Organising for IT Effectiveness, Efficiency and Cyber Resilience in the Academic Sector: National and Regional Dimensions
Publication Type:Journal Article
Source:Information & Security: An International Journal, Volume 42, p.49-66 (2019)
Keywords:consolidation, coordination, cyber resilience, governance model, network governance, regional cooperation
This article presents an architecture and analysis of the change management aspects of security in public administration, developed as part of a study of best practices in the management of IT organisations with emphasis on effectiveness, efficiency and cyber resilience. The analysis served as a basis for defining a model of academic support to cyber resilience. The implementation envisions use of the BEST environment (Basic/budget Environment for Simulation and Training), which was initially developed for the crisis management domain and later adapted to support organisational and human risks analysis in the cyber domain in research and training activities on cyber resilience. This environment is used for PESTEL analysis of the cyber environment to identify a model for resilience from organisational and human perspective and to support SWOT assessment of the possible implementation paths in order to select the most suitable among all qualified solutions and provide training of the personnel involved. Regional aspects of cyber resilience are addressed in the context of the NATO/EU framework, limited to the academic area. Finally, the article addresses organisational and human aspects and presents a concept of an Academic CERT Association at national level and the possibilities to use it as a model for a regional network.