Abstract
Cyber attacks and incursions have certainly emerged as a national security issue. Globally we are seeing the effects of such attacks not only on the financial domain but also in healthcare, government and critical infrastructure (Masys in Networks and network analysis for defence and security. Springer Publishing, 2014, [19]; Masys in Sensemaking in security. Springer Publishing, 2021a, [24]). Understanding the extent of the impact of cyber incursions and attacks requires understanding the systemic cyber risks ‘…of risks spreading across interdependent systems’ (Welburn et al., in Risk Analysis: An International Journal, 2021, [39]). The World Economic Forum (2016) [36] defines Systemic cyber risk as ‘…the risk that a cyber event (attack(s) or other adverse event(s)) at an individual component of a critical infrastructure ecosystem will cause significant delay, denial, breakdown, disruption or loss, such that services are impacted not only in the originating component but consequences also cascade into related (logically and/or geographically) ecosystem components, resulting in significant adverse effects to public health or safety, economic security or national security’. Lucas et al. (Advanced Theory and Simulations, vol 1, 2018, [15]) argues that ‘…systemic risk refers to a potential collapse of a system of potentially global importance and criticality to services that humans urgently need. This dimension of a large potential threat within a complex web of interacting elements distinguishes systemic from other types of risk’. As such traditional risk management approaches are not sufficient for dealing with them IRGC (Guidelines for the governance of systemic risks. International Risk Governance Center, Lausanne, p 5, 2018, [9]). This chapter explores systemic risk across the cyber landscape through the non-traditional security lens (Masys in Handbook of security science. Springer, 2021b, [25]) and presents applications of systems thinking, scenario planning and High Reliability Security Organizations to support systemic risk awareness and management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
https://www.cisa.gov/systemic-cyber-risk-reduction.
COVID-19 has confirmed the global vulnerabilities that were repeatedly identified in high-level reports, commissions, and intelligence assessments on pandemic threats for nearly two decades prior to this pandemic. COVID-19 has underscored several truths about pandemics and revealed important shortcomings in current global and national capacities to prepare for, detect, and respond to them.
References
Barabasi, A. L. (2003). Linked. Plume, New York: Penguin Group.
Burwell, S. M., Townsend, F. F., Bollyky, J. T., Patrick, S. M. (2020). Improving pandemic preparedness lessons from COVID-19. Independent Task Force Report No. 78. https://www.cfr.org/report/pandemic-preparedness-lessons-COVID-19/pdf/TFR_Pandemic_Preparedness.pdf.
Centeno, M. A., Nag, M., Patterson, T. S., Shaver, A., & Windawi, A. J. (2015). The emergence of global systemic risk. Annual Reviewing Sociology, 41, 65–85.
ESRB. (2020, February). Systemic cyber risk. https://www.esrb.europa.eu/pub/pdf/reports/esrb.report200219_systemiccyberrisk~101a09685e.en.pdf.
Goldin, I., & Mariathasan, M. (2014). The butterfly defect: How globalization creates systemic risks, and what to do about it. Princeton University Press.
Helbing, D. (2013). Globally networked risks and how to respond. Nature, 497, 51–59.
Hollnagel, E. (2012). A tale of two Safeties. http://www.resilienthealthcare.net/A_tale_of_two_safeties.pdf.
Hynes, W., Trump, B. D., Kirman, A., Latini, C. & Linkov , I. (2021). Complexity, Interconnectedness and resilience: Why a paradigm shift in economics is needed to deal with Covid 19 and future shocks. In: I. Linkov, J. M. Keenan, B. D. Trump (Eds.), COVID-19: Systemic risk and resilience. Springer Publishing.
IRGC. (2018). Guidelines for the governance of systemic risks. Lausanne: International Risk Governance Center (IRGC).
Kaffenberger, L., & Kopp, E. (2019, September). Cyber risk scenarios, the financial system, and systemic risk assessment. Cyber Policy Initiative Working Paper Series|“Cybersecurity and the Financial System” #4.
Kroger, W., & Zio, E. (2011). Vulnerable systems. Dordrecht: Springer Publishing.
Kunreuther, H. & Useem, M. (Eds.) (2009). Learning from catastrophes: Strategies for reaction and response. Upper Saddle River, NJ: Wharton School Publishing.
Levine, S., Crosskey, A., & Abdinoor, M. (2011) System failure? Revisiting the problems of timely response to crises in the Horn of Africa. Humanitarian practice network, Overseas Development Institute.
Linkov, I., Trump, B. D., Golan, M., & Keisler, J. M. (2021). Enhancing resilience in post-COVID societies: By design or by intervention? Environmental Science & Technology, 55(8), 4202–4204.
