Cybersecurity workforce in railway: its maturity and awareness

IF 1.8 Q3 ENGINEERING, INDUSTRIAL

Journal of Quality in Maintenance Engineering Pub Date : 2020-12-18 DOI:10.1108/jqme-07-2020-0059

Ravdeep Kour, R. Karim

{"title":"Cybersecurity workforce in railway: its maturity and awareness","authors":"Ravdeep Kour, R. Karim","doi":"10.1108/jqme-07-2020-0059","DOIUrl":null,"url":null,"abstract":"PurposeThe purpose of this research paper is to evaluate and estimate the cybersecurity maturity and awareness risk for workforce management in railway transportation by using Railway-Cybersecurity Capability Maturity Model (R-C2M2) and Information Security Awareness Capability Model (ISACM), respectively.Design/methodology/approachThis research uses a case study strategy, so primary data comprise the majority of data collected. These data were collected through interviews and questionnaires. The secondary data were collected from the literature, technical reports and standards.FindingsThe results show that there is a gap in cybersecurity awareness within the workforce and there is a need to improve this gap. This paper provides some of the recommendations and literature to enhance cybersecurity workforce culture within railway organizations.Practical implicationsIn this paper, the authors have demonstrated that cybersecurity awareness has positive impact on the overall dependability of the railway system.Originality/valueThis paper describes the importance of cybersecurity awareness and training in building more cyber resiliency across the operation and maintenance of railway.","PeriodicalId":16938,"journal":{"name":"Journal of Quality in Maintenance Engineering","volume":" ","pages":""},"PeriodicalIF":1.8000,"publicationDate":"2020-12-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1108/jqme-07-2020-0059","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Quality in Maintenance Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/jqme-07-2020-0059","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, INDUSTRIAL","Score":null,"Total":0}

引用次数: 9

Abstract

PurposeThe purpose of this research paper is to evaluate and estimate the cybersecurity maturity and awareness risk for workforce management in railway transportation by using Railway-Cybersecurity Capability Maturity Model (R-C2M2) and Information Security Awareness Capability Model (ISACM), respectively.Design/methodology/approachThis research uses a case study strategy, so primary data comprise the majority of data collected. These data were collected through interviews and questionnaires. The secondary data were collected from the literature, technical reports and standards.FindingsThe results show that there is a gap in cybersecurity awareness within the workforce and there is a need to improve this gap. This paper provides some of the recommendations and literature to enhance cybersecurity workforce culture within railway organizations.Practical implicationsIn this paper, the authors have demonstrated that cybersecurity awareness has positive impact on the overall dependability of the railway system.Originality/valueThis paper describes the importance of cybersecurity awareness and training in building more cyber resiliency across the operation and maintenance of railway.

查看原文本刊更多论文

铁路网络安全工作人员的成熟度和意识

本研究的目的是利用铁路网络安全能力成熟度模型(R-C2M2)和信息安全意识能力模型(ISACM)分别对铁路运输劳动力管理的网络安全成熟度和意识风险进行评估和估计。设计/方法/方法本研究采用案例研究策略，因此主要数据包括收集的大部分数据。这些数据是通过访谈和问卷调查收集的。二次数据收集自文献、技术报告和标准。调查结果表明，员工在网络安全意识方面存在差距，需要改善这一差距。本文提供了一些建议和文献，以加强铁路组织的网络安全劳动力文化。在本文中，作者论证了网络安全意识对铁路系统整体可靠性的积极影响。原创性/价值本文描述了网络安全意识和培训在整个铁路运营和维护过程中建立更多网络弹性的重要性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Quality in Maintenance Engineering Engineering-Safety, Risk, Reliability and Quality

CiteScore

4.00

自引率

13.30%

发文量

期刊介绍： This exciting journal looks at maintenance engineering from a positive standpoint, and clarifies its recently elevatedstatus as a highly technical, scientific, and complex field. Typical areas examined include: ■Budget and control ■Equipment management ■Maintenance information systems ■Process capability and maintenance ■Process monitoring techniques ■Reliability-based maintenance ■Replacement and life cycle costs ■TQM and maintenance