In case of a major cyber incident, organizations usually rely on external providers of Cyber Incident Response (CIR) services. CIR consultants operate in a dynamic and constantly changing environment in which they must actively engage in information management and problem solving while adapting to complex circumstances. In this challenging environment CIR consultants need to make critical decisions about what to advise clients that are impacted by a major cyber incident. Despite its relevance, CIR decision making is an understudied topic. The objective of this preliminary investigation is therefore to understand what decision-making strategies experienced CIR consultants use during challenging incidents and to offer suggestions for training and decision-aiding. A general understanding of operational decision making under pressure, uncertainty, and high stakes was established by reviewing the body of knowledge known as Naturalistic Decision Making (NDM). The general conclusion of NDM research is that experts usually make adequate decisions based on (fast) recognition of the situation and applying the most obvious (default) response pattern that has worked in similar situations in the past. In exceptional situations, however, this way of recognition-primed decision-making results in suboptimal decisions as experts are likely to miss conflicting cues once the situation is quickly recognized under pressure. Understanding the default response pattern and the rare occasions in which this response pattern could be ineffective is therefore key for improving and aiding cyber incident response decision making. Therefore, we interviewed six experienced CIR consultants and used the critical decision method (CDM) to learn how they made decisions under challenging conditions. The main conclusion is that the default response pattern for CIR consultants during cyber breaches is to reduce uncertainty as much as possible by gathering and investigating data and thus delay decision making about eradication until the investigation is completed. According to the respondents, this strategy usually works well and provides the most assurance that the threat actor can be completely removed from the network. However, the majority of respondents could recall at least one case in which this strategy (in hindsight) resulted in unnecessary theft of data or damage. Interestingly, this finding is strikingly different from other operational decision-making domains such as the military, police and fire service in which there is a general tendency to act rapidly instead of searching for more information. The main advice is that training and decision aiding of (novice) cyber incident responders should be aimed at the following: (a) make cyber incident responders aware of how recognition-primed decision making works; (b) discuss the default response strategy that typically works well in several scenarios; (c) explain the exception and how the exception can be recognized; (d) provide alternative response strategies that work better in exceptional situations.
DOCUMENT
Objective: To construct the underlying value structure of shared decision making (SDM) models. Method: We included previously identified SDM models (n = 40) and 15 additional ones. Using a thematic analysis, we coded the data using Schwartz’s value theory to define values in SDM and to investigate value relations. Results: We identified and defined eight values and developed three themes based on their relations: shared control, a safe and supportive environment, and decisions tailored to patients. We constructed a value structure based on the value relations and themes: the interplay of healthcare professionals’ (HCPs) and patients’ skills [Achievement], support for a patient [Benevolence], and a good relationship between HCP and patient [Security] all facilitate patients’ autonomy [Self-Direction]. These values enable a more balanced relationship between HCP and patient and tailored decision making [Universalism]. Conclusion: SDM can be realized by an interplay of values. The values Benevolence and Security deserve more explicit attention, and may especially increase vulnerable patients’ Self-Direction. Practice implications: This value structure enables a comparison of values underlying SDM with those of specific populations, facilitating the incorporation of patients’ values into treatment decision making. It may also inform the development of SDM measures, interventions, education programs, and HCPs when practicing.
DOCUMENT
During the past two decades the implementation and adoption of information technology has rapidly increased. As a consequence the way businesses operate has changed dramatically. For example, the amount of data has grown exponentially. Companies are looking for ways to use this data to add value to their business. This has implications for the manner in which (financial) governance needs to be organized. The main purpose of this study is to obtain insight in the changing role of controllers in order to add value to the business by means of data analytics. To answer the research question a literature study was performed to establish a theoretical foundation concerning data analytics and its potential use. Second, nineteen interviews were conducted with controllers, data scientists and academics in the financial domain. Thirdly, a focus group with experts was organized in which additional data were gathered. Based on the literature study and the participants responses it is clear that the challenge of the data explosion consist of converting data into information, knowledge and meaningful insights to support decision-making processes. Performing data analyses enables the controller to support rational decision making to complement the intuitive decision making by (senior) management. In this way, the controller has the opportunity to be in the lead of the information provision within an organization. However, controllers need to have more advanced data science and statistic competences to be able to provide management with effective analysis. Specifically, we found that an important skill regarding statistics is the visualization and communication of statistical analysis. This is needed for controllers in order to grow in their role as business partner..