Lucas, K., Renn, O., & Jaeger, C. (2018). Systemic risks: Theory and mathematical modeling. Advanced Theory and Simulations, 1. https://doi.org/10.1002/adts.201800051.
Masys, A. J. (2012). Black swans to grey swans-revealing the uncertainty. International Journal of Disaster Prevention and Management, 21(3), 320–335.
Masys, A. J. (2010, June). Fratricide in air operations: Opening the black box- revealing the social. Ph.D., Dissertation, University of Leicester, UK.
Masys, A. J. (2011). The emergent nature of risk as a product of heterogeneous engineering. In: S. Bennett (Ed.), Innovative thinking in risk, crisis and disaster management. London: Gower Publishing.
Masys, A. J. (2014). Critical infrastructure and vulnerability: A relational analysis through actor network theory. In: A. J. Masys (Ed.), Networks and network analysis for defence and security. Springer Publishing.
Masys, A. J. (2015) The cyber-ecosystem: Enabling resilience through the comprehensive approach. In A. J. Masys (Ed.). Disaster management: Enabling resilience. Springer Publishing.
Masys, A. J. (Ed.). (2016a). Disaster forensics: Understanding root cause and complex causality. Springer.
Masys, A. J. (Ed). (2016b). Exploring the security landscape: Non-traditional security challenges. Springer.
Masys, A. J. (2018). Designing high-reliability security organizations for the homeland security enterprise. In A. Siedschlag, & A. Jerkovic (Eds.), Homeland security cultures: Enhancing values while fostering resilience. London, New York: Rowan & Littlefield International.
Masys, A. J. (2021a). The security landscape—Systemic risks shaping non-traditional security. In A. J. Masys (Ed.), Sensemaking in security. Springer Publishing.
Masys, A. J. (2021b). Non-traditional security: A risk centric view. In A. J. Masys (Ed.), Handbook of security science. Springer.
Montasari, R., Hosseinian-Far, A., & Hill, R. (2018). Policies, innovative self-adaptive techniques and understanding psychology of cybersecurity to counter adversarial attacks in network and cyber environments. In H. Jahankhani (Ed.), Cyber criminology. Springer Publishing.
NA. (2014). 4. The transectional structure of society: The basic societal functions. Scandinavian Journal of Public Health, 42, 36–47.
Renn, O. (2021). New challenges for risk analysis: Systemic risks. Journal of Risk Research, 24(1), 127–133.
Saha, S., & Chakrabarti, S. (2021). (2021) The non-traditional security threat of COVID-19 in South Asia: An analysis of the Indian and Chinese leverage in health diplomacy. South Asian Survey, 28(1), 111–132.
Senge, P. M. (1990). The fifth discipline: The art and practice of the learning organization. London, UK: Century Business.
Spann, D. (2006). Coping with the unexpected: Integrating HRO and Agile. Cutter IT Journal, 19(2006), 32–37.
Sterman, J. D. (2000). Business dynamics: Systems thinking and modeling for a complex world. Boston: McGraw-Hill Publishing.
Toft, B., & Reynolds, S. (2005). Learning from disasters: A management approach, 3rd edn. Houndmills, UK: Palgrave Macmillan.
UNODC. (2013, February). Comprehensive study on cybercrime draft. http://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf.
Vespignani, A. (2009). Predicting the behavior of techno-social systems. Science, 325, 425–428.
WEF. (2016). Understanding systemic cyber risk. https://www3.weforum.org/docs/White_Paper_GAC_Cyber_Resilience_VERSION_2.pdf.
WEF. (2021). The global risks report. https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2021.pdf.
Weick, K. E., & Sutcliffe, K. M. (2007). Managing the unexpected: Resilient performance in an age of uncertainty (2nd ed.). California, USA: Wiley.
Welburn, J. W., & Strong, A. M. (2021). Systemic cyber risk and aggregate impacts. Risk Analysis: An International Journal. https://doi.org/10.1111/risa.13715
Xu, T., & Masys, A. J. (2016). Critical Infrastructure vulnerabilities: embracing a network mindset. In A. J. Masys (Ed.), Exploring the security landscape: Non-traditional security challenges. Springer Publishing.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Masys, A. (2022). Examining Systemic Risk in the Cyber Landscape. In: Farhadi, A., Sanders, R.P., Masys, A. (eds) The Great Power Competition Volume 3. Springer, Cham. https://doi.org/10.1007/978-3-031-04586-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-031-04586-8_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-04585-1
Online ISBN: 978-3-031-04586-8
eBook Packages: Political Science and International StudiesPolitical Science and International Studies (R0)