the safety and security of critical infrastructures; hence the issue regarding the human factor cannot be solved solely through training and motivation, but the reorganisation of processes might also be necessary.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Department of Homeland Security (DHS): National strategy for homeland security. http://www.whitehouse.gov/homeland/book (2002). Accessed 29 Sept 2021
Brown, G., Carlyle, M., Salmerón, J., Wood, K.: Defending critical infrastructure. Interfaces. 36(6), 530–544 (2006)
Bessani, A.N., Sousa, P., Correia, M., Neves, N.F., Verissimo, P.: The CRUTIAL way of critical infrastructure protection. IEEE Secur. Priv. 6(6), 44–51 (2008)
Auerswald, P., Lewis, M.B., La Porte, T.M., Erwann, M.: The challenge of protecting critical infrastructure. Issues Sci. Technol. 22(1) (2005)
Walker-Roberts, S., Hammoudeh, M., Dehghantanha, A.: A systematic review of the availability and efficacy of countermeasures to internal threats in healthcare critical infrastructure. IEEE Access. 6, 25167–25177 (2018)
Keeney, M., Kowalski, E., Cappelli, D., Moore, A., Shimeall, T., Rogers, S.: Insider threat study: computer system sabotage in critical infrastructure sectors. National Threat Assessment Center, Washington, DC (2005)
Schein, E.H.: Organizational culture and leadership. Jossey-Bass, San Francisco (1992)
Ghafir, I., Husak, M., Prenosil, V.: A survey on intrusion detection and prevention systems. In: Proceedings of Student Conference Zvule, IEEE/UREL, p. 1014. Brno University of Technology (2014)
Svoboda, J., Ghafir, I., Prenosil, V.: Network monitoring approaches: an overview. Int. J. Adv. Comput. Netw. Secur. 5(2), 88–93 (2015)
CISA: Cybersecurity and Physical Security Convergence Guide. https://www.cisa.gov/sites/default/files/publications/Cybersecurity%20and%20Physical%20Security%20Convergence_508_01.05.2021 (2021). Accessed 29 Sept 2021
Nyikes, Z., Kovács, T.A., Tokody, D.: In situ testing of rail damages in accordance with Industry 4.0. J. Phys. Conf. Ser. (1742–6588 1742–6596). 1045, 1–6 (2018). https://doi.org/10.1088/1742-6596/1045/1/012032
Cazorla, L., Alcaraz, C., Lopez, J.: Towards automatic critical infrastructure protection through machine learning. In: Luiijf, E., Hartel, P. (eds.) Critical Information Infrastructures Security. CRITIS 2013 Lecture Notes in Computer Science, 8328. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-03964-0_18
Herath, T., Rao, H.R.: Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decis. Support Syst. 47(2), 154–165 (2009)
Kolkowska, E., Dhillon, G.: Organizational power and information security rule compliance. Comput. Secur. 33, 3–11 (2013)
Nyikes, Z.: Digital competence and the safety awareness base on the assessments results of the Middle East-European generations. Proc. Manuf. (2351–9789). 22, 916–922 (2018). https://doi.org/10.1016/j.promfg.2018.03.130
Mosier, K.L., Fischer, U.: The role of affect in naturalistic decision making. J. Cognit. Eng. Decis. Mak. 4(3), 240–255 (2010)
Kruger, H.A., Kearney, W.D.: A prototype for assessing information security awareness. Comput. Secur. 25, 289–296 (2006)
Punia, B.K., Saharan, T.: Management approach and conditions of training: a relative study of service and manufacturing industries. Vision J. Bus. Perspect. 15(3), 239–250 (2011)
Nyikes, Z.: Contemporary digital competency review. Interdiscip. Descr. Complex Syst. (1334–4684 1334–4676). 16(1), 124–131 (2018). https://doi.org/10.7906/indecs.16.1.9
Agarwal, M., Nayak, T.K., Gupta, V.P.: Employees perception towards training in IT sector. Asia Pac. Bus. Rev. 4(2), 34–41 (2008)
Spreen, T., Afonos, W., Gerrish, E.: Can employee training influence local fiscal outcomes? Am. Rev. Public Adm. 50(4–5), 401–414 (2020)
Kohn, A.: Brain science: the forgetting curve–the dirty secret of corporate training. http://www.learningsolutionsmag.com/articles/1379/brain-science-the-forgetting-curvethe-dirty-secretof-corporate-training (2014). Last accessed 29 Sept 2021
Nyikes, Z.: Creation proposal for the digital competency framework of the Middle-East European region. Key Eng. Mater. (1013–9826 1662–9795). 755, 106–111 (2017). https://doi.org/10.4028/www.scientific.net/KEM.755.106
Alexopoulos, A.N., Buckley, F.: What trust matters when: the temporal value of professional and personal trust for effective knowledge transfer. Group Org. Manag. 38(3), 361–391 (2013)
Helton, W.S., Matthews, G., Warm, J.S.: Stress state mediation between environmental variables and performance: the case of noise and vigilance. Acta Psychologica. 130(3), 204–213 (2009)
Nyikes, Z.: Information security issues of RFID. In: Szakál, A. (ed.) SAMI 2016: IEEE 14th International Symposium on Applied Machine Intelligence and Informatics 2016, pp. 111–114. IEEE, New York (2016) ISBN:9781467387392
Baker, F.R., Baker, K.L., Burrell, J.: Introducing the skills-based model of personal resilience: drawing on content and process factors to build resilience in the workplace. J. Occup. Org. Psychol. 94(2), 458–481 (2021)
Nyikes, Z., Rajnai, Z.: Big data, as part of the critical infrastructure. In: Szakál, A. (ed.) SISY 2015, IEEE 13th International Symposium on Intelligent Systems and Informatics: Proceedings, pp. 217–222. IEEE, New York (2015) ISBN:9781467393881
Kowalski-Trakofler, K.M., Vaught, C., Scharf, T.: Judgment and decision making under stress: an overview for emergency managers. Int. J. Emerg. Manag. 1(3), 278–289 (2003)
Hon, A.H.Y.: Shaping environments conductive to creativity: the role of intrinsic motivation. Cornell Hosp. Q. 53(1), 53–64 (2012)
Cavanaugh, M.A., Boswell, W.R., Roehling, M.V., Boudreau, J.W.: An empirical examination of self-reported work stress among U.S. managers. J. Appl. Psychol. 1, 65–74 (2000)
Pursiainen, C.: Critical infrastructure resilience: a Nordic model in the making? Int. J. Disaster Risk Reduct. 27, 632–641 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature B.V.
About this paper
Cite this paper
Lazányi, K., Danaj, A. (2022). Critical Threat of Critical Infrastructures: The Human Factor. In: Kovács, T.A., Nyikes, Z., Fürstner, I. (eds) Security-Related Advanced Technologies in Critical Infrastructure Protection. NATO Science for Peace and Security Series C: Environmental Security. Springer, Dordrecht. https://doi.org/10.1007/978-94-024-2174-3_1
Download citation
DOI: https://doi.org/10.1007/978-94-024-2174-3_1
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-024-2173-6
Online ISBN: 978-94-024-2174-3
eBook Packages: Physics and AstronomyPhysics and Astronomy (R0)