DOCUMENT
Developing a framework that integrates Advanced Language Models into the qualitative research process.Qualitative research, vital for understanding complex phenomena, is often limited by labour-intensive data collection, transcription, and analysis processes. This hinders scalability, accessibility, and efficiency in both academic and industry contexts. As a result, insights are often delayed or incomplete, impacting decision-making, policy development, and innovation. The lack of tools to enhance accuracy and reduce human error exacerbates these challenges, particularly for projects requiring large datasets or quick iterations. Addressing these inefficiencies through AI-driven solutions like AIDA can empower researchers, enhance outcomes, and make qualitative research more inclusive, impactful, and efficient.The AIDA project enhances qualitative research by integrating AI technologies to streamline transcription, coding, and analysis processes. This innovation enables researchers to analyse larger datasets with greater efficiency and accuracy, providing faster and more comprehensive insights. By reducing manual effort and human error, AIDA empowers organisations to make informed decisions and implement evidence-based policies more effectively. Its scalability supports diverse societal and industry applications, from healthcare to market research, fostering innovation and addressing complex challenges. Ultimately, AIDA contributes to improving research quality, accessibility, and societal relevance, driving advancements across multiple sectors.
The traffic safety of cyclists is under pressure. The number of fatalities and injuries is increasing, and the number of single-bicycle accidents is on the rise. However, from a traffic safety perspective, the most concerning trend is the growing number of incidents between motorized vehicles and cyclists. In addition to infrastructural solutions, such as more segregated and wider bike lanes, both industry and government are exploring technological developments to better safeguard cyclist safety. One of the technological solutions being considered is the use of C-V2X communication. C-V2X, Cellular Vehicle-to-X, is a technology that enables short-range signal exchanges between road users, informing them of each other's presence. C-V2X can be used, for example, to alert drivers via dedicated in-car information systems about the presence of cyclists on the road (e.g. at crossings). Although the technology and chipsets have been developed, the application of C-V2X to improve cyclist safety has not yet been thoroughly investigated. Therefore, HAN, Gazelle, and ARK Infomotives are researching the impact of C-V2X (on cyclist safety). Using advanced simulations with a digital twin in an urban environment and rural environment, the study will analyze how drivers respond to cyclist presence signals and determine the maximum penetration rate of ‘connected’ cyclists. Based on this, a pilot study will be conducted in a controlled environment on HAN terrain to validate the direction of the simulation results. The project aligns with the Missiegedreven Innovatiebeleid and the KIA Sleuteltechnologieën, specifically within application of digital and information technologies. This proposal aligns with the innovation domain of Semiconductor Technologies by applying advanced sensor and digital connectivity solutions to enhance cyclist safety. The project fits within the theme of Sleuteltechnologieën en Duurzame Materialen of the strategic research agenda of the VH by utilizing digital connectivity, sensor fusion, and data-driven decision-making for safer mobility solutions.
The energy transition is a highly complex technical and societal challenge, coping with e.g. existing ownership situations, intrusive retrofit measures, slow decision-making processes and uneven value distribution. Large scale retrofitting activities insulating multiple buildings at once is urgently needed to reach the climate targets but the decision-making of retrofitting in buildings with shared ownership is challenging. Each owner is accountable for his own energy bill (and footprint), giving a limited action scope. This has led to a fragmented response to the energy retrofitting challenge with negligible levels of building energy efficiency improvements conducted by multiple actors. Aggregating the energy design process on a building level would allow more systemic decisions to happen and offer the access to alternative types of funding for owners. “Collect Your Retrofits” intends to design a generic and collective retrofit approach in the challenging context of monumental areas. As there are no standardised approaches to conduct historical building energy retrofits, solutions are tailor-made, making the process expensive and unattractive for owners. The project will develop this approach under real conditions of two communities: a self-organised “woongroep” and a “VvE” in the historic centre of Amsterdam. Retrofit designs will be identified based on energy performance, carbon emissions, comfort and costs so that a prioritisation strategy can be drawn. Instead of each owner investing into their own energy retrofitting, the neighbourhood will invest into the most impactful measures and ensure that the generated economic value is retained locally in order to make further sustainable investments and thus accelerating the transition of the area to a CO2-neutral environment.
