|   | 
Details
   web
Records
Author (up) Jelle Groenendaal; Ira Helsloot
Title Why Technology Not Always Adds Value to Crisis Managers During Crisis: The Case of The Dutch Nation-Wide Crisis Management System LCMS Type Conference Article
Year 2021 Publication ISCRAM 2021 Conference Proceedings – 18th International Conference on Information Systems for Crisis Response and Management Abbreviated Journal Iscram 2021
Volume Issue Pages 936-945
Keywords Crisis, NDM, Technology, LCMS
Abstract Technology undeniably plays an important role in supporting crisis managers to respond to crisis. However, when improperly designed or used, technology can be ineffective or even be detrimental to the crisis response. Therefore, in this paper we bring together insights from the scientific literature and identify 5 principles for the design and use of technology to aid crisis managers effectively. These principles might seem trivial but there are several examples of technology used in practice that show the opposite. To illustrate this, we use as a case study the Dutch nation-wide crisis management system LCMS which is used in the Netherlands by all safety regions and other public organizations to maintain and share a common operational picture supporting large-scale crisis management collaboration. We explain why crisis evaluations and research time and again show that LCMS has failed to add value for crisis managers during crisis by using the identified principles.
Address Hague University of Applied Sciences; Radboud University Nijmegen
Corporate Author Thesis
Publisher Virginia Tech Place of Publication Blacksburg, VA (USA) Editor Anouck Adrot; Rob Grace; Kathleen Moore; Christopher W. Zobel
Language English Summary Language English Original Title
Series Editor Series Title Abbreviated Series Title
Series Volume Series Issue Edition
ISSN 978-1-949373-61-5 ISBN Medium
Track Usability and Universal Design of ICT for Emergency Management Expedition Conference 18th International Conference on Information Systems for Crisis Response and Management
Notes j.groenendaal@hhs.nl Approved no
Call Number ISCRAM @ idladmin @ Serial 2386
Share this record to Facebook
 

 
Author (up) Jelle Groenendaal; Ira Helsloot; Christian Reuter
Title Towards More Insight into Cyber Incident Response Decision Making and its Implications for Cyber Crisis Management Type Conference Article
Year 2022 Publication ISCRAM 2022 Conference Proceedings – 19th International Conference on Information Systems for Crisis Response and Management Abbreviated Journal Iscram 2022
Volume Issue Pages 1025-1036
Keywords Cyber Incident Response; Cyber Crisis Management; Naturalistic Decision-making
Abstract Organizations affected by a cyber-attack usually rely on external Cyber Incident Response (CIR) consultants to conduct investigations and mitigate the impact. These CIR consultants need to make critical decisions that could have major impact on their clients. This preliminary investigation aims to get a better understanding of CIR decision -making and answers the following questions: (1.) To what extent do experienced CIR consultants use a Recognition-Primed Decision (RPD) Making strategy during their work? (2.) What are the implications for cyber crisis management as well as for training and decision -making? To answer these questions, we conducted a literature review and interviewed six experienced CIR consultants using the Critical Decision Method. Our analysis reveals that CIR consultants recognize situations based on past experiences and apply a course of action that has worked effectively in the past. This course of action is mainly aimed at collecting and evaluating more data. This finding differs from other operational domains, such as the military and fire department, where recognition is usually followed immediately by action. For cyber crisis management, this means that crisis management teams should decide to what extent and in what ways they want to mitigate the risk of responding belatedly to cyber events, which could potentially lead to unnecessary data theft and sustained business disruption. Another implication is that crisis management teams should consider whether additional forensic investigations outweigh the expected benefits throughout the response process. For instance, if the likely entry-point of the attacker has been discovered, how much effort should be devoted to exclude other potential entry-points. Reflecting on the status-quo, several implications for training and decision making are provided.
Address Crisislab, The Netherlands; Science and Technology for Peace and Security (PEASEC), TU Darmstadt
Corporate Author Thesis
Publisher Place of Publication Tarbes, France Editor Rob Grace; Hossein Baharmand
Language English Summary Language Original Title
Series Editor Series Title Abbreviated Series Title
Series Volume Series Issue Edition
ISSN 2411-3387 ISBN 978-82-8427-099-9 Medium
Track Open Track Expedition Conference
Notes Approved no
Call Number ISCRAM @ idladmin @ Serial 2468
Share this record to Facebook