The human factor: Addressing computing risks for critical national infrastructure towards 2040

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-04-30 DOI:10.1016/j.cose.2025.104524

Charles Weir , Cecilia Loureiro-Koechlin , Lucy Hunt , Louise Dennis

引用次数: 0

Abstract

The authors conducted a UK-based future study employing the Delphi method to explore the impact of emerging computing technologies on Critical National Infrastructure (CNI). The study engaged 22 domain experts specializing in software, cybersecurity, and CNI, whose roles all include forecasting technological trends and challenges. The findings propose making Internet Services a CNI sector, and suggested the weightiest concern to be human-centric challenges around the recovery from software disasters and cyberattacks. Other major concerns also related to human factors, such as attacks via operators, and errors stemming from poorly designed human-computer interfaces. The suggested mitigation strategies therefore concentrate on human-centred approaches. Key recommendations include promoting human-focused cyber resilience, and using legislation, regulation and standards to help establish it in CNI organizations.

查看原文本刊更多论文

人为因素：面向2040年解决关键国家基础设施的计算风险

作者进行了一项基于英国的未来研究，采用德尔菲方法探讨新兴计算技术对关键国家基础设施（CNI）的影响。这项研究邀请了22位专门从事软件、网络安全和CNI的领域专家，他们的角色都包括预测技术趋势和挑战。调查结果建议将互联网服务作为CNI部门，并建议最重要的关注是围绕从软件灾难和网络攻击中恢复的以人为中心的挑战。其他主要的担忧也与人为因素有关，比如操作人员的攻击，以及由设计不良的人机界面引起的错误。因此，建议的缓解战略侧重于以人为本的办法。主要建议包括促进以人为本的网络弹性，并利用立法、法规和标准帮助在CNI组织中建立这种弹性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.