Measures needed to integrate physical and cyber security in railways infrastructure : organization X case study
Pacelli Queiroz Felix, Wagner; Yusuf, Hussein M. (2021)
Pacelli Queiroz Felix, Wagner
Yusuf, Hussein M.
2021
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2021120323576
https://urn.fi/URN:NBN:fi:amk-2021120323576
Tiivistelmä
Technological innovations, digitalization, and the increasing adaptation of IoT components into mass transportation networks worldwide have created new so-called converged security threats for the railway industry's overall security posture. In collaboration with our thesis' partner (SAFETY4RAILS project), the primary purpose of this study is to provide solutions to enhance the security and safety of railway operations. This study aimed to highlight the measures needed to assist Organization X and its members in converging physical and cybersecurity departments to improve their ability to identify, mitigate, and protect against emerging threats.
The method used to conduct the study was an exploratory research design, a qualitative data collection approach that comprised a literature review and a semi-structured qualitative interview, and a content analysis methodology to examine the results. We chose this structure flow because it offered the most refined research methodologies for obtaining important insights linked to Organization X and its members' current needs to integrate their cyber and physical security frameworks.
The results show that there is no one-size-fits-all solution to the convergence of physical and cybersecurity. Broad guidelines are required to handle security convergence issues such as corporate security structure with siloed teams, departmental cultural differences, employees' skills gaps, and probable discrepancies between business goals and security strategy.
Based on our findings, we conclude that to design and implement successful and effective cybersecurity and physical security convergence in the railway operations of Organization X's members, the three core areas of these organizations, namely people, process, and technology, must be seamlessly integrated.
The method used to conduct the study was an exploratory research design, a qualitative data collection approach that comprised a literature review and a semi-structured qualitative interview, and a content analysis methodology to examine the results. We chose this structure flow because it offered the most refined research methodologies for obtaining important insights linked to Organization X and its members' current needs to integrate their cyber and physical security frameworks.
The results show that there is no one-size-fits-all solution to the convergence of physical and cybersecurity. Broad guidelines are required to handle security convergence issues such as corporate security structure with siloed teams, departmental cultural differences, employees' skills gaps, and probable discrepancies between business goals and security strategy.
Based on our findings, we conclude that to design and implement successful and effective cybersecurity and physical security convergence in the railway operations of Organization X's members, the three core areas of these organizations, namely people, process, and technology, must be seamlessly integrated.